Reprogramming promotional USB dongles to launch custom URLs

webkey-hacking

The teachers at [Jjshortcut's] school were each given a Webkey by the administration as a promotional item of sorts, but most of the staff saw them as useless, so they pitched them. [Jjshortcut] got his hands on a few of them and decided to take one apart to see what made them tick.

He found that the device was pretty simple, consisting of a push button that triggers the device to open the Windows run prompt, enter a URL, and launch Internet Explorer. Since the microcontroller was locked away under a blob of epoxy, he started poking around the onboard EEPROM with his Bus Pirate to see if he could find anything interesting there. It turns out he was able to read the contents of the EEPROM, and since it was not write protected, he could replace the standard URL with that of his own web site.

While it’s safe to say that without a new microcontroller the Webkeys probably can’t be used for anything more exciting than launching a browser, [Jjshortcut] can always reprogram the lot and drop them in random locations to drive some fresh traffic to his web site!

[Thanks, Wouter]

Comments

  1. jjshortcut says:

    Who is wouter?

  2. hojo says:

    it’s cool that these can be hacked for other purposes, but the underlying concept seems like a tremendous waste of resources.

  3. LostTime says:

    Yeah sure.. Whenever I find a mysterious USB device with a push button, I plug it into my computer to see what woukd happen.
    Nice hacking though!

  4. Mike says:

    I got something like this in the shape of a key from Hyundai. There were no buttons, you just plug it in and it pulls up the run box and launches its website. (I’ve read that it works on Macs as well.) Unfortunately, there’s no separate EEPROM, just a blob of epoxy like shown above and two tiny capacitors.

  5. mark g says:

    It seems like these would be really easy to re-purpose for nefarious uses. I wonder if the factory has a way to program them via the usb cable?

  6. dan says:

    What a terrible idea…

    “Here, take this dongle.”
    “What does it do?”
    “Oh, it will take you to my website.”
    [hours later]
    “WTF IT DELETED MY HARD DRIVE!!!”

    Stay sharp, kids.

  7. dr memals says:

    tried on of these out on a Linux machine and was supprised to see nothing when I pressed the button.
    surely it is just a usb keyboard ?
    turns out Linux has had kernel protection from these things for sometime, to see anything you must run a terminal outside of X11.
    Very disapointed I could not use it as emergancy button.

  8. biozz says:

    you can use this to link to bots or less harmfully use web browser based external programs
    like steam games!

  9. jim says:

    you could make an annoyance device from these

    imagine changing the code to randomly switch caps lock on and off, or have it start the installation of a trojan

  10. Malikaii says:

    If you can rewrite the URL, doesn’t that mean you have access to RUN? If so, couldn’t you just use it to launch command prompt and copy a virus to the HDD? If all you can access is the URL, then it should still be possible to initiate a download from an FTP server. Dangerous.

  11. Bob dole says:

    I once repurposed one of these. It was a microsoft “Smart” button, that took you to some dead site.

    What I used it for is turning on all the PCs in the showroom of the store I worked at. I plugged it into one of the till PCs, rewrote the hosts file to point to a webserver in the back, and wrote a cgi script on that webserver to send wakeonlan packets to all the showroom PCs. I also had it print out a blank page from the printer to warm it up.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s