Close
0%
0%

PocketAdmin

oshw keystroke injection device ( badusb )

Public Chat
Similar projects worth following
Starting from
$23.00
krakrukra has 102 orders / 3 reviews
Ships from Russia
This is a keystroke injection device (also called badusb). It is similar to a well-known USB rubber ducky made by hak5, but has much extended functionality, lower price and is also completely open source. It looks and feels like an ordinary USB flash drive, but acts as a keyboard that types in a preprogrammed payload. This payload can do anything from configuring a network to installing a reverse shell, since the device can basically do whatever an admin can with a terminal, but taking only a few seconds. This makes it a very powerful tool for automating sysadmin tasks or use in penetration testing.


For more information check its github repository:
https://github.com/krakrukra/PocketAdmin
  • 1 × BOM.txt is available in the github repository

  • Project Log

    Radik Bechmetov06/21/2019 at 16:55 0 comments

    2020, january - new 1.3 revision hardware is released, a lot of new features added

    2019, september - implemented FTL, greatly increased MSD access speed

    2019, june - big documentation improvement, first samples available for sale

    2019, may - added OS fingerprinter, keyboard layout changing

    2019, february - added many new commands, fixed bugs

    2018, december - added MSD capability

    2018, october - finished first HID only version

View project log

View all instructions

Enjoy this project?

Share

Discussions

Radik Bechmetov wrote 02/01/2020 at 20:20 point

A new 1.3 revision hardware was released recently;  

changelog is abailable here: https://github.com/krakrukra/PocketAdmin/issues/3  

Also, some new videos are available on my youtube channel:

https://www.youtube.com/channel/UC8HZCV1vNmZvp7ci1vNmj7g

  Are you sure? yes | no

bryklinop wrote 09/08/2019 at 12:27 point

This is very nice and cool post tahsnk for this ..........!!!!!!!!!!!!!!!!!!!!!!!!

http://10-0-0-0-1.mobi/192-168-10-1.php

  Are you sure? yes | no

Radik Bechmetov wrote 07/25/2019 at 12:02 point

No. it has a very different microcontroller, and you will

not be able to reuse any/most of the code here. If you

would have a board like this with STM32F072C8T6

(or other ones with the same USB peripheral), then

you could modify the source code and get an HID-only

version. But that's a lot of work to get a bad result, so

I would not recommend that. After all, it is not all that

complicated to actiually build the normal unit if you wish.

  Are you sure? yes | no

zoobab wrote 07/25/2019 at 13:12 point

I am not talking about reusing the same code, just doing arriving at the same result.

  Are you sure? yes | no

Radik Bechmetov wrote 07/25/2019 at 13:59 point

You could make it somewhat similar, but not quite the same.

e.g. payload scripts should fit in flash, but you wouldn't be

able to store files there (because there is too little storage space);

you do not have a MSD-only button, so you would have to work around that;

it will not look like a flash drive, so you won't be able to really

use it for pentesting;

a lot of device's functionality is built upon a completely

custom USB stack that I wrote from scratch, which is why

things like OS fingerprinter are possible. So you would

have to either not have that, or reimplement all this yourself;

and also probably a lot of other things will not be the same,

which I forgot to mention here

  Are you sure? yes | no

zoobab wrote 07/25/2019 at 11:50 point

Could you use a reflashed 2EUR stlinkv2 dongle to do the same? 

See here:

https://blog.danman.eu/st-link-clone-as-stm32-dev-board/
https://www.hobbiton.be/blog/repurpose-stlink/

They can behave as HID keyboard, but I don't know if there is enough space to store the payload.

There should be arduino IDE support...

  Are you sure? yes | no

Radik Bechmetov wrote 07/25/2019 at 08:54 point

Well, yeah. What is so shocking?

  Are you sure? yes | no

Radik Bechmetov wrote 07/25/2019 at 16:17 point

OK, so apparently someone flagged my snapshot files as evil

and google wants to block access to them now, so I removed

them. If you want to get the project files, just go to the github repository.

  Are you sure? yes | no

Similar Projects

Does this project spark your interest?

Become a member to follow this project and never miss any updates