Main Content

This is a keystroke injection device (also called badusb). It is similar to a well-known USB rubber ducky made by hak5, but has much extended functionality, lower price and is also completely open source. It looks and feels like an ordinary USB flash drive, but acts as a keyboard that types in a preprogrammed payload. This payload can do anything from configuring a network to installing a reverse shell, since the device can basically do whatever an admin can with a terminal, but taking only a few seconds. This makes it a very powerful tool for automating sysadmin tasks or use in penetration testing.

Here is quick summary of how PocketAdmin is different from USB rubber ducky (and many others):
- Made from inexpensive off-the-shelf parts, with not only open source firmware, but hardware design files as well. This allows the user to do substantial modifications to the design, as well as provides an option to build your own units.
- Has a built-in interpreter (compatible with existing ducky script) which takes text files directly, so you never have to install any encoder software and keep converting payload.txt to inject.bin.
- Can act as both keyboard and USB disk, allowing for better payloads; the memory chip is integrated, so there is no need to keep sticking SD card in/out of various devices while developing payloads.
- Has an OS detection mechanism, which allows you to store multiple payloads simultaneously and have the device automatically pick the correct payload to run.
- Extended set of commands for extra functionality, such as: without doing any firmware update the user can set which VID / PID values to use, configure how the device should show up
- (keyboard only / flash disk only / keyboard+disk), change keyboard layout, and many other things.”

Link to article

Related Content