digging deeper into RFID security

 Drafted

USB attacks in more details..

Drafted

Design & make your customized HID attack board :D

well, in the previous blogpost I've briefly explained what an HID attack is and the common boards or devices that can deploy it, so why not to make your customized device !? 

if you don't know what an HID attack is...plz check the intro blogpost down  "in arabic".

.........................................................................

After MG tweeted his project about bad usb cable, there must be a modification to enable the usb cable hub functionality which requires a board like nanohub "USB2422 chip" so it will be very normal cable also i've mentioned in my last blog that the whid & malduino could be more tiny and fit in a usb cable too so it's time to design and build my squad's schematics & PCBs .

In the time of writing this i've designed 5 models each one has different function, it takes me a week to finish them but till now there are main three problems i'm trying to solve:

- It takes months to deliver an order from china to me "i have to wait", so i must be very sure of the pcb layout because if there is any mistake i must wait again.

- "the process of making 2layers or more is very different than making stupid single layer at home."

- the components that will be soldered is just for one board for each model, many component like esp ICs and usb2422 and others are not in Egypt, you could buy them from china but it's better for many boards or mass production. so i buy boards like nanohub and desoldering its components!


>anyway, here are the five models:

1) Ducky Dongle  :  MG tiny board                    >    attiny85
2)   Tiny   Hub       :   data cable..one shoot          >    attiny85 + nanohub
3)  Nano  whid        :   no data cable                      >     32u4     +  esp8266
4)    X 85hub            :    data cable +wifi                  >    esp8285 + usb2422
5)   32esp hub            :           //                                >    esp8266 + usb2422 + 32u4

u could also design and make a customized board to support GSM too :')

-lets discuss each model and share my schematics and the pcb layout too!

1) Ducky Dongle :

 -it's the simplest board just the attiny85 microcontroller and its main components, the same board MG made but it's manufactured and have 'via' between the layers..so more tiny and simple.

it can fit easily in a usb dongle and the usb cable too

wireless mouse dongle, ducky dongle can fit easily in it  

2) Tiny Hub 

the previous schematic but with a usb hub i used the usb2422 ic which nanohub used.

3) Nano whid 

i called the normal bad usb cable "one shoot" which means it injects the payload once you plug it and it's bad in some situations so there must be a way to control it remotely there are many ways like wifi, bluetooth, gsm..etc

the nano whid schematic

4)    X 85hub            

   this is the best board, it's all in one, the unique thing in it is the esp8285 ic which has the flash ic inside it so no need for more space.

X-HUB, the schematic needs simple modification then i can finish the pcb layout
it's exactly looks like the spy usb cable 

5)   32esp hub

 because there isn't a esp8285 board in my beloved country, i have to use the 8266 one so there will be more size and the esp in this design doesn't support to connect to usb port directly so we use the 32u4 microcontroller connected to the nanohub.

three ICs for this!  :3

...................................................................................................................................................................

board case/cover design: 

After finishing the schematic and started to design the pcb layout i must select the board borders or its real dimensions to put the components inside it, so i drew it on SOLIDWORKS and exported the DXF file then on EAGLE i imported it, so simple steps.

the case & board  designs on SOLIDWORKS just to export a DXF file 

-the dimensions in my sketch are from a real usb cables, the middle right one are the spy cable board, the others are different dimensions for normal cases/cables.

drew exactly the real dimensions of  the cases + board & on Solidworks too 

-well, all i can made nowadays are 1 an 3, didn't get the nanohub yet to make the others.

 -there are uncompleted little things in the schematics, and it's easy to finish just need to check it.


to do list :

-add GSM module also tiny switches to change the payloads and choose between them, less important with the usb cable !

-in x model, add  a slot for the mouse dongle so it looks like a normal mouse dongle but it injects keystrokes. 

briefly :  make the board smaller & weaponize all the things.