Hello, what is the config file to set up the network transfer of files, I saw in usbsas-net/src/uploader.rs some reference to http but I would like to know if it is possible to use sftp for the transfer (if yes, I can try to do the modification myself if you tell me where to do them, my first suggestion can be to set up a directory on the machine that is syncronized with the sftp server and use the local transfer to this directory)

Hello, when I try to transfer a file to the local storage, the process stops before reaching 100% with the message : “Run error: io error: execution error: Cmd failed”.

Where does it come from and do you have an idea on how to fix that?

At the beginning, the first page tells us to insert the Source USB device,

once inserted, this message disappears and it tells us to insert the Destination USB device. The problem is that this message does not disappear and in French it is (I think) above the buttons which are therefore not clickable.

Then once the selection of files to transfer has been made, if you are in a directory with several files or sub-directories (side navigation bar present) the "cancel" and "start copying" buttons do not appear or are too low (in French and in English).

To overcome the problem, I go to the system directory of the key which contains only two files and there I can access the buttons.

Sorry for my english which is not perfect

Bonjour,

je rencontre un problème à l'installation avec ClamAv: Compiling clamav-rs v0.5.5 (https://github.com/losynix/clamav-rs?branch=c_cha r_i8#e80c4a0e) error[E0308]: mismatched types --> /root/.cargo/git/checkouts/clamav-rs-8b0568cf506f30f8/e80c4a0/src/error.r s:23:47 | 23 | let ptr = clamav_sys::cl_strerror(self.code); | ----------------------- ^^^^^^^^^ expected cl_error _t, found i32 | | | arguments to this function are incorrect | note: function defined here --> /home/olivier/usbsas/target/release/build/clamav-sys-b15cf930fc94104f/out /bindings.rs:305:12 | 305 | pub fn cl_strerror(clerror: cl_error_t) -> *const ::std::os::raw::c... | ^^^^^^^^^^^

For more information about this error, try rustc --explain E0308. error: could not compile clamav-rs (lib) due to previous error warning: build failed, waiting for other jobs to finish...

Il y'a t-il quelque chose a faire?

Cordialement,

I've been testing the solution for several weeks now, and I've noticed something about clamav's antivirus scanning. When I perform a USB to USB scan, clamav intervenes before depositing the file(s) on the target USB key. In the case of a USB to hard disk scan, there is no verification.

I've searched the documentation as well as inspecting the toml configuration files, and I haven't seen anything that explicitly shows how to activate the same functionality that is used with USB to USB.

Is this a deliberate choice on the part of the solution? Is it possible to activate this feature? If so, how? Could this be a bug in the way I've compiled the solution ?

I'd also like to ask if it's possible to have "servers" that only scan and "clients" that send their data to these same servers to validate the status of the files scanned by the clients. It seems to me that this is possible :

[analyzer] url = "http://127.0.0.1:8042/api/scanbundle"

According to the documentation and in the configuration files, by changing the local IP to private or public

Thanks in advance for your answers 😀️

Hi everyone,

I loved your presentation during SSTIC 2022!

Would you mind sharing the procedure to create a USB drive for exploit the mass-storage-based TOCTTOU attack? I read carefully the article 'Read It Twice! A mass-storage-based TOCTTOU attack' and slides from Collin Mulliner and Benjamin Michéle without finding anything relevant for that.

My main goal is to do a demo to my colleague and making awareness inside my company about USB attacks. If you can't or don't want to provide such details publicly, I'll be happy to continue discussion on Twitter.

Also, did you implented a way to protect against

• Such attack on your physical kiosk?
• USB Killer devices?

Regards, WikiJM

Hi, If I configure POST_COPY, the client no longer loads. (looping wait animation).

[post_copy] description = "Archive transfer" command_bin = "/bin/cp" command_args = [ "%SOURCE_FILE%" "/home/olivier/USBSAS/BCKP/" ]

Do I need to configure anything else?

Bumps ntfs from 0.3.1 to 0.4.0.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Is it possible to add at the end of the transfer a report file that induces the list of transferred files, as well as the antivirus used with the update date of the virus list?

Bumps positioned-io from 0.2.2 to 0.3.0.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Bumps udev from 26955cd to 68c1fe3.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Hello, I have a few hid problems with the latest version of usbsas (kiosk installation on a debian 12 no desktop env.) :

• When I boot the machine I first get a debian login screen (where I can't write anything hopefully) and it stays a few seconds before we can see the usbsas interface.
• In the usbsas interface I have an issue with the mouse, such as when I stop moving the mouse even for a a very short time, the mouse goes back to the center of the screen which is problematic as it make difficult to click on button because we usually stop the mouse over them. Sometimes the issue is completely blocking the use of the mouse and unplugging and plugging the mouse again reduce the intensity of the bug but whithout fixing it.

Bonjour,

Lorsque config.toml est paramétré de manière à déterminer un port USB source et un port USB de destination afin de permettre le transfert de données, un problème a été identifié avec certains périphériques. En effet, le périphérique de destination n’est pas monté dans certains cas comme lors de l’usage des périphériques ayant comme descripteur les information ci-dessous. Support 1 : idVendor 0x090c Silicon Motion, Inc. - Taiwan (formerly Feiya Technology Corp.) idProduct 0x1000 Flash Drive bcdDevice 11.00 iManufacturer 1 USB iProduct 2 Flash Disk iSerial 3 U16-C220313 Support 2 : idVendor 0x090c Silicon Motion, Inc. - Taiwan (formerly Feiya Technology Corp.) idProduct 0x1000 Flash Drive bcdDevice 11.00 iManufacturer 1 USB iProduct 2 Flash Disk iSerial 3 U16-C220303

Par contre, lorsque config.toml n’est pas paramétré de manière à bloquer la source et la destination, les deux périphériques montent sans problème.

Bonjour,

Dans le cadre de tests réalisés depuis la version 0.1.5, le kiosque ne fait pas toujours de retour à l’écran lors d’une détection de fichiers malveillants. Il réalise ce retour uniquement lorsqu’il y a un unique fichier malveillant candidat au transfert. À noter, l’analyse est effectuée par une solution indépendante (service déporté), ce comportement est également observé si utilisation de l’analyzer-server fourni de base. Voici les deux cas testés et largement reproductibles :

• 1er cas : À partir d’une source contenant plusieurs fichiers à analyser, dont Eicar, le transfert est réalisé vers le support de sortie sans aucun retour à l’écran. Néanmoins, Eicar n’est pas transféré et est bien indiqué comme DIRTY dans le JSON du rapport.
• 2nd cas : À partir d’une source contenant juste Eicar, l’analyse s’arrête avec un retour d’information à l’écran indiquant le non du fichier malveillant sans rien écrire sur le support de sortie.

Pour les deux cas présentés, s’agit-il d’un comportement normal du kiosque ? Pour le 1er cas, pourquoi l’usager n’a pas de retour à l’écran concernant le fichier non transféré ? Pour le 2nd cas, pourquoi le kiosque n’écrit pas le rapport sur le support de sortie et arrête tout simplement le traitement.

Merci pour votre retour.