The USB Killer: Now Faster, Better, More Anonymous

A few years ago, [Dark Purple] built the USB equivalent of an RJ45 connector wired into mains power. The USB Killer is a simple device with just a FET, a few high voltage caps, a DC/DC converter, and a USB connector. Plug this device into your computer and -220V is dumped directly into the USB signal wires. This kills your laptop dead.

Over the years we’ve seen the USB Killer evolve from a hand-etched PCB to something less discrete but more discreet. It was a crowdfunding campaign run by a company in Hong Kong, and a few months ago this new commercial version was released.

Now, the USB Killer V3 is out. It provides 1.5 times the power to your poor USB ports, with power surges twice as fast. There’s also an anonymous version that looks like every other USB thumb drive sourced from Hong Kong. This is your warning: never, ever plug an unknown USB thumb drive into your computer.

While a product announcement really isn’t news, it is extremely interesting to take a look at how something that should not exist is being marketed. As with all electronic destructive devices, it’s on your Amazon recommended products list alongside tactical kilts, fingerless gloves, beard oil, and black hoodies. This is pentesting gear, with an anonymous edition for your friend, the hacker called four chan. Don’t think too much about how you’re going to get data off a laptop you just killed, or how you would go undetected by destroying equipment; this is cool hacker stuff.

In addition, the USB Kill 2.0 is FCC and CE approved. This allows you to, “test in complete safety” (their emphasis, not ours).   We have no idea what this actually means.

Vintage Laptop Keyboard Types Again Through USB

Have you ever had a laptop you just wish you didn’t have to retire when its specification becomes to aged for your needs? Wouldn’t it be great if you could upgrade it and keep using the physical hardware!

[Alpinedelta] has a vintage Toshiba T1000 laptop, roughly a PC-XT clone from the late 1980s. Its 80C88 processor, CGA display, and 512k of memory make it a museum-piece, but he has plans to modernise it using a LattePanda Intel Atom based single board computer.

To make that happen, he has to ensure all the Toshiba’s peripherals will talk to a modern host. Unfortunately back in the 1980s many PC clones were clones in a rather loose sense, and especially so in the laptop arena. Thus there are no handy standard PC interfaces and since USB was several years away at the time, nothing the LattePanda can talk to directly. His solution for the keyboard is to wire its matrix directly to a Teensy microcontroller that then provides a USB interface, and he’s put up a useful step-by-step Instructables guide.

There is no standard for a laptop keyboard matrix, so the first and most tedious task is to unpick its layout.This he did by identifying each trace and assigning a different rainbow colour to it, before noting down which keys appeared on it and collating the results in a spreadsheet. The different colours of wire could then be assigned to the colours of a piece of rainbow ribbon cable, and wired in sequence to the Teensy’s I/O pins. There then follows a step in the software in which he assigns the pin mappings to the lines in his spreadsheet, then the sketch can be compiled and uploaded to the Teensy. Result: a vintage keyboard now talking USB.

Using a Teensy to present a USB keyboard to the world is a well-worn path, we’ve seen it with both newer keyboards and other relics like this one from a DEC VT100.

Thanks [Brent] for the tip.

Tiny Morse Code USB Keyboard

We’ve featured quite a few of [mitxela]’s projects here in the past, and many of them have the propensity to be labelled “smallest”. His Morse Code USB Keyboard Mk II adds to that list. It’s a Saturday afternoon project, with a few parts slapped onto a piece of perf-board, that allows using a Morse key as a USB keyboard. This project isn’t new or fresh, but we stumbled across it while trying to figure out a use for a Morse key lying in the author’s bin of parts. You can practise transmitting, by reading text and typing it out on the key, and then look it up on your computer to see if you made any mistakes. Or you can practise receiving, by asking a friend to punch it out for you. Either way, it’s a great way to hone your skills and prepare for your radio operators license exam.

The project is a follow up to his earlier one where he hooked up the Morse key via a RS-232 — USB converter directly to a computer and let the code do all the work. That turned out to be a very resource hungry, impractical project and made him do it right the next time around. The hardware is dead simple. An ATtiny85, a piezo buzzer, some decoupling capacitors, and a few resistors and zeners to allow a safe USB interface. The design accommodates a straight key, but there is one spare pin left over in the ATtiny to allow for iambic or sideswiper keys too. There is no speed adjustment, which is hardcoded at the moment. That isn’t very user friendly, and [mitxela] suggests adding a speed potentiometer to that last remaining pin on the ATtiny. This would prevent use of iambic/sideswiper keys. Or, you could use the RST pin on the ATtiny as a (weak) IO. The RST pin can read analog values between 5V and 2.5V, and will reset when voltage falls below 2.2V. Or just use another microcontroller as a last resort.

For the USB interface, [mitxela] is using the V-USB library after wasting some time trying to reinvent the wheel. And since this is designed to work as a HID, there are no drivers required – plug it in, and the OS detects it as a keyboard. He’s borrowed code from the EasyLogger project to use the internal oscillator and help free up the IO pins. And to detect the characters being typed, his code uses a long string of compare statements instead of a dictionary lookup. Writing that code was tedious, but it makes the identification quicker, since most characters can be identified in less that five comparisons (one dit = E, two dits = I, three dits = S and so on). This “tree” makes it easier to figure it out.

