$33,950 raised

of $10,000 goal

339% Funded!
Not Available
Nov 03
funded on

Details

Recent Updates


As Featured In

Hackster.io

"Within the cable housing, however, resides a tiny Bluetooth unit that waits for a wireless command to unleash its payload."

seguridadprofesionalhoy

"RFID Research Group nos informa que llega USBNinja, aparentemente un cable USB...pero que en realidad es una herramienta que permite la realización de pruebas de pentesting en el ámbito de la seguridad informática."

USBNinja is an information security and penetration testing tool that looks and functions just like a regular USB cable (both power and data) until a wireless remote control triggers it to deliver your choice of attack payload to the host machine. In essence, USBNinja is the next step in the evolution of BadUSB, embedding the attack in the USB cable itself.

The Attack

When plugged into a host computer, USBNinja acts just like a regular USB cable. For example, it can be used both to charge your phone and to transfer images from your phone to your computer. However, perfectly concealed within USBNinja is a very small Bluetooth device, patiently waiting. When USBNinja receives the secret command, either from a smartphone running the USBNinja app or from our custom-built Bluetooth remote control, it goes from a passive cable to a stealthy attacker by emulating a USB mouse and/or keyboard to deliver its hidden payload to the host computer.

The Payload

The payload delivered by USBNinja is completely customizable. You can use the standard Arduino IDE to create your own payload and we’ll also provide plenty of examples of payloads that inject keystrokes and move and click the mouse.

Use Cases

USBNinja is truly a versatile tool, with applications such as practical jokes, magic tricks, secret love confessions, game assists, and information security trainings. We leave it as an exercise to the reader to come up with their own uses.

Features & Specifications

  • Cable Physical Characteristics
    • Length: 1 m
    • Color: white
    • Connector options: Micro-USB, USB Type-C, Lightning
    • Voltage range: 4-25 V (supports fast charging)
    • Current consumption: 10 mA (typical)
    • Full-rate USB data transmission
  • Remote Control
    • High-powered Bluetooth wireless (customizable name and password)
    • Battery: 3.6 V, 40 mAh, rechargeable
    • Standby current: 80 μA
    • Transmission current: 30 mA
    • Range (under ideal conditions with antenna):
      • 30 m with 2 dBi, 3 cm antenna
      • 50 m with 3 dBi, 11 cm antenna
      • 100 m with 18 dBi directional panel antenna
  • Mobile App
    • Alternative to remote control for triggering payload
    • Open source and freely available
  • Programming
    • Payload programmable with standard Arduino IDE (Windows/Mac/Linux/Android)
    • Access bootloader with non-contact magnetic ring
    • Source code provided for example payload

In actual use, the remote control distance is greatly affected by the environment, such as the angle of the receiving end, electromagnetic interference, obstacles that block Bluetooth, etc.

Comparisons

USBNinja Rubber Ducky Bash Bunny Teensy
Cost $99 USD $49 USD $100 USD $29 USD
Documentation Yes Yes Yes Yes
Code Samples Yes Yes Yes Yes
Tools & Language Arduino IDE, C simple script Bunny Script Teensyduino IDE, C
Open Source Yes Yes Yes Yes
Form Factor USB cable USB stick USB stick Bare board

USBNinja - Deluxe

USBNinja - Professional

USBNinja - Pentester

Manufacturing Plan

USBNinja’s manufacturing will take place in four stages:

  1. Procurement - purchase all BOM components
  2. SMT assembly - fabricate and assemble cable and remote PCBs at our production lab
  3. Cable assembly - cables will be assembled and firmware burned
  4. Quality control - test all cables and insert them into product packaging

Shipping & Fulfillment

We will be fulfilling all orders ourselves, shipping via ePacket with a tracking number we’ll provide to you. If there are any rejects or delay and custom clearance issues, we will send another parcel in parallel.

If you need to change your address, please do so by visiting your Crowd Supply account page. To learn more about ordering, paying and shipping, please visit this useful page in The Crowd Supply Guide.

Risks & Challenges

We are manufacturing USBNinja in-house at our production lab in Shenzhen. All PCBAs will be produced using top notch, fully automated SMT manufacturing. Quality control will be in place to test and upload a simple payload before packing USBNinjas into their product boxes. We have successfully run and delivered a previous crowdfunding campaign (Proxmark3 Rdv4.0) and we do not foresee any problems running this one. Of course, we will directly address any unforeseen problems as soon as they arise and inform backers of our progress.


Credits

RFID Research Group

RFID Research Group is a holistic R&D company that does idea realization, hardware localization in China, export & fulfillment services from China and project consultancy.


Kevin Mitnick

KnowBe4

Vincent Yiu

SYON

Dennis Goh

RFID Research Group

Olaf Tan

RFID Research Group

Subscribe to the Crowd Supply newsletter, highlighting the latest creators and projects: