I want to ask you about some specifications in the project I'm diving into, which is related to the BadUSB kind of attacks.
A reprogrammable device like USB stick can show itself like a HID device and load into it every sort of payload which will be able to process keystrokes and go on with a specific attack.
This "exploit" makes use of the USB protocols that is a polling one. I mean that the host ask to a device (when it's connected) which type of device is it, and the device responds by saying it's type, so the host will load the correct drive to make his requests processed. OFC if I change a stick into a HID the driver loaded from the OS will be the kind of HID.
Now my question is: to defend from this I was thinking about denying the requests coming from an address rappresent a device (HID in this case) if there is just another same class device connected, this could underline that the 2nd one is maybe a malicious one.
My problem comes here, I'd like to know if it possible that with high skills of reprogramming firmware if this one can be able to "spoof" the address of the first and trusted HID device and use it as it's own to make itself trustable!
