diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2015-07-16 12:34:08 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2015-07-16 12:34:08 -0300 |
| commit | 9cc4ae694bab02694511c588bd4e68743accf0ed (patch) | |
| tree | cbdd04cac1c46328b475e59e31c638d9b5cbcee4 /usb-disable | |
| parent | 245914ce083785cc72b1c0b63309e743cf1ddd52 (diff) | |
| download | badusb-switcher-9cc4ae694bab02694511c588bd4e68743accf0ed.tar.gz badusb-switcher-9cc4ae694bab02694511c588bd4e68743accf0ed.tar.bz2 | |
Fixes BadUSB mitigation
Diffstat (limited to 'usb-disable')
| -rwxr-xr-x | usb-disable | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/usb-disable b/usb-disable index cc4525e..5268256 100755 --- a/usb-disable +++ b/usb-disable @@ -2,16 +2,34 @@ # # USB hotplug switcher. # See https://links.sarava.org/tags/badusb +# https://www.kernel.org/doc/Documentation/usb/authorization.txt # # Parameters BASENAME="`basename $0`" +# Set hotplug state +function usb_set_state { + echo "Applying at /sys/module/usbcore/parameters/authorized_default..." + sudo su -c "echo $1 > /sys/module/usbcore/parameters/authorized_default" + + for bus in /sys/bus/usb/devices/usb*; do + echo "Applying at ${bus}/authorized_default..." + sudo su -c "echo $1 > ${bus}/authorized_default" + done +} + # Dispatch if [ "$BASENAME" == 'usb-enable' ]; then - sudo su -c "echo '-1' > /sys/module/usbcore/parameters/authorized_default" + usb_set_state 1 elif [ "$BASENAME" == 'usb-disable' ]; then - sudo su -c "echo '0' > /sys/module/usbcore/parameters/authorized_default" + usb_set_state 0 elif [ "$BASENAME" == 'usb-status' ]; then - cat /sys/module/usbcore/parameters/authorized_default + status="`cat /sys/module/usbcore/parameters/authorized_default`" + + if [ "$status" == "0" ]; then + echo "Hotplug disabled." + elif [ "$status" == "1" ]; then + echo "Hotplug enabled." + fi fi |