USB category

MalDuino, The Open Source BadUSB

Firmware is a type of software that provides control, monitoring and data manipulation of engineered products and systems. A USB device firmware hack called BadUSB was presented at Black Hat USA 2014 conference, demonstrating how a USB flash drive microcontroller can be reprogrammed to spoof various other device types in order to take control of a computer, ex-filtrate data, or spy on the user. BadUSB is a critical security flaw that can turn any USB device into a cyber threat. Security experts have released the BadUSB code online, giving hackers access to it.

This project on Indiegogo, MalDuino, is an Arduino-powered BadUSB device which has keyboard injection capabilities. Once plugged in, MalDuino acts as a keyboard, typing previous configured commands at superhuman speeds. You could gain a reverse shell, change the desktop wallpaper, anything is possible. MalDuino is targeting penetration testers, hobbyists and pranksters.

Check the campaign video to know more about the project and to see MalDuino in action:

“MalDuino aims to offer the best BadUSB experience. In terms of software, MalDuino is programmed via the arduino IDE using open source libraries. Scripts written in DuckyScript can easily be converted into code the MalDuino can understand”

Ducky Script is the language of the USB Rubber Ducky, and writing the scripts can be done from any common ascii text editor such as Notepad, vi, emacs, nano, gedit, kedit, TextEdit, etc. Each command resides on a new line and may have options follow.

Source: www.gadgetify.com

MalDuino comes in two editions: Elite and Lite. Elite depends on a SD card to save scripts, thus no need to program the board each time you want to change the script running. With DIP switches provided, you can choose which script to run easily.

The second edition is Lite: a smaller one that can be disguised in most of USB flash disk cases. It has an internal memory of 30 kb to store scripts.

Similar to Arduino Leonardo, you can run MalDuino and operate it anywhere a Leaonardo can run. Some issues were reported by Windows 7 users while running the scripts, but these problems are going to be considered and solved. Another issue is the keyboard different layouts, so if you try to run an English script on a computer with a Spanish keyboard, the wrong characters may be pressed. The English/American keyboards are the only guaranteed up till now

The campaign still has 21 days to go and it has already achieved %1800 of its £500 goal! You can pre-order Lite edition for $16 and Elite for $29. Hardware designs and source codes will be available at Github once the project is launched. More detailed information can be reached at the campaign page.

USB Volume Control and Caps Lock LED

p_leriche @ instructables.com build a USB volume control which is simple, cheap and extensible. Check it out:

I’m not the first person to publish an Instructable for a USB volume control, but I think this one is about as simple and cheap as it gets, and at the same time can be extended at minimal cost to various other functions such as:

  • Mute, Play, Pause and various other media buttons
  • Keyboard LEDs such as Caps Lock, Scroll Lock and Num Lock (a kana LED is also defined for Japanese users)
  • Application launch buttons such as browser, email, calculator etc
  • Browser navigation and other application control buttons
  • Gamepad buttons
  • System buttons for functions such as Sleep, Hibernate, Wake, Power down
  • Mouse buttons and movement

and many more, subject to support being provided by your operating system. Mine implements the volume and mute functions (mute by pressing the knob) and the 3 main keyboard LEDs.

USB Volume Control and Caps Lock LED – [Link]

Designing a simple and cheap temperature logger

pickandplace.wordpress.com writes:

I started with making the TMP102 temperature sensor work. Nothing to say in particular, it’s just an other I2C-small-package-sensor. Or rather SMBus, but apart from the minimum speed clock requirements on the SMBus, the two protocols are alike.

Designing a simple and cheap temperature logger – [Link]

30 Minutes HIV Detection Using USB Stick

In partnership with DNA Electronics,  Imperial College London researchers had developed a revolutionary USB stick that can detect HIV in the bloodstream.

In order to detect the virus, it’s enough to use a drop of blood. Then the USB stick generates an electrical signal that can be read by a computer, laptop or handheld device.

