No internet connection
  1. Home
  2. General

How to disable Virtual Media in TinyPilot Pro?

By DJ @BEO_or_Bust2021-06-08 14:55:34.375Z

Hi! Been using the community edition for a while now and decided to take the plunge to the Pro version for some added security for upcoming travel. The device I am using this on has some strict limitations on USB drives in terms of "Don't ever plug one in" and "Remember that one guy, ya he's fired for plugging a flash drive into these computers". It's a weird company to say the least...

So I'm sensitive to device names and what appears when using this software. I noticed when I updated to Pro there is now a USB drive appearing as available, but of 0/unknown size. For my instance I'd like to disable this drive from appearing at all if possible, or a minimum rename it something benign like "Mouse" or "Receiver". Any help is appreciated and otherwise really enjoying this software.

Solved in post #2, click to view
  • 4 replies
  1. Michael Lynch @michael2021-06-08 19:15:10.148Z2021-06-09 20:56:45.559Z

    To preface, TinyPilot isn't designed to evade detection from the target system. I can give guidance that adjusts some ways that TinyPilot presents itself to the target system, but just take into account that any changes meant to evade detection are at the user's discretion and not something I can make guarantees about. I just don't want anyone getting fired over TinyPilot.

    That said, TinyPilot's USB interface to the target system is defined in the file /opt/tinypilot-privileged/init-usb-gadget. In particular, these lines uniquely identify the device as a TinyPilot.

    echo "6b65796d696d6570690" > "${STRINGS_DIR}/serialnumber"
    echo "tinypilot" > "${STRINGS_DIR}/manufacturer"
    ...
    readonly INQUIRY_STRING='        TinyPilot           '
    

    You can edit the file with sudo nano /opt/tinypilot-privileged/init-usb-gadget and then run sudo service usb-gadget restart to reload the new contents.

    If you want to disable the virtual USB drive functionality, you can delete these lines:

    # Mass Storage
    # See here for more info:
    # - https://www.kernel.org/doc/html/latest/usb/mass-storage.html
    ...all the way to...
    echo "${INQUIRY_STRING}" > "${MASS_STORAGE_FUNCTIONS_DIR}/lun.0/inquiry_string"
    

    and this line:

    ln -s "$MASS_STORAGE_FUNCTIONS_DIR" "${CONFIGS_DIR}/"
    

    Note that if you update TinyPilot, the updater will overwrite this file back to the official version.

    ReplySolution
    1. BDJ @BEO_or_Bust2021-06-08 21:45:53.468Z

      Hey Michael,
      Completely agree with you here, and this is not meant to evade, rather work within existing IT policies. I'm doing some testing of this for some of our remote users that can't have USB Storage devices attached to their non-admin workstations but they want to remotely connect/reboot these machines for various reasons where a IP/KVM looks like it makes the most sense. HTTPS and Password logins are on the list of most desired, but the Virtual Media not so much if it can be avoided so we don't need amend this policy. I'll take a look through what you recommended and see how it works on our end. Overall I have to say I am really impressed with this little package and can't wait to see where you go with it.

      1. In reply tomichael:
        BDJ @BEO_or_Bust2021-06-09 19:28:05.289Z2021-06-09 20:08:07.347Z

        Hey Michael,
        Took a crack at disabling that portion of the init-usb-gadget file and I was getting errors after saving my changes. Found I needed to delete line 154 as well and from that make sure the file saved back in the same format. Else I think this is working and I still have the pro features without the USB device appearing. Thanks again for the help Michael!

        1. Michael Lynch @michael2021-06-09 20:57:18.068Z

          Oh, you're right. I forgot about that line. I've updated the previous post for posterity in case others run into the same thing. Glad to hear it's working!