USB attacks need physical access right? Not any more…
Historically USB bugs have required physical access so that a rogue device can be inserted into the target system to trigger a vulnerability by supplying malicious data, often within a USB protocol descriptor. This paper provides step-by-step instructions, showing how to remotely trigger a Windows-based USB bug by using a combination of open source hardware, open source software and new functionality provided by Microsoft RDP server.