paperlined.org
+evil > software > USB_jacking

document updated 12 years ago, on Jan 22, 2013

This page lists hardware that can be used to perform USB jacking.

USB jacking is where an attacker plugs a device into a USB port, and the physical device visually looks like a large thumb drive, but the computer being attacked sees it as several different logical devices (eg. USB CDROM, USB keyboard, USB mouse, USB network card). Multiple logical devices can be presented to the computer, and they can work together to carry out an attack.

USB jacking is frequently used to extract information from a computer that's been left unlocked for a few moments. Because the attack is automated, it can be completed in a short period of time, so it can be used when the computer's owner has briefly stepped away.

Another way it's used is as an enhanced version of dropping thumbdrives in an organization's parking lot, as a way to target extremely secure (air-gapped) computers.

hardware requirements

At a minimum, the device must either have a USB-device port or a USB OTG port (OTG ports can operate in either USB-host or USB-device mode). A USB-host port isn't sufficient.

Preferably, the device is small and unobtrusive to passersby who might observe the attack in progress. If it's small enough to visually mimic a thumbdrive, it would be able to deliver its payload without the attacker being physically present.

hardware overview

USB Rubber Ducky — purpose-built for this
any Android phone — they have the hardware, but on the software side, would require rooting, installing a kernel module, and installing a custom application
PC-on-a-stick devices — These devices are a new but growing market. Some are designed to be able to cooperate with an existing PC via a USB-device port.

specialized flash drives

A few flash drives have the ability to appear to the computer as both a USB mass storage device as well as a USB CDROM. The CDROM is used to trigger an autorun.

U3 flash drives

microcontrollers

Cons: generally MUCH more primitive hardware (less space for storing payload, and code must be custom compiled and is less featureful). Pros: They're very small, and are the easiest way to visually mimic a thumbdrive.

USB Rubber Ducky — purpose-built for this — 64kb ROM, 32kb RAM, microSD
PS3 Factory/Service Mode Jigs, used to jailbreak PS3s — they were manufactured in larger quantities, so they're easier/cheaper to get [2]
- size comparisons [2]
- AVRKey/PS3Key — one of the smallest — 32kb ROM, 1kb RAM (ATmega32U2)
- Maximus — definitely small enough — 32kb ROM, (AT90USB*?)
- X3Max V2GB — probably small enough; includes a microSD reader [2]
AVR Stick by Objective Development — definitely small enough — 8kb ROM, 0.5kb RAM (ATtiny85)
AVR Stick by Reusch Elektronik
OpenKubus
Arduino

Android phones

Pros: They're ubiquitous, and are something you always carry with you. Cons: Requires kernel hacking to setup.

PC-on-a-stick

See more here.

similar to Raspberry Pi

Raspberry Pi doesn't have a USB-device port (only USB-host ports, and one port that is wired for power only), but there are similar boards that do:

Cubieboard