Hi, I’m working on shool project for creating and using a evil usb to see if it’s still a thing. The thing I cannot find the right usb, because almost every models can’t be bought anymore… Does someone know another option? Like maybe making a custom usb? I don’t want to use phone or else, just an usb

  • Kroktann
    link
    fedilink
    arrow-up
    3
    ·
    4 years ago

    Not quite, but in my previous job we made some usb OpenPGP hardware tokens using cheap STM32 usb devices. Got them from alibaba for a few dollars a piece iirc. Fairly simple devices, and you could use one of them to program the other. Sorry I don’t remember the exact device at the moment, but could look it up tomorrow if you’re interested.

    • leviathanOP
      link
      fedilink
      arrow-up
      1
      ·
      4 years ago

      Well, yes, it would be nice from you! Can you tell me more about OpenPGP hardware tokens? Is that allow you to execute code?

      • Kroktann
        link
        fedilink
        arrow-up
        3
        ·
        4 years ago

        Here’s the devices we used, you should be able to find them on any larger electronics supplier, or even build one yourself. AliExpress has numerous variants

        The thing about these devices is that they are simple general purpose microcontrollers with a USB port attached. So you can use them for anything. We turned them into OpenPGP hardware tokens, but you could use them for whatever you want, like an evilUSB, or anything else.

        From the factory the devices are set up as programmers, so that you can use one device to flash code to any number of other devices.

        Hope that helps!

        • leviathanOP
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          4 years ago

          Hi,

          Thank for sharing The thing is that, is that easy to change the firmware, I only know the tool https://github.com/brandonlw/Psychson which seems to be too old… How did you change the firmware to be able to execute commands. Another question: at the end, the final usb have cable around? Or can look like a regular usb?

          • Kroktann
            link
            fedilink
            arrow-up
            2
            ·
            4 years ago

            Hey, sorry for the late reply. I just followed the instructions on the page I linked about how to install gnuk on the device. For your part since you’re planning on using a different firmware, the interesting instructions start in the “Connecting the ST-Link” section.

            In other words, you first need to develop or build the firmware you want to run on it, then upload the firmware to the device as described in the link.

            Once the firmware is uploaded you can remove the cables and it will work like just any USB stick with the given firmware. If you don’t need them, you can also remove the headers on the end of the device.

            Hope that helps, and I’m not too late. (Sorry again!)