Malduino Elite – Meget første indtryk

Et stykke tid Tilbage, jeg komponerede en artikel om Malduino, en arduino-baseret, open source Badusb-enhed. Jeg opdagede jobbet fascinerende, så jeg tilmeldte mig en elite version såvel som sikker nok, den venlige postmand faldt det i min postkasse i fredags, hvilket betyder, at jeg fik at lege med det i weekenden. For dem, der savnede artiklen, er Malduino USB Gadget, som er i stand til at efterligne et tastatur samt injicere tastetryk blandt andet. Når det er i et passende hus, vil det bare ligne et USB-flashdrev. Det er ligesom de ting, du ser i filmene, hvor en fyr plugger i en gadget, såvel som den auto hacker computeren. Det skib i to versioner, lite såvel som elite, både baseret på ATMEGA32U4.

Lite-versionen er virkelig lille, udover USB-stikket indeholder den kun en switch, som gør det muligt for individet at vælge mellem kører såvel som programmeringsfunktion, samt en LED, som angiver, hvornår scriptet har gennemført kører.

Original Malduino Elite Skitse samt Lite prototype
Elite-versionen er større, indeholder en mikro-SD-kortbesøg såvel som fire DIP-switche, som gør det muligt for den enkelte at vælge hvilket script der skal kører fra kortet. Det har ligeledes LED’en, som angiver, hvornår et script er afsluttet for at køre. Dette gør det muligt for den enkelte at kaste firmwaren kun, når såvel som derefter programmer de tastetrykindsprøjtningsskrifter, der opbevares i Micro-SD-kortet, i modsætning til Lite-versionen, der skal blinkes hver gang en individuelle ønsker at køre et andet script.

Disse er de to Malduinoer såvel som da de er programmeret direkte fra Arduino IDE, hver funktion, jeg netop nævnte, kan omprogrammeres, genoprettes eller tabes alle sammen. Du kan købe en såvel som bare vælge at udnytte det som en ‘normal’ arduino, selv om der ikke er en masse stifter at lege med. Denne fleksibilitet var en de allerførste ting, jeg kunne lide om det såvel som virkelig kørte mig til at deltage i crowd-finansieringskampagnen. tjekket ud for den fulde anmeldelse.

Hardwareen.

Malduino Elite vs USB Flash Drive
Så viste elitkortet som rutine såvel som jeg opdagede mig i lang tid at se en it. På trods af at være længere end Lite-versionen, er det stadig ret lille, måler ca. 4,6 cm x 1,1 cm (ca. 1,8 i x 0,43 in), som du hurtigt kan tilpasse til en gammel USB-tilfælde, selv om du skal skære nogle Huller til DIP-switche såvel som Micro-SD-kortet. I crowd-finansieringskampagnen var den oprindelige skitse til en 3 dip switch version, men den endelige elite har fire, som jeg opdagede godt. Jeg plugged den ind på en gammel computer, efter en vis overvejelse om, hvilken firmware det kunne sende med såvel som hvad det kunne gøre for min bærbare computer, såvel som sikkert tilstrækkelig en rød LED dukkede op. såvel som det var det. intet andet.

Efter at have spillet rundt med kontakterne samt udøvelse af nogle RTFM, indså jeg, at firmwaren det skibes med, er sandsynligvis en slags Q.C. Test for DIP’erne, hvilket gør Malduino output tallene 1 til 4 (faktisk simulerer en tastpresse 1 til 4), afhængigt af hvilke kontakter der er tændt. Så langt så godt, det virker så godt som jeg har set værre PCB-brædder end denne. Bestyrelsen har huller til seks stifter, som jeg ikke spores til mikrostyreren, så godt jeg ikke forstår, hvad de er til.

Opsætningen

Opsætning af Malduino har brug for, at du har ARDUINO IDE installeret såvel som så meget som dato. Du vil have krav på at åbne bestyrelsens leder samt oprette Sparkfun-bestyrelserne, da eliten er programmeret som en ‘Sparkfun Pro Micro’, der kører på 3,3 V samt 8 MHz. Så er du krav til at gå på Malduino Script Converter hjemmeside, der tjener en række formål:

Det gør det muligt at konvertere scripts mellem lite såvel som elite versioner

Det giver dig mulighed for at vælge dit tastaturdesign sprog

It auto produces the Arduino job for you to import to the IDE

For the Elite version, just produce a simple or even empty script to download the project, since when in ‘normal’ operation you will just flash the Malduino when as well as then utilize the Micro-SD card to store new scripts.

