5

Mark pointed out that only one chip type is vulnerable to BAD USB, id like to check if mine are, am using only Kingston flash drives here so can you tell me if they are, or if there exists a list somewhere i could check this? thank you.

schroeder
  • 123,438
  • 55
  • 284
  • 319
findulinRomosa
  • 51
  • 1
  • 3
  • Adam Caudill and Brandon Wilson demonstrated *Bad USB* at Derbycon and put their [exploit kit up on GitHub](https://github.com/adamcaudill/Psychson). Maybe you can use that code or someone develop a tester based on it? –  Apr 30 '15 at 14:24
  • 2
    *Mark pointed out that only one chip type is vulnerable* Only one? Can you [edit] and add a reference link? –  Apr 30 '15 at 14:24

2 Answers2

6

You need to determine what flash controller your device has. Different devices may have different controllers even if they have the same manufacturer - it seems to only depend on what the factory had at the time.

One way is to disassemble the device and read the label on the controller chip

Another (non-invasive) way is to use software such as ChipGenius. This can be found via Google on a number of Russian sites. Make sure to check your copy for malware. "usbdev.ru" is one source of usb software/firmware programming files.

After you know the controller in use, you can search around to see if it is vulnerable or use / modify the manufacturer's firmware flashing tool to flash your own firmware onto it. If you succeed then the device is probably vulnerable. If afraid of "badusb" I would avoid micro-controller based memory controllers and stick to those which use single use chips.

Similar research was performed into flash memory in SD cards a while before "badusb" emerged and this CCC talk is quite interesting. It explains the reasoning behind using micro-controllers because of flash quality / economics. Much of the information applies to USB flash drives as well.

Stu W
  • 612
  • 6
  • 17
  • Thanks for your reply, so if i check it using chip genius i would see in the controller section if the manufactor is phison and then i could guess that the USB device is vulnerable most likely, right? – Junior J. Garland Jul 15 '15 at 03:38
  • Yes - ish. It should tell you the exact model of Phision chip. You can then look for a firmware file and flasher for it. You may find a PoC for your chip or may not. If you can flash firmware or brick the device then I imagine it is likely vulnerable. Though I can't guarantee either way unless ASIC / ROM hardware (= not vulnerable) or there is a PoC for that chip (= vulnerable). – Stu W Jul 15 '15 at 10:32
0

A quick Google search indicates that you can't really find that out without dismantling the device. Manufacturers can change controllers for an existing product.

The best defence is to not use a USB device that you have not purchased yourself.

schroeder
  • 123,438
  • 55
  • 284
  • 319