USB Ninja

From Embedded Lab Vienna for IoT & Security
Revision as of 01:01, 18 December 2020 by AHollaus (talk | contribs)
Jump to navigation Jump to search

Summary

The USB Ninja is a USB cable that has the capability to infect connected devices with malware through the injection of keystrokes. This device can also be used, just like any other USB cable, for data transfer and charging. One of the founder of USB Ninja, Kevin Mitnick, defines the USB Ninja as the "spiritual successor" of BadUSB.[1][2] In this article USB Ninja and USB Ninja Pro will both be used synonymously since different sellers have different ways of differentiating them. Generally the USB Ninja Pro includes all the different cables and a remote, which can differ depending which version has been bought. Here one can find the kit that was used whilst creating this article.

How-To Basic

The following requirements are valid for both versions, USB Ninja and USB Ninja Pro. It is highly recommended to first go through the getting started documentation offered on the official website, since this document assumes that the reader is already familiar with scripting languages as a concept.[3] Also, this wikipage depends on the setup of the USB Ninja being done on an Windows OS, installation could be different on another OS.

Step 1: Installing Arduino IDE

Download the appropriate version the Arduino IDE here. Arduino IDE is an open-source IDE that makes it easy to implement code for microcontroller boards and USB devices.

Step 2: Installing the required drivers

To download the required drivers to recognize the device for setup, click here.

Step 3: Arduino Setup

Now, one can open the Arduino IDE application. Thanks to the board manager feature of Arduino, it is easy to add third-party boards to the IDE, in our case we want to add the USB Ninja package. Go under File and then Preferences. The screen in front of you should look like the screenshot below.

USBNinja Preferences.png

In the text field Additional Boards Manager URLs you should add the following URL

http://usbninja.com/arduino/package_USBNinja_index.json

With this URL the USB Ninja boards will be able to be installed by the IDE. To actually install the USB Ninja board package, go under Tools then select Board and then Board Manager. There select Contributed in the drop down selection. Select the USB Ninja package and install it. After the installation is successful, select the USB Ninja board after selecting Tools in the Board selection. Be sure to select the board named USB Ninja cable (BLE+Hall sensor). This concludes the setup and one can now start scripting.

Step 4: Configuring and uploading

In terms of setup we are basically done, but connection is missing. For us to actually load scripts/payloads on the USB Ninja and be able to insert it somewhere to execute them, we need to execute a few extra steps. Through the package we selected in the above step, we gain access to some examples that include some configurations that are useful.

Bluetooth Name and Password

The default Bluetooth device name is "Ninja" and the default bluetooth password is "8888". To change this values go under File, Example, NinjaBLESetup and then select NinjaBLESetup. This opens the setup code for the BLE (Bluetooth Low Energy) module. Find the following line:

SetBLE("Ninja", "8888");

There you can change the values as you want. Note that the name is how it appears on your PC when connecting with it and how it appears when pairing with it via Android phone. If you haven't changed these settings or you are not using a remote skip the below section and go to the uploading section.

Bluetooth Name and Password Remote Edition

If you are connecting with it via the remote (standard or pro remote doesn't matter), you'll also need to reconfigure the remote since it automatically finds the device connection with the same name and password. To do that download the following application here. After unzipping, execute the .exe file. Select the correct serial port number after you plugged in the remote. Press Open to open the port. Change the BLE Name and Password accordingly to how you changed it on the cable. Then press the Set BLE Name and Set BLE Password buttons. If it was successful you should get a notification saying Operation Succeeded.

Uploading

Using the Android Application

References

  1. Wikipage of Kevin Mitnick. https://wikipedia.org/wiki/Kevin_Mitnick
  2. BadUSB Overview including presentation slides and video link. https://adsecurity.org/?p=362
  3. Getting Started with USB Ninja. https://usbninja.com/help/