Blog

MalDuinos Explained

May 3, 2022

What does a MalDuino do, and what is a BadUSB? Let’s have a look at this incredible piece of tech from Maltronics. 😎

What is a BadUSB?

A BadUSB is a USB device that acts as a keyboard to send keystrokes to the computer. They can be programmed to run keystroke injection attacks that manipulate the target computer, for example, to install malware.

This goes unnoticed by anti-virus systems because, for the computer, it looks like a human is simply typing on the keyboard. But since it’s actually an automated process, the keystrokes are typed extremely fast. As a result, an attack might only take a few seconds.

They often look like ordinary USB cables or flash drives, making them a hidden danger. Once you see an attack in action, it’s hard to trust USB devices ever again.

Professional tools are used to test if organizations are protected against such attacks. But you can also buy these tools if you want to learn more about such attacks, test your own computer, or educate others. The MalDuino is one of those tools.

MalDuino W

MalDuino W is wireless BadUSB based on our open-source WiFi Duck project.

Testing and developing new scripts is easy since you can control it from a web browser. In addition, the RGB LED and USB-A + USB-C ports make it fun and effortless to work with. And on the outside, it looks like an ordinary USB drive - allowing it to be used for professional pentesting.

You can buy one on Maltronics.com. We’re developing the MalDuino W firmware, so every purchase also supports us! 😊

MalDuino

The ‘classic’ MalDuino focuses more on the basics.

You load scripts onto a microSD card (which is not included). It comes in a standard case you might be familiar with from other USB drives, so it’s very incognito. It also has USB-A + USB-C, making it work on various devices.

It’s the cheapest MalDuino, so it’s perfect for anyone who doesn’t need the fancy features of the MalDuino W.

You can buy one on Maltronics.com. We’re developing the MalDuino firmware, so every purchase also supports us! 😊

How it all started

Isn’t it interesting to see how such a professional product started barebones on a breadboard like any DIY Arduino project?

MalDuino and subsequently Maltronics started in 2017 when Seytonic announced his Indiegogo campaign to collect 500£ to make a few MalDuinos for interested hackers.

Well, turns out the demand was far bigger than initially expected, leading to a very successful crowdfunding campaign: https://www.indiegogo.com/projects/malduino-badusb#/.

I have wanted to post about the MalDuino for a while now since I’m actively involved in making this product. We will continue to collaborate with Maltronics. What you’ve seen here is just the start!

Hackermindset Explained

Apr 26, 2022

I was researching for a presentation about hacking when I stumbled upon a YouTube video where Mitch Altman explains hacking in a way that just fully resonated with me.

Hacking is mainly associated with exploiting vulnerabilities in computer systems, but hacking is so much more!

Although they are often involved, hacking doesn’t even have to be about computers!

Hackers are working in a variety of fields, including political, social, and environmental areas. Hacking is about learning and trying new techniques and technologies to build projects and solve problems. It’s about having fun and doing what you love.

Overall I’d say hacking is a mindset, a way of living and approaching problems.

Hacking in the Media

Today everything is digital. It’s just logical that crimes have become digital too. We used to have names for criminals like thieves and bank robbers. Today they all go by just one word: hacker.

But just because the news calls every criminal using a computer, a hacker doesn’t make them that!

Think about it: When somebody cheats in an online game, are they hacking or cheating? Most of them just download an exploit from the internet to ruin the game for everybody else. They didn’t hack anything themselves.

Hacker Ethics

In fact, hacking was never about crime. The following guidelines have been providing a basis for discussion since the 80s, yet they still seem more relevant than ever:

1. Access to computers - and anything which might teach you  something about the way the world really works - should be unlimited and  total. Always yield to the Hands-On Imperative!
2. All information should be free.
3. Mistrust authority - promote decentralization.
4. Hackers should be judged by their acting, not bogus criteria such as degrees, age, race, or position.
5. You can create art and beauty on a computer.
6. Computers can change your life for the better.
7. Don’t litter other people’s data.
8. Make public data available, protect private data.

Source: https://www.ccc.de/en/hackerethik

Learn more about hacking culture

If this got you interested and you want to learn more about hacking and what hackers really look like, I have a few more videos I recommend you check out:

📺 Inside San Francisco’s Anarchist Hackerspace

📺 HACKERSPACES ARE AWESOME!

📺 Hackerspaces Entrepreneurship | Mitch Altman | Talks at Google

📺 All Creatures Welcome EN

And if you want to meet hackers in real life, check out 🔗 hackerspaces.org, where you can find hackerspaces from all around the world!

Video “What Even Is “Hacking”?

As part of my BadUSB hacking course, I made one lesson that also covers this question. You can watch the video here:

Deauther Settings Explained

Apr 20, 2022

A reference of all ESP8266 Deauther settings as well as a tutorial on how to change them.

Changing a setting using the Web Interface

1. Connect to the WiFi network pwnedwith password deauther
2. Open 192.168.4.1 in a browser
3. Navigate to Settings (navbar on the right)
4. Adjust the settings to your preference
5. Click save (on the left, above the list)

Changing a setting using the Serial Connection

You need a serial connection for this one. You can use Huhnitor, Arduino Serial Monitor, or our new terminal.spacehuhn.com website. Learn more in our blog post about the Deauther Serial Interface.

