Recently My_Ouzo posted a detailed tutorial on WonderHowTo’s Null-Byte, on how to make your own BadUSB. Excerpt from introduction:

Recently a guy asked how to make your own “Bad USB” and I promised to make a how-to on this topic soon. In addition it would be nice to have something related on our wonderhowto world. So here it is! Most common USB flash drives are exploitable due to the “Bad USB vulnerability”. This allows us hackers to reprogram the microcontroller of them to act as a “Human Interface Device” (HID) / keyboard and perform custom keystrokes on our target machine. This scenario is often called “HID Payload Attack”, since you have to hand over your script to the Bad USB for the execution ( more on that later ). Even though almost every USB flash drive is exploitable, only a way to reprogram “Phison” microcontrollers has been released yet. In this tutorial we are going to determine the microcontroller of your usb flash drive, compile the source code published in github for the tools we need and move over to building a custom firmware with an embedded HID payload and turning our harmless usb flash drive into a malicious keyboard designed to help us accomplishing the compromise of our victim machine.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s