USBNinja is an information security and penetration testing tool that looks and functions just like a regular USB cable (both power and data) until a wireless remote control triggers it to deliver your choice of attack payload to the host machine. In essence, USBNinja is the next step in the evolution of BadUSB, embedding the attack in the USB cable itself.
When plugged into a host computer, USBNinja acts just like a regular USB cable. For example, it can be used both to charge your phone and to transfer images from your phone to your computer. However, perfectly concealed within USBNinja is a very small Bluetooth device, patiently waiting. When USBNinja receives the secret command, either from a smartphone running the USBNinja app or from our custom-built Bluetooth remote control, it goes from a passive cable to a stealthy attacker by emulating a USB mouse and/or keyboard to deliver its hidden payload to the host computer.
The payload delivered by USBNinja is completely customizable. You can use the standard Arduino IDE to create your own payload and we’ll also provide plenty of examples of payloads that inject keystrokes and move and click the mouse.
USBNinja is truly a versatile tool, with applications such as practical jokes, magic tricks, secret love confessions, game assists, and information security trainings. We leave it as an exercise to the reader to come up with their own uses.
In actual use, the remote control distance is greatly affected by the environment, such as the angle of the receiving end, electromagnetic interference, obstacles that block Bluetooth, etc.
USBNinja | Rubber Ducky | Bash Bunny | Teensy | |
---|---|---|---|---|
Cost | $99 USD | $49 USD | $100 USD | $29 USD |
Documentation | Yes | Yes | Yes | Yes |
Code Samples | Yes | Yes | Yes | Yes |
Tools & Language | Arduino IDE, C | simple script | Bunny Script | Teensyduino IDE, C |
Open Source | Yes | Yes | Yes | Yes |
Form Factor | USB cable | USB stick | USB stick | Bare board |
"The aptly named USBNinja looks and functions just like a regular USB cable (both power and data) until a wireless remote control triggers it to deliver your choice of payload."
"On the outside, the NinjaUSB looks like a harmless USB cable. However, on the inside it’s full of a lot of mischievousness. "
Produced by RFID Research Group in US / Singapore / Shenzhen, China.
Sold and shipped by Crowd Supply.
The perfect kit to get you started. Comes with one USBNinja with your choice of connector and one magnet ring for switching to the bootloader. You'll also get access to our Bluetooth mobile app for triggering the payload.
Comes with three USBNinjas (one of each connector type), three magnet rings for switching to the bootloader, two Bluetooth remote controls, two 3 cm remote control antenna, two 11 cm remote control antennas, one 17.2 cm x 17.2 cm directional panel remote control antenna, two remote control charging cables, remote control batteries, two sets of screws with screwdriver to assemble the remote controls, and one product box. You'll also get access to our Bluetooth mobile app for triggering the payload.
The perfect kit to get you started. Comes with one USBNinja with your choice of connector and one magnet ring for switching to the bootloader. You'll also get access to our Bluetooth mobile app for triggering the payload.
The perfect kit to get you started. Comes with one USBNinja with your choice of connector and one magnet ring for switching to the bootloader. You'll also get access to our Bluetooth mobile app for triggering the payload.
For those who want to take it to the next level. Add a Bluetooth remote to your USBNinja
Comes with 1x 30 m with 2 dBi, 3 cm antenna; 1x 50 m with 3 dBi, 11 cm antenna; 1x 100 m with 18 dBi directional panel antenna
US / Singapore / Shenzhen, China · usbninja.com
RFID Research Group is a holistic R&D company that does idea realization, hardware localization in China, export & fulfillment services from China and project consultancy.
Everything you need to navigate the world's largest electronics market
A handheld RFID & NFC test instrument optimized for untethered use in the field
An open source FT2232H-based, multi-protocol, multi-voltage tool for hardware hacking