PDA

View Full Version : BadUSB tutorial doesn't work for me



iroy2000
2014-09-28, 05:08
I install the nethunter in my Nexus 7, everything seems fine. But when I try the tutorial on BadUSB ( I follow the steps in the video ), I don't see the window 8 gateway change.

Any advice will help, thanks.

muts
2014-09-28, 06:07
Make sure MTP storage is disabled before plugging in the UDB cable into the victim PC, and give it a few minutes to settle before checking the gateway change.

skycrazy
2014-09-28, 15:50
IS the badusb MITM working on windows 7? i seem to be having difficulty, i thought maybe because of UAC prehaps

skycrazy
2014-09-28, 18:22
Windows 7 is reporting my nexus as a Remote NDIS based internet sharing device, in Device Manager is this correct. it insisted upon installing drivers for it when i connected.

iroy2000
2014-09-30, 06:11
I tried that again, doesn't seem to work

Do I need to use an OTG usb and then connect with a male to male usb cable and then connect to the victim PC ?? ( Or I just use normal usb cable would be fine ?? )

skycrazy
2014-09-30, 12:52
For me windows computer sees it all ok now, but displays network cable unpluged on local area connection ? I'm guessing i'm being a noob here, but some thing to do with the dnsmasq service?

harmon25
2014-09-30, 23:22
Having the same issues with the BadUSB on N72013-Wifi , figure i am doing something wrong, or maybe an error in the installation.
I first tried installing nethunter on top of a custom ROM which was at 4.4.4 - this did not work out well.
Decided to unroot my device and go back to stock 4.4.4 - re-root and reinstall nethunter.
This was better, and nethunter seemed to be working OK, in terms of accessing the chroot and webserver functions - but when attempting HID attacks on both Linux and Windows - doesn't appear to be working...
it looks like the USB network interface is NOT being created...
As asked above, is an OTG-USB cable required? or is just the stock device USB cable OK?
Looks like from the posted videos they are not using an OTG...

Any help much appreciated!
Loving this nethunter build regardless of these issues, am sure it'll be ironed out

skycrazy
2014-10-01, 08:37
Harmon25 . Also having the same problems. I'm just about to go and pick another otg usb up. ill post the result later on.

skycrazy
2014-10-01, 15:05
Can confirm at my after buying two more usb go adapters not cheap ones. That using otg cables does not make any difference. Infact windows or linux does not pick up nexus 7 on numerous machines using otg cables. Does connect with standard cable. But badusb does not work and hid needs mtp enabled to work for me. Otg cable does function correctly with mice-keyboards-flashdrives ect on the nexus 7 lte 2013.

1337throwaway1
2014-10-02, 23:11
You shouldn't need to use your OTG adapter, as your phone is emulating a USB device, not a USB host. I plugged it in with a regular USB directly to the N7's socket and it worked immediately vs. Kali on my desktop.

harmon25
2014-10-03, 00:55
Been troubleshooting this a bit and have determined one problem is the USB Ethernet interface on the N72013 is NOT rndis0 - it is usb0
Have copied the script into a file, and been executing it that way - have gotten the PC to connect to the USB network and receive an IP from dnsmasq DHCP - however it does not seem to be forwarding traffic properly out onto my LAN for internet access...
Any ideas?

harmon25
2014-10-03, 01:17
got it working!
problem was a custom iptables chain natctrl_FORWARD with a DROP job in it
By deleting the drop job i managed to successfully forward traffic onto my LAN and through to the internet.
on the kalimenu Sniffing option the usb0 interface doesn't exist but it is most definitely the one to be using on the N72013
Here is the script i used that should work for other people :


#!/system/bin/sh
TMPDIR=/data/local/tmp
mkdir -p $TMPDIR
UPSTREAM_NS=8.8.8.8

# Check required tools
if ! busybox ls > /dev/null;then
echo No busybox found
exit 1
fi
if ! dnsmasq -v > /dev/null; then
echo No dnsmasq found
exit 1
fi
if ! busybox test -e /sys/class/android_usb/android0/f_rndis;then
echo "Device doesn't support RNDIS"
exit 1
fi
if ! iptables -V;then
echo iptables not found
exit 1
fi

# We have to disable the usb interface before reconfiguring it
echo 0 > /sys/devices/virtual/android_usb/android0/enable
echo rndis > /sys/devices/virtual/android_usb/android0/functions
echo 224 > /sys/devices/virtual/android_usb/android0/bDeviceClass
echo 6863 > /sys/devices/virtual/android_usb/android0/idProduct
echo 1 > /sys/devices/virtual/android_usb/android0/enable
# Check whether it has applied the changes
cat /sys/devices/virtual/android_usb/android0/functions
cat /sys/devices/virtual/android_usb/android0/enable

INTERFACE=usb0
# Wait until the interface actually exists
while ! busybox ifconfig $INTERFACE > /dev/null 2>&1;do
echo Waiting for interface $INTERFACE
busybox sleep 1
done

# Configure interface, firewall and packet forwarding
busybox ifconfig $INTERFACE inet 10.0.0.1 netmask 255.255.255.0 up
iptables -I FORWARD -i $INTERFACE -j ACCEPT
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE #added the output interface for forwarding...
iptables -D natctrl_FORWARD 1 #this was the problem - some rule on a custom chain stoping NAT forwarding, DELETE IT
echo 1 > /proc/sys/net/ipv4/ip_forward
dnsmasq -H /data/local/tmp/hosts -i $INTERFACE -R -S 8.8.8.8 -F 10.0.0.100,10.0.0.200 -x $TMPDIR/dnsmasq.pid
dnsmasq -C /sdcard/files/dnsmasq.conf -x $TMPDIR/dnsmasq.pid -i $INTERFACE

binkybear
2014-10-04, 20:52
@Harmon25 - Thank you for the script, it seems the N72013 wants to be different then everyone else....

The issue was being looked at here: https://github.com/offensive-security/kali-nethunter/issues/32 and we will adjust start-badusb to hopefully fix this in the future.

skycrazy
2014-10-04, 22:32
Thanks harmon25 and binkybear. (Sigh of relief) :D