create a whitelist.cfg file in the apps root directory and include a DeviceID per line, this is the last value written out by beamgun when it reports a lock. example: USB\VID_XXXX&PID_XXXX&MI_XX\XXXXXXXXXXXXXXXXXXXXXXXX HID\VID_XXXX&PID_XXXXX&MI_XX&COLXX\XXXXXXXXXXXXXXXXX
Building from source
Simply clone the repository:
git clone firstname.lastname@example.org:JLospinoso/beamgun.git
Beamgun.sln and build. The installer can be found in the
bin directory of the
Check out these two blog posts for more information:
Beamgun's homepage is jlospinoso.github.io/beamgun/.
Beamgun will run with low-user and elevated privileges (i.e. as administrator), but it will ask for the highest privileges that the logged in user has. When running without administrator privileges, you will be unable to (a) disable network adapters, and (b) disable USB mass storage. This is a feature of Windows security, not a design choice! Thanks to @AlexIljin for pointing this out.
If a network adapter has already been installed on your computer, Beamgun will not alert on its insertion. This has to do with the way Beamgun registers with Windows Management Instrumentation for alerts; it only subscribes to notifications of new
Win32_NetworkAdapters. When an already-installed network adapter is inserted, it generates a
Win32_PnPEntity instance (which Beamgun doesn't currently subscribe to). The upshot of this is, when testing Beamgun, you'll need to uninstall the network adapter you are testing in between tests. From a user perspective, this should be expected behavior; if I've already permitted a particular network adapter once, it's probably not a rogue adapter!
BeamgunInstaller-0.2.0.msi | BeamgunApp-0.2.0.zip: Major overhaul to alerting mechanism, reimplemented using WMI. Added USB storage disable. Added detection for LAN Turtles. Replaced autorun with Windows Task for elevation.
2172 downloads (as of 3/3/2018)
- Security Now! Episode 589: Q&A 244 Show notes here.
- ISC StormCast for Friday, December 2nd 2016
- Information Security News, Northwestern University
- Sans Newsbites, Volume XVIII, Issue #95
Please report any bugs you find (both feature- and security-related!) right here on Github.