BadUSB

<br> This project takes advantage of the loophole in USB protocol. By changing the internal firmware of USB, after accessing the USB interface, it simulates the functions of external mouse and keyboard, so as to make the target host execute the well-constructed commands.<br>

<br>

QQ：775942445<br>

WeChat：wwy18795980897<br>

Introduction<br>

Like most of us, BadUSB was first introduced in Mr. Robot and is one of the FSociety's most popular tools. Whether it's downloading a Trojan to a server to control a victim's host, or Darlene throwing a bunch of USB phishing devices in a parking lot, BadUSB is one of the most important physical weapons. <br> <br>

Advantage<br>

Is commonly used in the field of USB attack, many years ago old USB virus (automatic) autorun. Inf, but the file is now will be antivirus software easily detected, and the autorun. J inf, BadUSB is to use a loophole in the USB protocol, by changing the interior of the USB firmware, after normal USB port access, to simulate the external function of the mouse, keyboard, in order to make the target host execution has been carefully constructed good command. In this process will not cause anti-virus software, a trace of suspicion firewall. And because it's at the firmware level, USB flash drive formatting can't prevent the execution of its internal code. <br> <br>

My latest favorite is leonardo_Arduino board, because the same is the use of USB, Windows, Linux, Mac and other operating systems default existence leonardo_Arduino USB interface driver, do not have to network download dedicated driver. In addition, to BADUSB burning procedures are very simple, most of the keyboard, mouse keys for simulation, easy to get started. <br> BadUSB is also a good example of social engineering. It plays on people's curiosity. It's estimated that more than 90% of people will want to see what's inside a USB they pick up on the side of the road. <br><br> <br>

Tutorial <br>

Video address <br> Video: Introduction to BsdUSB Compiler<br> Video: BadUSB driver installation and code writing<br> Video: BadUSB basic operation<br> For detailed steps, please go to the brief book <br> <br>

