MalDuino, a malicious USB dongle based on Arduino
Hack like Mr. Robot, with Arduino!
MalDuino is an Arduino-powered USB device which emulates a keyboard and has keystroke injection capabilities.
MalDuino is an arduino-powered USB device which has keyboard injection capabilities. Once plugged in, MalDuino acts as a keyboard, typing commands at superhuman speeds. What’s the point? You could gain a reverse shell, change the desktop wallpaper, anything is possible. For penetration testers, hobbyists and pranksters the MalDuino will serve you well!
In essence, it implements a BadUSB attack like USB Rubber Ducky, also appeared on Mr. Robot:
It’s still in crowdfunding stage, but has already been fully backed, so we anticipate full production soon.
In technical terms, it’s based on ATmega32u4 (like the Arduino Leonardo):
MalDuino is programmed via the arduino IDE using open source libraries. Scripts written in DuckyScript can easily be converted into code the MalDuino can understand.
Not only does this make it newb friendly, but also makes it possible for experienced arduino tinkerers to program it just like they would an Arduino.