USBNinja – BadUSB embedded into a USB cable

USBNinja – BadUSB embedded into a USB cable

1110
Views
0 Comments

USBNinja is an information security and penetration testing tool that looks and functions just like a regular USB cable (both power and data) until a wireless remote control triggers it to deliver your choice of attack payload to the host machine. In essence, USBNinja is the next step in the evolution of BadUSB, embedding the attack in the USB cable itself.

The Attack

When plugged into a host computer, USBNinja acts just like a regular USB cable. For example, it can be used both to charge your phone and to transfer images from your phone to your computer. However, perfectly concealed within USBNinja is a very small Bluetooth device, patiently waiting. When USBNinja receives the secret command, either from a smartphone running the USBNinja app or from our custom-built Bluetooth remote control, it goes from a passive cable to a stealthy attacker by emulating a USB mouse and/or keyboard to deliver its hidden payload to the host computer.

The Payload

The payload delivered by USBNinja is completely customizable. You can use the standard Arduino IDE to create your own payload and we’ll also provide plenty of examples of payloads that inject keystrokes and move and click the mouse.

Use Cases

USBNinja is truly a versatile tool, with applications such as practical jokes, magic tricks, secret love confessions, game assists, and information security trainings. We leave it as an exercise to the reader to come up with their own uses.

Features & Specifications

  • Cable Physical Characteristics
    • Length: 1 m
    • Color: white
    • Connector options: Micro-USB, USB Type-C, Lightning
    • Voltage range: 4-25 V (supports fast charging)
    • Current consumption: 10 mA (typical)
    • Full-rate USB data transmission
  • Remote Control
    • High-powered Bluetooth wireless (customizable name and password)
    • Battery: 3.6 V, 40 mAh, rechargeable
    • Standby current: 80 μA
    • Transmission current: 30 mA
    • Range (under ideal conditions with antenna):
      • 30 m with 2 dBi, 3 cm antenna
      • 50 m with 3 dBi, 11 cm antenna
      • 100 m with 18 dBi directional panel antenna
  • Mobile App
    • Alternative to remote control for triggering payload
    • Open source and freely available
  • Programming
    • Payload programmable with standard Arduino IDE (Windows/Mac/Linux/Android)
    • Access bootloader with non-contact magnetic ring
    • Source code provided for example payload

The project is live on CrowdSupply and has 24 days to go. Pledges start from 79 USD.

tags
BadUSBHackUSBUSBNinja
Share

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

view all posts by admin

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

subscribe
Archives