[klyrs]

Speculation: It's possible to produce keyboard and mouse inputs, and also present as a storage device -- autorun isn't even necessary (though spurious inputs would be quite visible to somebody using the computer and something like a mirrored mouse, custom keyboard layout / shortcuts could foil this)

[daffy]

That would only work on a known operating system and window manager with known keyboard shortcuts, unless a terminal is already focused.

[janekm]

In theory, you could fingerprint the host OS first and then run the appropriate commands (of course more tricky with more custom Linux setups, does CTRL+ALT+Fn still work to get to a text console?): https://www.cise.ufl.edu/~butler/pubs/sadfe11.pdf

[daffy]

Yeah, I was thinking of custom window-manager setups. You can usually get a tty console by ctrl-meta-f1 etc., but that wouldn't help, since you'd have to enter a password. I suppose an advanced version could try different combinations and test each by entering a command that would be detected by the stick.

[InitialLastName]

One of Atmel's USB-capable microcontrollers had a HID Keyboard example program that when you pressed a button (on a Windows host) would start Notepad (via the run command) and type "Hello, I'm an Atmel SAMXXXX".

Great bit of example code, but opens a world of possibilities for what you could do with, say, a HID + Mass Storage composite device.

[Jaruzel]

On Windows, it's just 'Win+R 'CMD' [Enter]' and you have a terminal/console. Presumably, if the agents were monitoring the perp properly, they would know what OS they would be targeting.

I type the above SO often every day, it should be on my gravestone. :D