Demonstration of exfiltrating data from a physically unmodified TP-Link TL-WR841N router running DD-WRT via rapidly blinking LED. The LED is modulated at a rate undetectable to the human eye.
The payload is a cross-compiled application loaded onto the device with known administrator credentials, but shows what could be done if malicious code were injected into the system.
The receiver circuitry is my open source OpticSpy Analog hardware, which receives, amplifies, and processes the transmissions from the LED and converts them to a TTL-level signal suitable for connection to a PC.
Details and resources available from:
http://www.grandideastudio.com/portfolio/optical-covert-channels/
There is intentionally no speaking during this video.
6 Comments