If you’d like to look up some of his other “tiny” projects, check out The smallest MIDI synthesizer, Smallest MIDI synth, again! and the ATtiny MIDI plug synth.

Continue reading “Tiny Morse Code USB Keyboard”

MalDuino — Open Source BadUSB

MalDuino is an Arduino-powered USB device which emulates a keyboard and has keystroke injection capabilities. It’s still in crowdfunding stage, but has already been fully backed, so we anticipate full production soon. In essence, it implements BadUSB attacks much like the widely known, having appeared on Mr. Robot, USB Rubber Ducky.

It’s like an advanced version of HID tricks to drop malicious files which we previously reported. Once plugged in, MalDuino acts as a keyboard, executing previous configured key sequences at very fast speeds. This is mostly used by IT security professionals to hack into local computers, just by plugging in the unsuspicious USB ‘Pen’.

[Seytonic], the maker of MalDuino, says its objective is it to be a cheaper, fully open source alternative with the big advantage that it can be programmed straight from the Arduino IDE. It’s based on ATmega32u4 like the Arduino Leonardo and will come in two flavors, Lite and Elite. The Lite is quite small and it will fit into almost any generic USB case. There is a single switch used to enable/disable the device for programming.

The Elite version is where it gets exciting. In addition to the MicroSD slot that will be used to store scripts, there is an onboard set of dip switches that can be used to select the script to run. Since the whole platform is open sourced and based on Arduino, the MicroSD slot and dip switches are entirely modular, nothing is hardcoded, you can use them for whatever you want. The most skilled wielders of BadUSB attacks have shown feats like setting up a fake wired network connection that allows all web traffic to be siphoned off to an outside server. This should be possible with the microcontroller used here although not native to the MalDuino’s default firmware.

For most users, typical feature hacks might include repurposing the dip switches to modify the settings for a particular script. Instead of storing just scripts on the MicroSD card you could store word lists on it for use in password cracking. It will be interesting to see what people will come up with and the scripts they create since there is a lot of space to tinker and enhanced it. That’s the greatness of open source.

Continue reading “MalDuino — Open Source BadUSB”

USB Arduino into AVR TPI Programmer

Turning an Arduino of virtually any sort into a simple AVR 6-pin ISP programmer is old hat. But when Atmel came out with a series of really tiny AVR chips, the ATtiny10 and friends with only six pins total, they needed a new programming standard. Enter TPI (tiny programming interface), and exit all of your previously useful DIY AVR programmers.

[Kimio Kosaka] wrote a dual-purpose TPI and ISP firmware for the ATmegaxxUn chips that are used as a USB-serial bridge on the Unos, and constitute the only chip on board a Leonardo or Micro. The catch? You’re going to have to do a little bit of fine-pitch soldering. Specifically, [Kosaka-san] wants you to get access to an otherwise obscured signal by drilling out a via. We’d do it just for that alone.

Continue reading “USB Arduino into AVR TPI Programmer”

USB Etch-a-Sketch-Style Mouse is More Analog Than You’d Think

[Mitxela] wanted to build a different kind of mouse, one that worked like an Etch-a-Sketch toy with one X knob and one Y knob. Armed with some rotary encoders and a microcontroller, that shouldn’t be hard. But when you use a pin-limited ATtiny85, you are going to need some tricks.

The encoders put out a two-bit Gray code and close a button when you depress them. Plus you need some pins for the V-USB stack to handle the USB interface. [Mitxela] decided to convert the encoders  to output analog voltages using a simple resistor DAC. That would only require two analog inputs, and another anlaog input could read both switches.

One problem: there still wasn’t quite enough I/O. Of course, with AVRs you can always repurpose the reset pin as an analog pin, but you lose the ability to program the device at low voltage. And naturally, there’s a workaround for this too, allowing you to keep the reset pin and still read its analog value. You just have to make sure that value doesn’t go below about 2.5V so the device stays out of reset. Once that was in place, the rest went easy, as you can see in the video below.

Continue reading “USB Etch-a-Sketch-Style Mouse is More Analog Than You’d Think”

Turn cheap USB soldering irons in to tweezers

This is 2016, and almost every hacker dabbles with SMD parts now, unlike back in the day. This means investing in at least some specialized tools and equipment to make the job easier. One handy tool is the SMD soldering tweezers – useful not only for manual soldering of parts, but also for de-soldering them quickly and without causing damage to the part or the board. Often, especially when repairing stuff, using a hot air gun can get tricky if you want to remove just one tiny part.

smd_tweezer_04[adria.junyent-ferre] took a pair of cheap £5 USB soldering irons and turned them into a nifty pair of SMD soldering tweezers. The two irons are coupled together using a simple, 3D printed part. [adria]’s been through a couple of iterations, so the final version ought to work quite well. The video after the break shows him quickly de-soldering a bunch of 0805 SMD resistors in quick succession.

Earlier this year, we had posted [BigClive]’s tear down of these 8 watt USB soldering irons which turned out to be surprisingly capable and this spurred [adria] to order a couple to try them out.

The 3D printed part is modeled in SolveSpace – a parametric 2D and 3D CAD software that we blogged about a while ago. Continue reading “Turn cheap USB soldering irons in to tweezers”