What is it?
It’s a USB device, connects to a host computer as a HID device (keyboard or mouse, or both), and per-programmed payload can be sent to the host computer.This is really a security issue. Watch this video:
There are pre-made BadUSB devices you can purchase on the net, or DIY using Arduino, RPi and other micro-controllers. I decided to make one as an experiment, not for hacking. It's for automation and remote controlling that doesn’t require any S/W on the target machine.
I used RPi zero W, set up to be HID keyboard and mouse. Connect this device to target machine’s USB port, and the host computer will recognize it as Keyboard and mouse. I can send commands to RPi, then RPi will send key strokes or mouse movements to the host computer.
Requirements
- Testing Target Machine: USB enabled systems – e.g. Linux, Windows, RPi
- RPi Zero W (zero will work fine, but wireless will be needed for remote control) with microSD and RPi OS installed. I have a few RPi zeros lying around, and for my purpose, this is better than using Arduino or other simple micro controllers.
- RPi H/W modification (DIY) or Kit
RPi H/W Kit
Use this $5-$6 PCB board to RPi zero, instead of DIY. DIY is actually pretty simple, almost zero cost, but seems not that sturdy. I also bought a case for zero and the addon board from here for $3.- PCB Board Kit - https://www.banggood.com/USB-A-Addon-Board-V11-USB-Connector-Expansion-Board-For-Raspberry-Pi-Zero-Zero-W-p-1234866.html
- Case - https://www.banggood.com/Transparent-Acrylic-Case-For-Raspberry-Pi-ZeroW-USB-A-Addon-BadUSB-Board-p-1275582.html
- Combined package with simpler case - https://www.banggood.com/USB-Dongle-With-Acrylic-Shield-for-Raspberry-Pi-Zero-Zero-W-p-1432397.html
Add on board look like this:
DIY mod
See this picture from this site - https://www.novaspirit.com/2016/10/18/raspberry-pi-zero-usb-dongle:
Raspberry Pi Model
Which models supports OTG (https://en.wikipedia.org/wiki/USB_On-The-Go)? There is a nice chart on this page (https://gist.github.com/gbaman/50b6cca61dd1c3f88f41), and it shows only model Zero supports OTG, but according to this page, model A and A+ also supports it. And someone posted this comment here (https://www.element14.com/community/thread/49633/l/have-a-raspberry-pi-3-model-b-usb-otg-port):The model A and A+ have the USB port of the chip routed to a connector. Officially the wrong connector for OTG, but the signals are there.To be safe, use model Zero or Zero W. Zero W is preferred to use Wifi for remote development and control.
Set up RPi and H/W
There are many more steps – so for now, just get all the required H/W and set up RPi. Download Raspbian Stretch Lite image (https://www.raspberrypi.org/downloads/raspbian/) and install on SD (https://sourceforge.net/projects/win32diskimager/), set it up as usual. Note that the lite image does not have GUI.Part 2, I’ll write about setting HID.
Part 3 will be about programming in C and Python.
Linux Software
If host computer is Linux and badUSB is attaching to it, it's helpful to check what devices are attached to the host. Run following Linux s/w:$ sudo lsusb -v
$ sudo lsinput
$ sudo udevadm monitor --udev
Windows Software
Following Windows software will be helpful with USB devices – they give you great details on USB devices:- Temple - http://www.snapfiles.com/get/temple.html
- USB Device Tree Viewer - http://www.snapfiles.com/get/usbtree.html
References
- Raspberry Pi models
- http://socialcompare.com/en/comparison/raspberrypi-models-comparison
- https://www.modmypi.com/blog/raspberry-pi-comparison-table
- RPi set up - https://projects.raspberrypi.org/en/projects/raspberry-pi-setting-up
No comments:
Post a Comment