Security Pwnd Blaster: Hacking your PC using your speaker without ever touching it

The Helper

The Helper

Necromancy Power over 9000
Staff member
Reaction score
1,936
In my last post, I talked about reverse engineering my new Creative Sound Blaster Katana V2X's firmware.

What initially started as simply wanting to write a Linux tool for communicating with my speaker ended up with me discovering vulnerabilities which allow any attacker within a ~15M range of any Katana V2X to turn it into a covert spying tool and Rubber Ducky - all without ever having to pair with or physically touch the device.

CTprotocol background

As I explained in my previous post, the Katana V2X is a USB-connected PC sound bar. Being USB-connected, Creative has an app which allows you to change the settings of the speaker - the DSP, the LED configuration, the output source, and so on.

To do this, they use a custom protocol called CTP (short for Creative Transport Protocol would be my guess). Basically, it seems to be a fairly simple proprietary protocol for sending various commands and reading the responses to that. I won't go into much detail here, but if you're interested, I described how it works in my last post.
blog.nns.ee

Pwnd Blaster: Hacking your PC using your speaker without ever touching it | nns.ee

Abusing an unauthenticated Bluetooth protocol to turn a PC speaker into a Rubber Ducky.
blog.nns.ee blog.nns.ee
 
You must log in or register to reply here.
General chit-chat
Help Users
  • No one is chatting at the moment.
  • Varine Varine:
    Or even third party. Like if you don't have an original one in a functional condition, you cannot play this game properly. Like yeah the keyboard mods exist, but I think those are BARELY functional
  • Varine Varine:
    And since almost all of my programming experience is with defunct shit now, I figure my best place is helping preserve legacy stuff. Which I don't know how to do necessarily, but I need some kind of a hobby and figuring out how older things worked is the only shit that really interests me. Well soldering and restoration is fun too, but no one is bringing me new stuff to fix and restore, so it's mostly old shit, and I LOVE OG Xbox so much. I want to make sure it can function as long as possible, until someone can effectively emulate it at least. I have like 15 I was going to fix over the winter and didn't get to.
     +1
  • Varine Varine:
    I also have a couple OG gameboys, but idk if I can do that without like, manufacturing new parts that no one makes anymore and I can't do that right now
  • tom_mai78101 tom_mai78101:
    Currently in the middle of getting the probate process going. We're doing the informal probate process.
     +3
  • Varine Varine:
    A probate is usually done with a will, yes? If so I am sorry for your loss
     +1
  • The Helper The Helper:
    Yeah Tom, me too sorry for your loss buddy my mom told me she finds out her olds friend died from Google searching them. She had not talked to one of her old friends in a year and found out she died from Google. Also another one in the same session. RIP all of them my sincere condolences Tom
     +1
  • Varine Varine:
    We have some elderly guests that regularly come hang out at the bar at the end of the night, and every once in a while we don't see someone for a few weeks and then someone shows up with their obituary.
  • Varine Varine:
    We usually let them do their memorials there in the morning if they want to and I'll make them some snacks and drinks. There was one guy named Tom that came in like every night and would sit by himself and get a bunch of soup and a glass of wine. idk why but he LOVED our fucking soup, like he would order a fucking quart of it at a time and would always get so sad when we stop doing it for the summer.
     +1
  • Varine Varine:
    But he also loved our calamari, which is another thing I hate but it sells super well so I can't change it. There was one day he came in and was asking me how to make it, because he tried to at home once in the off season when we stop running it and he really wanted it lol
  • Varine Varine:
    I think he's one of the only people I've made recipes for for free because he really wanted a broccoli cheddar, and it was like dude I don't have a recipe, it's just whatever I have, but here, this is how you do it
  • Varine Varine:
    I don't think he ever figured out how to do the calamari in a pan though, like idk how to do that either. He was afraid of the at home deep fryers though and it's like yeah, that's fair, I am too
  • Varine Varine:
    He was just such a sweet old man, we had two servers pregnant and they held a baby shower together, he was soooooo fucking excited to get to see a baby. Unfortunately he died a month or so before they were born
  • The Helper The Helper:
    So I decided to Google some people that I had not seen or heard from in a while and sure enough one of my old best friends, we had a falling out years ago but whatever, find out he died of Pancreatic Cancer in January. I have also lost a few of my closer acquaintances from growing up the last year. Getting old - people die - I kinda thought it was going to be this way a few years ago....
     +2
  • The Helper The Helper:
    Forum running super slow again
  • Ghan Ghan:
    Not really clear from the stats as to what is causing the slowness.
  • Ghan Ghan:
    We get a lot of guest traffic so it may just be the load is getting too high and not from any particular source.
  • Ghan Ghan:
    Looks like the server is maxed out on CPU.
  • Ghan Ghan:
    Oh it looks like a lot of the traffic is Silkroad Forums. That domain isn't protected by Cloudflare.
  • Ghan Ghan:
    But the old Silkroad site is still on its own server. I just had a test site set up on this server for it.
  • Ghan Ghan:
    I just disabled that test site. Let's see if that helps the load.
  • Ghan Ghan:
    Looks much better already.
  • The Helper The Helper:
    I had actually forgot about the Silkroad site. I had asked
  • The Helper The Helper:
    SD Ryoko about it and he said the couple of people left on there really like it, that was a few years ago, maybe I should check back
  • jonas jonas:
    I guess when you're getting old, and the last day of soup season draws near, you start wondering
  • jonas jonas:
    will I make it to the start of the next season? or was this the last time I'll ever have my favorite dish?

      The Helper Discord

      Members online

      No members online now.
      Online now:
      330 (members: 0, guests: 330)

      Share this page

      Affiliates

      Hive Workshop NUON Dome World Editor Tutorials
      Top