“We have taken the job done by equipment the size of a large photocopier, and shrunk it down to a USB chip” – Dr Graham Cooke, study author

This detection is useful for HIV patients for managing their treatment and to maintain their health. The longer the detection of HIV virus the harder to treat it, because antiretroviral treatment that is used for HIV may stop changing the status due to the resistance built by the virus to the medicine. This what the USB stick is working to solve, providing accurate results in a surprisingly short time.

To implement this, researcher had worked on “a novel complementary metal-oxide semiconductor (CMOS) chip based, pH-mediated, point-of-care HIV-1 viral load monitoring assay that simultaneously amplifies and detects HIV-1 RNA”.

Conventional ways to test HIV may take several days, but this device is promising to give results in less than 30 minutes! In addition, the detection can be done remotely, which allows faster detection for patients by themselves, and for some areas that don’t have advanced lab tests.

“This is a great example of how this new analysis technology has the potential to transform how patients with HIV are treated by providing a fast, accurate and portable solution. At DNAe we are already applying this highly adaptable technology to address significant global threats to health, where treatment is time-critical and needs to be right first time.” – Professor Chris Toumazou, DNAe’s Founder, Executive Chairman and Regius Professor at the Department of Electrical and Electronic Engineering at Imperial College London

Partnering with DNA Electronics was a great step for the researchers since this company is using similar technology to develop devices for detecting bacterial and fungal sepsis and antibiotic resistance. Right now, researchers are now looking for possibilities to advance their work and to check the ability that the device can detect other viruses such as hepatitis.

This research was funded by the National Institute for Health Research Imperial Biomedical Research Centre and it was published in Scientific Reports. You can learn more about it by checking the article “Novel pH sensing semiconductor for point-of-care detection of HIV-1 viremia” and the press release.

DueProLogic – USB-CPLD Development System

ept-4ce6-af-d2-front-diagonol-white-background_1659x843_001

The DueProLogic is a complete FPGA Development System designed to easily get the user started learning and creating projects.

The DueProLogic makes programmable logic easy with an all inclusive development platform. It includes an Altera Cyclone IV FPGA, on board programming, four megabit configuration flash, and an SD connector for add on memory. You can create your HDL code, program it into the flash and interact with the hardware via a Windows PC.

DueProLogic – USB-CPLD Development System – [Link]

Turn your Zero Pi into a USB Dongle

The $5 Raspberry Pi Zero is a standalone computer that can be embedded in various applications, but maybe now it is time to add some extra features.

It comes with a USB OTG port, meaning it can function as a USB device rather than a USB host. Thus, it can become a serial device with just a USB cable, an Ethernet device, MIDI device, camera, or just about anything else you can plug into a USB port.

Novaspirit has turned his Raspberry Pi Zero into a USB gadget, just like a RNDIS modem, with some easy steps. He aims to get the maximum benefit out of a Pi Zero without having to lug around any cables: “Just plug it in and you’re networked”

His hack turned the Zero Pi into a USB dongle with shared internet, and he could install services like webmin, owncloud, and vnc making it a great all-in-one device!

thumbnail

With minimal soldering, he converted the Zero’s onboard female USB jacks into a male USB plug.

You only need:

  • male usb connector
  • 4 wires
  • some soldering skills

wireing

Then you can follow the diagram to connect the male connector to Zero Pi

How to ‘donglify’ the Raspberry Zero Pi as Novaspirit suggests

  1. Attach the Raspberry Pi Zero running Pixel OS to your computer as a USB network device
  2. Set up VNC (Virtual Network Computing) on the Pi so that you can log into its desktop in a window
  3. Set up networking on the Pi so that it can connect to the wider Internet through the laptop
  4. Install OwnCloud so that the Zero serves as a cloud storage

Check out this tutorial by Novaspirit

Novaspirit guy is not the first who converted the Raspberry Pi Zero into a USB gadget that connects to the internet, but the most interesting thing about his project that you won’t lose any functionality of you Zero Pi; you can still plug your stuff and use it in your applications. In addition, he delivered a very simple hardware hack and easy to follow software tutorial on Windows.

You can check his website Novaspirit for weekly posts where you can find loads of projects and tutorials.
More details, designs and code snippets of this project can be reached here.

