Safety researcher and software program engineer Andrey Konovalov has taught an outdated canine new tips, turning a Lenovo ThinkPad laptop computer right into a device for emulating the USB system of his alternative — by taking part in round with the Extensible Gadget Controller Interface (xDCI) controller.

“I discovered a approach to flip my ThinkPad X1 Carbon sixth Gen. laptop computer right into a programmable USB system by enabling the xDCI controller,” Konovalov explains. “Consequently, the laptop computer can now be used to emulate arbitrary USB gadgets reminiscent of keyboards or storage drives. Or to fuzz USB hosts with the assistance of Uncooked Gadget and syzkaller. Or to even run Facedancer with the assistance of the Uncooked Gadget–primarily based backend. And do all this with none exterior {hardware}.”

Having an easily-portable device to do all of that’s useful, but it surely wasn’t precisely a plug-and-play operation. “The journey of enabling xDCI included fidgeting with Linux kernel drivers, xHCI, DWC3, ACPI, BIOS/UEFI, Boot Guard, TPM, NVRAM, PCH, PMC, PSF, IOSF, and P2SB,” Konovalov says, “and making a customized USB cable.”

The Extensible Gadget Controller Interface (xDCI), Intel’s implementation of a USB 3.0 Gadget Controller, permits one thing that may usually function as a USB Host — on this case, a ThinkPad laptop computer — to behave as a USB Gadget as a substitute. In Konovalov’s laptop computer the xDCI controller is current however disabled, with no possibility within the UEFI configuration to allow it. Looking out by a firmware dump revealed the setting was current, however hidden — so Konovalov changed the motherboard’s SPI flash with a socketed model, offering a simple approach to experiment.

With a modified firmware, the UEFI configuration supplied entry to a previously-hidden “Intel Superior Menu” with xDCI assist. Konovalov then booted into Linux and flipped a port into USB Gadget mode — determining which bodily port it was by plugging a USB stick into every till discovering the one that did not work. With a hand-made USB Sort-A to Sort-A cable, that port may then be linked to a different laptop computer and configured to emulate nearly any USB system.

“The subsequent factor I wished to check was Uncooked Gadget,” Konovalov writes, referring to a kernel module designed for larger flexibility in USB emulation. “Working Uncooked Gadget with xDCI for the primary time was very thrilling, as my need to work on Uncooked Gadget on my laptop computer with out exterior {hardware} was what conceived this venture.” With a small patch, Uncooked Gadget labored too —as did syzkaller, a Uncooked Gadget-based device for “fuzzing” USB — sending sudden information to see what occurs. Facedancer, a Python USB emulation framework, additionally proved suitable.

“I believe enabling xDCI must also be attainable on different PCs,” Konovalov says of the venture’s broader applicability. “Within the easiest case, this is likely to be as straightforward as turning on xDCI in BIOS settings. This could simply work if there’s correct ACPI and role-switching assist and the xDCI-enabled port is wired to the exterior casing. I additionally imagine it must be attainable to allow xDCI purely through software program. Although I didn’t do it by reconfiguring PCH, there are different approaches.”

Konovalov’s full write-up is obtainable on his web site.