1. Open a Serial Terminal of your choice
2. Connect your Deauther/ESP8266 Board (115200baud, \n)
3. To view your current settings type get settings
4. To change a setting, use the set command. For example: set password "my new cool pswd"
5. To save your settings type save

All settings (reference table)

Setting	Default	Info
version		Version number, i.e. v2.0. Can only be changed in the source code.
ssid	pwned	SSID of access point used for the web interface (if enabled). The length must be between 1 and 31 characters.
password	deauther	Password of access point used for the web interface (if enabled). The length must be between 8 and 31 characters.
channel	1	Default WiFi channel used when starting.
hidden	false	Hides the access point used for the web interface.
captivePortal	true	Enables captive portal for access point (if enabled).
lang	en	Default language for the web interface. Be sure the language file exists!
autosave	true	Enables automatic saving of SSIDs, device names, and settings.
autosaveTime	30000	Time interval for automatic saving in milliseconds.
displayInterface	false	Enables display interface.
displayTimeout	600	Time in seconds, after which the display turns off when inactive. To disable the timeout, set it to 0.
serialInterface	true	Enables serial interface.
serialEcho	true	Enables echo for each incoming message over serial.
webInterface	false	Enables web interface.
webSpiffs	false	Enables SPIFFS for all web files. Makes uploading new web files easier, at the cost of longer loading times.
ledEnabled	true	Enables the (RGB) LED feature.
maxCh	13	Max channel to scan on. US = 11, EU = 13, Japan = 14.
macAP		Mac address used for the access point mode. Set a random mac address with set macap random.
macSt		Mac address used for the station mode. Set a random mac address with set macst random.
chTime	384	Time for scanning one channel before going to the next in milliseconds (only if channel hopping is enabled).
minDeauths	3	Minimum number of deauthentication frames when scanning to change the LED to deauth mode.
attackTimeout	600	Amount of time (in seconds), after which the attack will stop automatically. Set it to 0 to disable it.
forcePackets	1	How many attempts to send out a packet. Set this value higher to achieve a better packet rate in a busy area. This setting could make the device slower or more unstable. Max value is 255.
deauthsPerTarget	10	Amount of deauthentication and disassociation frames sent per target.
deauthReason	1	The reason code sent in the deauth frames. Tells the target device why the connection will be closed.
beaconChannel	false	Sends all beacon and probe frames on different channels.
beaconInterval	false	Send beacon frame each second (true). Or send them each 100ms (false). A longer interval means more stability and less spamming of packets, but it could take longer until clients see them.
randomTX	false	Enables randomized transmission power for sending out beacon and probe request frames.
probesPerSSID	1	How many probe requests send per SSID.

Huhnitor: A rust-based Serial Monitor

Apr 11, 2022

We just released a new version of Huhnitor, so we figured it’s about time this project gets its own blog post!

About the Project

Huhnitor is a serial monitor that runs in the terminal. It’s made specifically for Deauther V3 - which is accessible only through a serial command line.

It’s a lot easier to use than other serial terminals. You just start it, plug in your deauther, and you’re good to go. It uses 115200 baud and \n line ending. As long as your serial device uses the same settings, you can use Huhnitor for any project.

It even supports color-coded output to help make the Deauther V3 output easier to read.

Because Huhnitor is written in Rust, it’s cross-platform compatible and can be easily compiled to run on new platforms. Huge thanks to James for coding and maintaining the project!

Where to find Huhnitor

Huhnitor is an open-source project you can find on Github: github.com/SpacehuhnTech/Huhnitor

We also have an installation tutorial.

Alternatives

Serial Huhn me

We get it if you’re not a big fan of using the terminal! That’s why we made terminal.spacehuhn.com - a web-based serial monitor that runs in your browser.

Open terminal.spacehuhn.com

Arduino

Our next best recommendation is the Arduino Serial Monitor. It’s built into Arduino and will work with any serial device. Since Arduino is needed for many projects anyway, it’s often already installed. Recently they added a CLI version too: https://arduino.github.io/arduino-cli/dev/commands/arduino-cli_monitor/

Other

There are plenty more ways of getting a serial terminal. There’s Putty, screen, and minicom, just to name a few. Choose your poison. The best software is always the one that works best for You.

A web-based Serial Terminal

Apr 4, 2022

Use your web browser to connect to your Arduino, ESP8266, or ESP32 without installing anything! No more struggling with the Arduino Serial Monitor. Simply visit terminal.spacehuhn.com.

Serial Terminal

I made a website/web app that brings the serial terminal to your web browser! Now you can connect to your Arduino project without the hassle of using the command line or installing additional software. 🚀

Visit terminal.spacehuhn.com

It’s made to be as simple as possible and works with any project, not just my ESP8266 Deauther. The default settings are 115200 baud and \r\n line ending but can be changed easily on the homepage.

This makes projects like the Deauther V3 so much more accessible. Instead of fighting the Arduino Serial Monitor, or additional software like our Huhnitor, all you need is a compatible browser (which you probably already have)!

Not sure which port to connect to?

Easy! Click connect on the website and then plug in your board. Whatever port pops up in the list is what you’re looking for.

If no port pops up, you might want to check the cable and USB port. Or maybe you’re missing the drivers for your device:

🔗 CH340/CH341 Drivers: http://www.wch-ic.com/downloads/CH341SER_ZIP.html 🔗 CP210x Drivers: https://www.silabs.com/developers/usb-to-uart-bridge-vcp-drivers 🔗FTDI Drivers: https://ftdichip.com/drivers/

We talked about this in more detail in our previous blog post about common ESP8266 and ESP32 errors: /blog/espcomm/#drivers

Browser Compatibility

Compatibility is the biggest problem with the web serial terminal right now. At the time of writing this, only Chrome, Edge, and Opera support the Web Serial API needed to make this work.

As a long-time Firefox user, this makes me sad, but I’m not the only one. There’s a lot of ongoing discussion about this in the Mozilla Community.

Phone or Tablet users are also out of luck for now. Only desktop browsers are supported at the moment. We hope it’s just a matter of time until more browsers add support for the Web Serial API.

Newer posts

Older posts