This USB-C charging cable looks identical to a normal charging cable, the only difference is it can execute keystroke injection attacks when connected to a computer!
It automatically registers itself as a keyboard and sends pre-configured key-strikes (payloads) to the machine that it is connected to, allowing you to execute a large number of attacks to harvest information or even gain full control over the target device.
The ATtiny85 is neatly disguised inside an ordinary looking USB-C charging cable.
Manual Installation (Windows)
- Download and install the latest Arduino IDE for your Windows version from here.
-> Double-click the downloaded file.
-> Agree to the License Agreement
-> Leave the default options checked in the Installation Options step and click Next.
-> Install in the default Destination Folder
-> During the installation you may receive a prompt to install the Arduino USB Driver. Click Install. - Open the Arduino IDE from the Desktop / Start Menu.
- Click File >> Preferences
- Paste the following into the Additional Boards Managers URLs and click ok: http://digistump.com/package_digistump_index.json
- Go to Tools >> Board >> Boards Manager and search for “Digistump”. Click install on the “Digistump AVR Boards” entry.
- Download the USB driver, extract and double-click “post_install.bat”. Click Next, accept the security warning and click install.
- Tools >> Board >> Digistump AVR boards select Digispark (Default – 16.5MHz).
The environment is now set up and ready.
Manual Installation (Linux)
- Download the latest Arduino IDE archive for your Operating System from https://www.arduino.cc/en/software
-> Extract the archive to a suitable location such as your Home directory.
-> Browse to the extracted directory, open a terminal window.
-> Run the command:chmod +x install.sh && ./install.sh
- Open the Arduino IDE from the Applications Menu.
- Click File >> Preferences.
- Paste the following into the Additional Boards Managers URLs and click ok:
http://digistump.com/package_digistump_index.json
- Go to Tools >> Board >> Boards Manager and search for “Digistump“. Click install on the “Digistump AVR Boards” entry.
- Go to Tools >> Board >> Digistump AVR boards select Digispark (Default – 16.5MHz).
The environment is now set up and ready.
You can skip the next section to learn how to upload a payload to the cable.
Ready made VM Installation
- Click here to download the VM.
- Download VMWare Player from here and install it.
- Run VMware, go to File > Open a Virtual machine and Ifile you downloaded in step 1 (Ubuntu.ova).
- Install VMWare-Tools as show here.
- Add serial port:
- Click on VM -> Settings
- Click on +Add…
- Select serial port
- Click finish.
- Add USB controller:
- Click on VM -> Settings
- Click on +Add…
- Select USB controller
- Click finish.
- Run the Ubuntu VM. Password: “evilcrowcable“.
- Open a terminal window.
- Run Arduino IDE with the following commands:
cd arduino-1.8.10-linux64/arduino-1.8.10/ && ./arduino
- Open a payload from
/home/evilcrowcable/attiny85_digispark/
- Click Tools >> Board >> Digistump AVR boards select Digispark (Default – 16.5MHz).
- Click Sketch >> Upload.
- Connect the BadUSB cable when the Arduino IDE prompts to.
Uploading a payload
Once setup, uploading a payload is very easy.
Simply go to Sketch >> Upload.
Once the Sketch is compiled, you will receive a prompt to plug in the device:
Running Digispark Uploader... Plug in device now... (will timeout in 60 seconds)
Notes:
- The USB cover is easily removable to allow access to the chip. Grip the USB end carefully when inserting and removing.
- USB devices connected to the cable will not be able to send or receive data to or from the target computer.
- Example payloads available here.
Reviews
There are no reviews yet.