]> gitweb.fluxo.info Git - badusb-switcher.git/commitdiff
projects / badusb-switcher.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 245914c)
Fixes BadUSB mitigation
authorSilvio Rhatto <rhatto@riseup.net>
Thu, 16 Jul 2015 15:34:08 +0000 (12:34 -0300)
committerSilvio Rhatto <rhatto@riseup.net>
Thu, 16 Jul 2015 15:34:08 +0000 (12:34 -0300)
usb-disable patch | blob | history
usb-enable [changed from file to symlink] patch | blob | history
usb-status [changed from file to symlink] patch | blob | history

diff --git a/usb-disable b/usb-disable
index cc4525ec0012878f1d4ae87ded58a760fa4b45fa..5268256c42665b156d2742e541900cbae6713911 100755 (executable)
--- a/usb-disable
+++ b/usb-disable
@@ -2,16 +2,34 @@
 #
 # USB hotplug switcher.
 # See https://links.sarava.org/tags/badusb
+#     https://www.kernel.org/doc/Documentation/usb/authorization.txt
 #
 
 # Parameters
 BASENAME="`basename $0`"
 
+# Set hotplug state
+function usb_set_state {
+  echo "Applying at /sys/module/usbcore/parameters/authorized_default..."
+  sudo su -c "echo $1 > /sys/module/usbcore/parameters/authorized_default"
+
+  for bus in /sys/bus/usb/devices/usb*; do
+    echo "Applying at ${bus}/authorized_default..."
+    sudo su -c "echo $1 > ${bus}/authorized_default"
+  done
+}
+
 # Dispatch
 if [ "$BASENAME" == 'usb-enable' ]; then
-  sudo su -c "echo '-1' > /sys/module/usbcore/parameters/authorized_default"
+  usb_set_state 1
 elif [ "$BASENAME" == 'usb-disable' ]; then
-  sudo su -c "echo '0' > /sys/module/usbcore/parameters/authorized_default"
+  usb_set_state 0
 elif [ "$BASENAME" == 'usb-status' ]; then
-  cat /sys/module/usbcore/parameters/authorized_default
+  status="`cat /sys/module/usbcore/parameters/authorized_default`"
+
+  if [ "$status" == "0" ]; then
+    echo "Hotplug disabled."
+  elif [ "$status" == "1" ]; then
+    echo "Hotplug enabled."
+  fi
 fi
diff --git a/usb-enable b/usb-enable
deleted file mode 100755 (executable)
index cc4525ec0012878f1d4ae87ded58a760fa4b45fa..0000000000000000000000000000000000000000
--- a/usb-enable
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/bin/bash
-#
-# USB hotplug switcher.
-# See https://links.sarava.org/tags/badusb
-#
-
-# Parameters
-BASENAME="`basename $0`"
-
-# Dispatch
-if [ "$BASENAME" == 'usb-enable' ]; then
-  sudo su -c "echo '-1' > /sys/module/usbcore/parameters/authorized_default"
-elif [ "$BASENAME" == 'usb-disable' ]; then
-  sudo su -c "echo '0' > /sys/module/usbcore/parameters/authorized_default"
-elif [ "$BASENAME" == 'usb-status' ]; then
-  cat /sys/module/usbcore/parameters/authorized_default
-fi
diff --git a/usb-enable b/usb-enable
new file mode 120000 (symlink)
index 0000000000000000000000000000000000000000..f54f446ff6d3a5253ab6b992d7a5d97cff092ea0
--- /dev/null
+++ b/usb-enable
@@ -0,0 +1 @@
+usb-disable
\ No newline at end of file
diff --git a/usb-status b/usb-status
deleted file mode 100755 (executable)
index cc4525ec0012878f1d4ae87ded58a760fa4b45fa..0000000000000000000000000000000000000000
--- a/usb-status
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/bin/bash
-#
-# USB hotplug switcher.
-# See https://links.sarava.org/tags/badusb
-#
-
-# Parameters
-BASENAME="`basename $0`"
-
-# Dispatch
-if [ "$BASENAME" == 'usb-enable' ]; then
-  sudo su -c "echo '-1' > /sys/module/usbcore/parameters/authorized_default"
-elif [ "$BASENAME" == 'usb-disable' ]; then
-  sudo su -c "echo '0' > /sys/module/usbcore/parameters/authorized_default"
-elif [ "$BASENAME" == 'usb-status' ]; then
-  cat /sys/module/usbcore/parameters/authorized_default
-fi
diff --git a/usb-status b/usb-status
new file mode 120000 (symlink)
index 0000000000000000000000000000000000000000..f54f446ff6d3a5253ab6b992d7a5d97cff092ea0
--- /dev/null
+++ b/usb-status
@@ -0,0 +1 @@
+usb-disable
\ No newline at end of file
BadUSB Hotplug Switcher