A note on flashing, if you are utilizing a Debian-based distribution you may come across some issues like I did as well as not be able to flash the device. like the individual on this most useful post, my modem-manager was trying to talk with the Malduino after every reset as well as confused AVRDUDE to death. The solution is to add udev rules to “/etc/udev/rules.d/77-mm-usb-device-blacklist-local.rules”, kudos to [socrim]:

1
2.
3.
4.
5.
6.
7.
8
ACTION!=”add|change”, GOTO=”mm_usb_device_blacklist_local_end”
SUBSYSTEM!=”usb”, GOTO=”mm_usb_device_blacklist_local_end”
ENV{DEVTYPE}!=”usb_device”, GOTO=”mm_usb_device_blacklist_local_end”

ATTRS{idVendor}==”1b4f” ATTRS{idProduct}==”9204″, ENV{ID_MM_DEVICE_IGNORE}=”1″
ATTRS{idVendor}==”1b4f” ATTRS{idProduct}==”9203″, ENV{ID_MM_DEVICE_IGNORE}=”1″

LABEL=”mm_usb_device_blacklist_local_end”

The Software

Since I’m running Linux, a quick shortcut to run a command is the ALT-F2 combination. So I script that into a data as well as save it to 1111.txt. The Elite searches the Micro-SD card for a data corresponding to the present dip switch state. lets state the dip switch 2 as well as 4 are ON. In this case, the software application tries to discover the data named 0101.txt as well as parse its contents (as in dip switch order 1,2,3,4 as well as not the binary representation of the number 2 as well as 4) . When it finishes, the red LED starts flashing quickly. My simple script was:

1
2.
3.
4.
5.
6.
7.
8
9
10
DELAY 2000
ALT F2
DELAY 1000
STRING xterm
DELAY 1000
GÅ IND
DELAY 1000
STRING id
DELAY 1000
GÅ IND

But it was not working. almost all commands worked however the ALT-F2 combo was not working properly. Close, however no cigar. No ALT-F2, no run command window. I’ve already lazy-browsed the source code a bit since I truly didn’t have a great deal of time on my hands however I needed to figure this out. The offending code was this:

1
2.
3.
4.
5.
6.
else if(equals(s,e,”F1″,3)) Keyboard.press(KEY_F1);

else if(equals(s,e,”F2″,3)) Keyboard.press(KEY_F2);
…
else if(equals(s,e,”F10″,3)) Keyboard.press(KEY_F10);
else if(equals(s,e,”F11″,3)) Keyboard.press(KEY_F11);

A custom equals function was getting size 3 for the strings of the function keys, like “F2”. It was okay for “F10”, “F11” as well as “F12”, however failed for the rest of the keys. altering 3 to 2 did the trick, however my Portuguese keyboard design started to interfere with other test scripts. So I altered the code to include PT as well as UK layouts, altering them in a #define at compile time.

It would be awesome if it was possible to gain access to the SD card from the computer as a routine USB volume. I don’t understand precisely exactly how feasible that is, however it does not include the present firmware. I still wished to be able to output the material of an arbitrary data on the SD card to the screen, so I added one more script function called ECHOFILEHEX that outputs the material of a data in the SD card as getaway characters. For example, if the data a.txt contains “AAA”, the script command ECHOFILEHEX a.txt would output “\x41\x41\x41”. This can be useful to echo binary data into printf or echo -e, in Linux holds at least.

Meanwhile, I had some difficulty reading the original code. You know, all of us have different programming styles. Don’t get me wrong, I’ve been understood to compose some messed-up spaghetti code. I sometimes search old jobs looking for some libs or classes I coded as well as question ‘who the heck composed this steaming stack of code?’ Me, it was me. Anyway, I started to modification a bit right here as well as there as well as ended up altering quite much the entire code. That’s the beauty as well as the curse of open-source. If you’re curious you can inspect it out here.

Konklusion.

All in all, as well as in spite of some bumps, I’m rather delighted with Malduino. It is what I expected: an open platform for BadUSB attacks that’s in its infancy. It’s incredible that we can all tinker with it, customize it, make it much better or just make it fit our needs. I hope a genuine neighborhood can begin so we can see its full prospective emerge. My short listing includes simulating other USB devices, much better SD card management, as well as broadening the gadget via the unused pins. What would you add?

It’s a long method to go as well as a great deal can go wrong, so great luck with the job [Seytonic]!