Uncategorized

USB Reverse Engineering: A Universal Guide

USB Reverse Engineering: A Universal Guide
by: Ben James
May 25, 2018

[Glenn ‘devalias’ Grant] is a self-proclaimed regular rabbit hole diver and is conscious that, between forays into specific topics, short-term knowledge and state of mind can be lost. This time, whilst exploring reverse engineering USB devices, [Glenn] captured the best resources, information and tools – for his future self as well as others. His guide is impressively comprehensive, and covers all the necessary areas in hardware and software.[…]

USB Reverse Engineering: A Universal Guide

 

Standard
Uncategorized

The Evil Mouse Project

Conclusion: Never trust USB devices (and not only storage devices…)

https://blog.rootshell.be/2018/05/22/evil-mouse-project/

The Evil Mouse

Standard
Uncategorized

Bad Ducky: Rubber Ducky compatible clone based on CJMCU BadUSB HW

The below articles point to related tools, besides the Hak5 Rubber Ducky.

https://github.com/mharjac/bad_ducky

https://www.kitploit.com/2018/04/bad-ducky-rubber-ducky-compatible-clone.html

https://www.digitalmunition.me/2018/04/bad-ducky-rubber-ducky-compatible-clone-based-cjmcu-badusb-hw/

See-also:

https://ducktoolkit.com/viewscript/all/

https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads

USB Rubber Ducky

 

Standard
Uncategorized

MalDuino: Arduino-based BadUSB

MalDuino — Open Source BadUSB

https://www.indiegogo.com/projects/malduino-badusb-arduino-usb#/

MalDuino is an arduino-powered USB device which has keyboard injection capabilities. Once plugged in, MalDuino acts as a keyboard, typing commands at superhuman speeds. What’s the point? You could gain a reverse shell, change the desktop wallpaper, anything is possible. For penetration testers, hobbyists and pranksters the MalDuino will serve you well!

MalDuino — Open Source BadUSB

 

Standard
Uncategorized

USB Killer 2.0

As reported by Toms Hardware and other news sources, a new company in Hong Kong is selling a USB-frying unit called “USB Killer 2.0”, and a “USB Killer Test Shield”.

http://www.tomshardware.com/news/usb-killer-2.0-power-surge-attack,32669.html
https://www.usbkill.com/usb-killer/8-usb-killer.html
https://www.usbkill.com/blog/usb-kill-behind-the-scenes-b40.html

“Temporarily Out of Stock.”

Standard
Uncategorized

USBee

Dan goodin has an article on Ars about some BadUSB-like malware:

Meet USBee, the malware that uses USB drives to covertly jump airgaps

In 2013, a document leaked by former National Security Agency contractor Edward Snowden illustrated how a specially modified USB device allowed spies to surreptitiously siphon data out of targeted computers, even when they were physically severed from the Internet or other networks. Now, researchers have developed software that goes a step further by turning unmodified USB devices into covert transmitters that can funnel large amounts of information out of similarly “air-gapped” PCs. The USBee—so named because it behaves like a bee that flies through the air taking bits from one place to another—is in many respects a significant improvement over the NSA-developed USB exfiltrator known as CottonMouth. That tool had to be outfitted with a hardware implant in advance and then required someone to smuggle it into the facility housing the locked-down computer being targeted. USBee, by contrast, turns USB devices already inside the targeted facility into a transmitter with no hardware modification required at all. “We introduce a software-only method for short-range data exfiltration using electromagnetic emissions from a USB dongle,” researchers from Israel’s Ben-Gurion University wrote in a research paper published Monday. “Unlike other methods, our method doesn’t require any [radio frequency] transmitting hardware since it uses the USB’s internal data bus.”
[…]

http://cyber.bgu.ac.il/t/USBee.pdf

http://arstechnica.com/security/2016/08/meet-usbee-the-malware-that-uses-usb-drives-to-covertly-jump-airgaps/

 

Standard