Skip to content
#pentestips Hands on the USB Ninja Professional
August 20, 2021 Lab401 Lee

#pentestips Hands on the USB Ninja Professional

The USBNinja is a highly miniaturized, highly covert version of the Rubber Ducky.

Inspired by the NSA Project "COTTONMOUTH", the entire device is hidden inside a USB cable and controlled wirelessly.

Besides avoiding suspicion during red-team assessments, it also allows for long-term implants - how often do you change your keyboard's USB cable?

The USBNinja has iOS/Android apps, can be updated over the air, used in real-time mode, exfiltrate data, self-destruct, and more importantly - acts as a real USB cable, supporting USB-3, Lightning, USB-C, QuickCharge technologies, etc.

In today's PTT, we'll walk through how to use the USBNinja Pro - from unpacking to payloading. - The first step is to configure the USBNinja. Plug the cable into a computer in order to power up the device. Check out the video:

- Download the App (Link in the description) to connect to the cable via Bluetooth. The application allows full control of the USBNinja - payloads, Over-The-Air updates, and configuration. - A Payload is a script that is executed by the USBNinja.The scripting language (ducky script) is intuitive and easy.

The USBNinja has multiple payload slots, which can be quickly selected and executed via phone or via a Bluetooth remote control. -

Payloads can be as simple or as advanced as you require - from simple scripted tasks to full exploit frameworks such as Metasploit and Empire.

- In this example - we'll simply open a website.

We select a slot and enter the following code.

Once uploaded, you can trigger the script while the cable is plugged into the targeted host.

DELAY 500

GUI r

DELAY 700

STRING https://lab401.com

DELAY 700 ENTER

[Connect cable to a machine]

[Trigger the Payload in the Application]

 

- The covert nature of the USBNinja makes it ideal for long-term implants. The cables are undetectable visually and electronically, allowing red-teamers and LEA to carry and install the cables without raising suspicion.

- The USBNinja Pro is available in multiple cable types - USB-C, Lightning, and MicroUSB.

Check out Lab401 for more details on how to integrate the USBNinja into your pentesting arsenal.

Get your USBNinja Professional: https://lab401.com/products/usbninja

 

Filed in: android, badusb, lab401 academy, omg cable, pentesting, pentestips, redteam, USB Ninja
Previous article #pentestips - How to rubber ducky
Next article #pentestips: Know your "BadUSB"

Leave a comment

Comments must be approved before appearing

* Required fields