Building a UsaBUSe – Part 1

So a while ago, I was watching some of the Defcon 24 videos and presentations, one of the ones that caught my eye was by a couple of guys at Sensepost, it was basically a USB device (arduino avr) that emulates devices and performs USB HID attacks coupled with an ESP8266 acting as a WI-FI bridge.

They used an $11 Cactus Micro Rev2 with some custom firmware to hack a windows 8.1 box.You can see more at their blog post on it here, there is also the code needed to build it on their github repo here.

So I started with a Ubuntu 14.04 LTS install and recvursively cloned the repository of the code.

Next you have to put the files from the releases section of the github repo in the following places shown in the pictures below:-

Create the firmware directory in esp-vnc and put user1.bin in it.

user1.bin

The file KeyboardMouseGeneric.hex in avr/KeyboardMouseGeneric

KeyboardMouseGeneric

Program_ESP.hex in the Program_ESP directory

Program_ESP.hex

Lastly do the following in the root of the repo.

$ wget --content-disposition "http://bbs.espressif.com/download/file.php?id=1046"

$ unzip ESP8266_NONOS_SDK_V1.5.1_16_01_08.zip

To give you this:-

UsaBUSe files 1

Now you can plug in the Cactus and program the firmware for the ESP8266 and the arduino remembering to press the reset  button twice at the appropriate points. If all goes well, the output should be similar to below.

In part 2, we shall move onto functional testing and see how we go.

Regards

Cyberkryption