Bad Ducky: Rubber Ducky compatible clone based on CJMCU BadUSB HW

The below articles point to related tools, besides the Hak5 Rubber Ducky.







USB Rubber Ducky



MalDuino: Arduino-based BadUSB

MalDuino — Open Source BadUSB


MalDuino is an arduino-powered USB device which has keyboard injection capabilities. Once plugged in, MalDuino acts as a keyboard, typing commands at superhuman speeds. What’s the point? You could gain a reverse shell, change the desktop wallpaper, anything is possible. For penetration testers, hobbyists and pranksters the MalDuino will serve you well!

MalDuino — Open Source BadUSB



USB Killer 2.0

As reported by Toms Hardware and other news sources, a new company in Hong Kong is selling a USB-frying unit called “USB Killer 2.0”, and a “USB Killer Test Shield”.


“Temporarily Out of Stock.”



Dan goodin has an article on Ars about some BadUSB-like malware:

Meet USBee, the malware that uses USB drives to covertly jump airgaps

In 2013, a document leaked by former National Security Agency contractor Edward Snowden illustrated how a specially modified USB device allowed spies to surreptitiously siphon data out of targeted computers, even when they were physically severed from the Internet or other networks. Now, researchers have developed software that goes a step further by turning unmodified USB devices into covert transmitters that can funnel large amounts of information out of similarly “air-gapped” PCs. The USBee—so named because it behaves like a bee that flies through the air taking bits from one place to another—is in many respects a significant improvement over the NSA-developed USB exfiltrator known as CottonMouth. That tool had to be outfitted with a hardware implant in advance and then required someone to smuggle it into the facility housing the locked-down computer being targeted. USBee, by contrast, turns USB devices already inside the targeted facility into a transmitter with no hardware modification required at all. “We introduce a software-only method for short-range data exfiltration using electromagnetic emissions from a USB dongle,” researchers from Israel’s Ben-Gurion University wrote in a research paper published Monday. “Unlike other methods, our method doesn’t require any [radio frequency] transmitting hardware since it uses the USB’s internal data bus.”





BadUSB 2.0

BadUSB 2.0 USB MITM POC: The advanced uses and capabilities of rogue USB hardware implants for use in cyber espionage activities is still very much an unknown quantity in the industry. Security professionals are in considerable need of tools capable of exploring the threat landscape, and generating awareness in this area. BadUSB2, is a tool capable of compromising USB fixed-line communications through an active man-in-the-middle attack. It is able to achieve the same results as hardware keyloggers, keyboard emulation, and BadUSB hardware implants. Furthermore, BadUSB2 introduces new techniques to defeat keyboard-based one-time-password systems, automatically replay user credentials, as well as acquiring an interactive command shell over USB. […] So how is this any different from existing USB hardware implants like the Rubber Ducky, or keyloggers. Firstly, the devices I’ve seen can only achieve one or two attack classes such as eavesdropping or message fabrication. BadUSB2 can eavesdrop, replay, modify, fabricate, exfiltrate data and BadUSB in one device. Furthermore, when combining these attack classes really interesting attack scenarios begin to surface. Secondly, keyboard emulation devices register as an additional USB device making them easy to detect and block, i.e. why do I now have two keyboards attached!? Yes, such devices can be easily detected and blocked. The same can be said of BadUSB, it often needs to register as a secondary USB device to perform a malicious task. BadUSB2 is an INLINE hardware implant giving it the stealth of a hardware keylogger but far more capabilities as mentioned above. Finally, (law of 3’s), just cos. […] This project builds on the USB-MITM architecture introduced by Rijnard van Tonder and Herman Engelbrecht in their paper titled, “Lowering the USB Fuzzing Barrier by Transparent Two-Way Emulation”. A special thanks to Rijnard for such a brilliant idea. […]



USB Type-C authentication protocol: defense against bad cables

The USB-IF has developed a cryptographic-based authentication protocol to help protect from bad USB Type-C cables!