UsbSafe² – Programmable dongle for protecting USB devices from USB hosts and chargers

usbsafe-iso-1_jpg_project-body

USB connections can transfer both information and power. UsbSafe² is a device for protecting USB-connected hardware from both excessive voltage, current and unauthorized data access. Unfortunately, the practice of “juice jacking” (accessing data from a device connected to a public charging station), has become all too common. UsbSafe² provides a unique combination of an anti-juice jacking mode with protection from faulty power sources. With UsbSafe² you’ll feel safer knowing that your valuable gadgets are protected and secured, wherever you go and whatever you plug into!

UsbSafe² – Programmable dongle for protecting USB devices from USB hosts and chargers – [Link]

Attiny2313 & Attiny84 V-USB Media Volume Control

imga0492-large

Rupert Hirst shares his thoughts on creating a V-USB based media volume control:

Although you may think a rotary encoder is just a rotary encoder, when selecting one for a specific purpose such as a volume knob, the feel  and quality can play a large part in your design decision. You only have to look at the vast part numbers in any given range to appreciate this.

Attiny2313 & Attiny84 V-USB Media Volume Control – [Link]

$14.5 All-Purpose Switched-Mode Power Supply

Switching technology devices and integrated circuits are growing fast providing solutions that obtain power for different kind of circuits and devices, and they are proposed in different variations. A useful little known kind which is suitable for mixed supply systems is called SEPIC,single-ended primary-inductor converter.

Torpedo is a switched-mode power supply with a SEPIC configuration which is produced by Open Electronics, an open source solutions producer and the brainchild of Futura Group Srl. It supports three different wide-range voltage sources, battery, USB, and external source from 3 to 20 volts with up to 1 A output current and integrated LiPo battery cell charger.

Torpedo Board
Torpedo Board

Torpedo comes with these features:

  • Triple power source, that is to say: the USB, the battery and an external one
  • Wide range of values as for the input voltage: from 3 to 20 volts
  • Minimum output current of 500mA, with the possibility to reach 1A and more, via an external source
  • High efficiency, above 70% and possibly above 80-90%
  • Single-cell LiPo battery charger incorporated
  • A transition from battery power to another source that is without interruptions
  • 5 V output with high stability, having a low ripple and when varying the load.

Torpedo’s circuit structure can be functionally divided into three different parts; Input Stage, Battery Charger, and SEPIC Converter.

At first, the Input Stage is composed of two diodes and a MOSFET transistor. This set forms a power source selector by allowing the highest voltage power source to pass through Vin pin and prevent it from going to another input having a lower voltage.

Torpedo Circuit Diagram
Torpedo Circuit Diagram

The Battery Charger is based on the MCP73831-2 integrated circuit, that is envisaged for charging single-cell LiPo batteries having a voltage of 4.2 volts. It comes with a red LED indicating the statues of charging, and a two-resistor bridge giving two different output current, 100mA and 500mA.

The SEPIC Converter in general is a DC/DC converter which control its output to be greater than, less than, or equal to that at its input. In Torpedo circuit, the SEPIC integrated circuit contains 1.2Mhz oscillator with variable duty cycle, a low-RDSON MOSFET, and a feedback circuit. This combination provides constant 5V output voltage from variant input voltage between 2.5V to 20V.

Torpedo is available for $14.5 from Open Electronics store, and its technical details are reachable here.

Tiny OLED PC Performance Monitor

p1090014-large

Rupert Hirst build a tiny OLED PC performance monitor based on Psyrax’s serial monitor. The display monitors CPU and GPU temperature and activity etc. He writes:

After a recent purchase of a Nvidia GTX1080 graphics card, 4k monitor plus Doom(2016), I thought it would be great to see some external telemetry… from my exorbitant purchase.
Then, I Stumbled upon on Psyrax’s “Serialmonitor” GitHub repository! Armed with an Arduino ProMicro plus a 128×64 pixel OLED display, I compiled the source code. After compiling Psyrax’s windows application in Visual Studio, I got to work.

Tiny OLED PC Performance Monitor – [Link]