Open in app

Sign in

Write

Sign in

Sleep
2 min readFeb 20, 2023

Facedancer USB Exploitation

#!/usr/bin/env python3
from USB import *
from USBDevice import *
from USBConfiguration import *
from USBInterface import *

class PwnUSBDevice(USBDevice):
    name = "USB device"

    def __init__(self, maxusb_app, verbose=0):
        interface = USBInterface(
                0,                      # interface number
                0,                      # alternate setting
                255,                    # interface class
                0,                      # subclass
                0,                      # protocol
                0,                      # string index
                verbose,
                [],
                {}
        )

        config = USBConfiguration(
                1,                      # index
                "Emulated Device",      # string desc
                [ interface ]           # interfaces
        )

        USBDevice.__init__(
                self,
                maxusb_app,
                0,                      # device class
                0,                      # device subclass
                0,                      # protocol release number
                64,                     # max packet size for endpoint 0
                0x0763,                 # vendor id
                0x1002,                 # product id
                0,                      # device revision
                "Midiman",              # manufacturer string
                "MidiSport 2x2",        # product string
                "?",                    # serial number string
                [ config ],
                verbose=verbose
        )

from Facedancer import *
from MAXUSBApp import *

sp = GoodFETSerialPort()
fd = Facedancer(sp, verbose=1)
u = MAXUSBApp(fd, verbose=1)

d = PwnUSBDevice(u, verbose=4)

d.connect()

try:
    d.run()
except KeyboardInterrupt:
    d.disconnect()

The Python script is used to emulate a USB device using a Facedancer board, which is a hardware platform designed for USB security research. The script creates a USB device with a single interface that is configured to emulate a MIDI device. This is accomplished using the Python USB library, which provides a simple way to create and interact with USB devices.

The script creates a PwnUSBDevice object which inherits from the USBDevice class. This object represents the emulated USB device and contains information such as the vendor ID, product ID, manufacturer, and product name. The device is configured to use a single interface that is assigned a class of 255, which is a reserved value that can be used for experimental purposes.

The script then creates a MAXUSBApp object, which is responsible for communicating with the Facedancer board over a serial connection. The MAXUSBApp object is passed to the PwnUSBDevice object as an argument, so that the USB device can send and receive USB packets using the Facedancer board.

Finally, the script connects to the emulated USB device and enters a loop that processes USB packets. This loop is responsible for receiving and responding to USB control requests, as well as handling data transfers to and from the device. The script can be interrupted with a keyboard interrupt, which will cleanly disconnect the emulated USB device.

In terms of the system it is used on, the script is intended to be run on a computer that has a Facedancer board connected to it. The Facedancer board provides the hardware interface between the emulated USB device and the computer, allowing the USB packets to be sent and received. The script is designed to work on any platform that supports the Python USB library, which includes Linux, macOS, and Windows.

Cybersecurity
Infosec
Zeroday
Sleep
Sleep

Written by Sleep

153 Followers
41 Following

https://www.linkedin.com/in/clumsy/ https://sleepthegod.github.io

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams