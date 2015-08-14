Umap - The USB Host Security Assessment Tool
Umap is a python based tool that allows you to test the security of USB host implementations (ie, something you plug a USB device into, like a PC or a tablet).
It requires Python3 and pyserial.
Its primary function at the moment is a fuzzer with test cases based on a combination of data from standards documentation and the author's experience of where USB bugs are commonly found.
Umap requires a Facedancer board to enable devices to be virtualised in Python and presented to the target host. The firmware and basic Facedancer demo software can be downloaded here:
HOW TO RUN UMAP
Umap is written in Python so to run it just type:
$ sudo python3 umap.py
--------------------------------------- _ _ _ __ ___ __ _ _ __ | | | | '_ ` _ \ / _` | '_ \ | |_| | | | | | | (_| | |_) | \__,_|_| |_| |_|\__,_| .__/ |_| The USB host assessment tool Andy Davis, NCC Group 2013 Version: 1.01 Based on Facedancer by Travis Goodspeed For help type: umap.py -h --------------------------------------- Error: Facedancer serial port not supplied
Options:
--version show program's version number and exit -h, --help show this help message and exit -P SERIAL Facedancer serial port **Mandatory option** (SERIAL=/dev/ttyX or just 1 for COM1) -L List device classes supported by umap -i identify all supported device classes on connected host -c CLS identify if a specific class on the connected host is supported (CLS=class:subclass:proto) -O Operating system identification -e DEVICE emulate a specific device (DEVICE=class:subclass:proto) -v VID specify Vendor ID (hex format e.g. 1a2b) -p PID specify Product ID (hex format e.g. 1a2b) -r REV specify product Revision (hex format e.g. 1a2b) -f FUZZC fuzz a specific class (FUZZC=class:subclass:proto:E/C/A[:start fuzzcase]) -s FUZZS send a single fuzz testcase (FUZZS=class:subclass:proto:E/C:Testcase) -d DLY delay between enumeration attempts (seconds): Default=1 -l LOG log to a file -R REF Reference the VID/PID database (REF=VID:PID) -u update the VID/PID database (Internet connectivity required) Experimental Options: -A APPLE emulate an Apple iPhone device (APPLE=VID:PID:REV) -b VENDOR brute-force vendor driver support (VENDOR=VID:PID)
You might also like:
Post a Comment