This project demonstrates the functionality of a Bad USB using the Digispark board. The system is designed to simulate a USB device (keyboard or mouse) that, when plugged into a target machine, executes a reverse shell payload. The payload downloads a malware script from GitHub, which creates a backdoor on the system for remote access.
This project was developed as part of an educational initiative in the field of IoT Security and Penetration Testing. It serves as a demonstration of the security vulnerabilities inherent in USB devices and the importance of securing IoT devices.
This demo video demonstrates the full attack flow, starting from plugging in the Digispark USB to successfully obtaining a reverse shell on the target machine.
Bad.USB.Project.Video.mp4
- Mohamed Saied : LinkedIn Profile
- Fady Mahrous: LinkedIn Profile
- Mohamed Hesham: LinkedIn Profile
- Yara Ahmed (Teaching Assistant): LinkedIn Profile
Special thanks to Yara for her invaluable guidance and support throughout the project. - Alyaa A. Hamza (Professor): LinkedIn Profile
- Nehal Anees Mansour (Professor): LinkedIn Profile
This project leverages the Digispark board to create a Bad USB device that mimics a keyboard or mouse when plugged into a system. The payload executed by this USB device connects back to an attacker-controlled server, granting remote access to the target machine.
- Digispark Board: A small, inexpensive USB microcontroller used to simulate a keyboard or mouse.
- Payload Script: A PowerShell or Bash script downloaded from GitHub that performs actions like downloading and executing additional malware (reverse shell).
- Listener Script: A Python-based listener that waits for incoming reverse shell connections from compromised machines.
- Plugging in the Digispark: When the Digispark USB device is connected to the target machine, it mimics a keyboard or mouse.
- Command Execution: The Digispark runs a pre-programmed script that executes a command to download a malicious payload from a GitHub repository.
- Reverse Shell: Once the payload is downloaded and executed, it establishes a reverse shell connection back to the attacker's listener script.
- Remote Control: The attacker can then interact with the compromised system through the reverse shell.
To set up the project on your local machine, follow these steps:
- Download and install the Arduino IDE.
- Install Digispark support in the Arduino IDE (follow this guide).
- Upload the
digispark.inocode to the board.
- Clone this repository to your local machine:
git clone https://github.com/your-username/bad-usb-project.git
- Modify the PowerShell or Bash payload scripts if needed (located in the
payloads/directory).
- Install the necessary library:
pip install requests
- Run the listener script to wait for incoming reverse shell connections:
python listener.py
This project is intended strictly for educational purposes and ethical hacking in controlled environments (such as penetration testing labs or red teaming exercises). Do not use this project on unauthorized systems or networks.
We welcome contributions to improve the project. Feel free to fork the repository and submit pull requests for new features or improvements.
- Fork the repository
- Create a new branch for your feature or bug fix
- Test your changes thoroughly
- Submit a pull request with a description of your changes
This project is licensed under the MIT License - see the LICENSE file for details.
For any questions or feedback, feel free to reach out to the project team through their LinkedIn profiles listed above.