Directory<br>

BadUSB
 │  LICENSE
 │  README.en.md
 │  README.md
 │  
 ├─AddUser_StartService
 │      AddUser_Enable3389(tools).ino
 │      AddUser_EnableFTP(tools).ino
 │      
 ├─BlueScreen
 │      BlueScreen1(DOS).ino
 │      BlueScreen2(DOS).ino
 │      BlueScreen3(DOS).ino
 │      BlueScreen_xp_win7(DOS).ino
 │      DelayedBlueScreen (DOS).ino
 │      RegistryWriteBlueScreen (DOS).ino
 │      RegistryWriteBlueScreenGeneralUse (DOS).ino
 │      
 ├─CobaltStrike_Trojanlinkage
 │  │  Bitsadmin_TrojanExecution (LinkageWithCS).ino
 │  │  Pl_TrojanExecution (LinkageWithCS).ino
 │  │  PSL_TrojanExecution (LinkageWithCS).ino
 │  │  PY_TrojanExecution (LinkageWithCS).ino
 │  │  Regsvr32_TrojanExecution (LinkageWithCS).ino
 │  │  
 │  ├─CobaltStrike_Payload
 │  │      payload.bin
 │  │      payload.c
 │  │      payload.cs
 │  │      payload.java
 │  │      payload.pl
 │  │      payload.ps1
 │  │      payload.py
 │  │      payload.rb
 │  │      payload.sct
 │  │      payload.txt
 │  │      payload.vba
 │  │      
 │  └─CounterStrikeTrojanTutorial
 │          CounterStrike.jpg
 │          CounterStrikeTutorial.png
 │          
 ├─CodePrincipleInterpretation
 │      ArduinoKeyCodeBase.ino
 │      InstructionsOn_setup_loop_Methods.txt
 │      MSF_TrojanMakingTutorial.txt
 │      
 ├─DNSHijack
 │      DOS_CommandSetMultipleDNS(DNSHijack).ino
 │      PSL_CommandSetMultipleDNS(DNSHijack).ino
 │      
 ├─Linux_Built-inReverseShell
 │      LinuxReverseShell (CodeExecution).ino
 │      LinuxReverseShell(BashShell).ino
 │      LinuxReverseShell(PerlShell).ino
 │      
 ├─MSF_Trojanlinkage
 │      shell.apk
 │      shell.asp
 │      shell.aspx
 │      shell.elf
 │      shell.exe
 │      shell.jar
 │      shell.jsp
 │      shell.macho
 │      shell.php
 │      shell.pl
 │      shell.psl
 │      shell.py
 │      shell.sh
 │      shell.war
 │      Shell_TrojanGenerationConfiguration.txt
 │      
 ├─OSX_Built-inReverseShell
 │      OSX_SystemReverseConnection (dns_shell).ino
 │      OSX_SystemReverseConnection (perl_shell).ino
 │      OSX_SystemReverseConnection (ruby_shell).ino
 │      
 ├─PSL_FullScreen-HACKED
 │  ├─FullScreenHackedv0
 │  │  │  get.ps1
 │  │  │  
 │  │  └─FullScreenHackedv
 │  │          FullScreenHackedv.ino
 │  │          
 │  ├─FullScreenHackedv2
 │  │      FullScreenHackedv2.ino
 │  │      wall.ps1
 │  │      
 │  └─FullScreenHackedv3
 │      │  get.ps1
 │      │  
 │      └─FullScreenHackedv3
 │              FullScreenHackedv3.ino
 │              
 ├─RunProgramOn_UDrive_ExpandScopeOfIntrusion
 │  ├─UdiskRun
 │  │      UdiskRun.ino
 │  │      
 │  ├─UdiskRunv2
 │  │      UdiskRunv2.ino
 │  │      
 │  └─UdiskRunv3
 │          UdiskRunv3.ino
 │          
 ├─Site_AWord_IntrusionCode
 │      AspSentenceTrojanWrite(webServerVersion).ino
 │      AspSentenceTrojanWriting(websiteServerVersion-DynamicDecoding).ino
 │      AspSentenceTrojanWriting(websiteServerVersion-ScriptEncoderEncryption).ino
 │      AspxSentenceTrojanWrite(webServerVersion OverDog_OverDShield).ino
 │      AspxSentenceTrojanWrite(webServerVersion).ino
 │      JspSentenceTrojanWritten (JSP_websiteServerUse).ino
 │      JspTrojanWrite(JSP_websiteServerUsing-non-Sentence).ino
 │      PHP_TrojanWrite(PHP_webServerUse-ClassBypass).ino
 │      PHP_TrojanWrite(PHP_webServerUse-XOR-Bypass).ino
 │      PHP_TrojanWrite(usedByPHP_websiteServer).ino
 │      
 ├─SpecificFunctionCode
 │      AddUserCode(Tools).ino
 │      Alt-f4_Loop.ino
 │      ChangePasswordOfAccountUsed+CloseSystemProcess+BlueScreen(Tool).ino
 │      EnablePSL_RemoteConnection(Tools).ino
 │      ForcedDeletionOf360Processes(Tools).ino
 │      ForceShutDownCommand(Tool).ino
 │      Hide_CMD_Window(Display).ino
 │      MouseKeepsMoving(Tools).ino
 │      OpenPort445.ino
 │      OpenSpecified_webPage.ino
 │      ShiftBackdoor.ino
 │      SimplyChangeAllUsersPasswords(TrickItem).ino
 │      SimplyShutDownMachine(TrickItem).ino
 │      TakeScreenshot_SendSpecifiedFTP_Address(Tool).ino
 │      
 ├─TrojanDownloader
 │  ├─CERTUTIL_DownLoader
 │  │      CERTUTIL_DownLoader_MSF.ino
 │  │      
 │  ├─FTP_DownLoader
 │  │      FTP_DownloadNetcat_ConnectBackToShell(TrojanAttack).ino
 │  │      
 │  ├─JAVA_DownLoader
 │  │      JavaTrojanWrite(TargetEnvironmentRunJava).ino
 │  │      server.java
 │  │      
 │  ├─PSL_DownLoader
 │  │      Downloa_PSL_Trojan-Execute_aSecondTime.ino
 │  │      LinkServer_MSF_PSL_Download.ino
 │  │      LinkServer_PSL_Download.ino
 │  │      PSL_DownLoader0.ino
 │  │      PSL_DownLoader1.ino
 │  │      PSL_DownLoader2.ino
 │  │      PSL_DownLoader3.ino
 │  │      PSL_DownLoader4.ino
 │  │      PSL_Downloader_Win&Linux_General.ino
 │  │      PSL_Writes_Bounces.ino
 │  │      
 │  └─PY_DownLoader
 │          PyShellServer.py
 │          Py_TrojanWrite(TargetEnvironmentRunPython).ino
 │          
 ├─Ubuntu_InformationGathering
 │      BasicTerminalCommandsForUbuntu(Display).ino
 │      UbuntuInformationCollectionTXT_File(Information).ino
 │      
 ├─WiFi_ConnectionTrojan
 │      ForceConnectionToSpecifiedWiFi-DownloadPSL_TrojanRun.ino
 │      
 └─WiFi_PasswordAcquisition
         WiFiPasswordCapture(tool).ino
         WiFiPasswordExport(tool).ino
    

Demo<br>

Video address <br> Video: [Hardware Hacker] Control the upload through WiFi to execute, run, write HID scripts for BADUSB as well as a small extra 1<br> Video: [Hardware Hacker] Control the upload via WiFi to execute, run, and write HID scripts for BADUSB as well as a small extra 2<br> Video: [BADUSB Demo] U Drive Attack: Ignore any kill soft, hack your computer in 3 seconds!<br> Video: [BADUSB Demo] Invading Square Large Screen, with Tutorial 1<br> Video: [BADUSB Demo] Invading Square Large Screen, with Tutorial 2<br> Video: [BADUSB demo] BADUSB implementation record keyboard<br> Video: [BADUSB demo] Change the password of the account used + close the system process + blue screen test<br> <br>

Advanced<br>

[Vid