The UMAP2 is a Python-based USB Host Security Assessment tool developed by NCC Group and the Cisco SAS team.
It has all the features supported by the first edition:
UMAP2EMULATE:USB Device Enumeration
Umap2scan: Usbhost Scan for device support
Umap2detect:usbhost Operating system detection (not yet implemented)
UMAP2FUZZ:USB Host Fuzzing
Additionally, additional features are added to this version:
Usbhost Fuzzing uses Kitty as the fuzzing engine
UMAP2 not only contains executable scripts, but also installs as packages and can be used in libraries
Note: UMAP2 is still a tool in the alpha phase. The API and executable file names are subject to change.
Installation
UMAP2 is a relatively early version and therefore cannot be installed through PyPI. The installation is currently using PIP:
$ Pipinstall GIT+HTTPS://GITHUB.COM/NCCGROUP/UMAP2.GIT#EGG=UMAP2
Ancillary functions
The UMAP2 features are listed in the setup.py file and are installed with UMAP2. However, for some devices you need to add support:
High-capacity storage
You need to add a disk image named Stick.img in the running directory.
MTP
1. Need to add a file/folder named Mtp_fs in the current directory
2. Python Package pymtpdevice,:https://github.com/binyaminsharet/mtp required
Case
Device enumeration
The basic function of UMAP2 is enumeration. The user can enumerate any of the existing USB devices (using the Umap2list command to view the available devices):
$ umap2emulate-p fd:/dev/ttyusb0-c Mass_storage
Or enumerate your own devices:
$ umap2emulate-p fd:/dev/ttyusb0-c ~/my_mass_storage.py
There will be a detailed guide to adding devices in the future, and users can view UMAP2 devices in the umap2/dev/directory.
Device Support Scan
The UMAP2 detects the type of USB device supported by the host. It completes the scan by simulating different devices and sending device-specific messages in a short period of time:
$ umap2scan-p fd:/dev/ttyusb0
Fuzzing
UMAP2 's fuzzing process consists of three steps, which may be written in a separate script in the future:
1. The user needs to determine the target host's message sequence and the emulated USB device:
$ umap2stages-p fd:/dev/ttyusb0-c keyboard-s keyboard.stages
2. Start Kitty Fuzzer in a separate shell and provide the first stage of the generated stages:
$ umap2kitty-s Keyboard.stages
3, open fuzz mode of UMAP2 keyboard simulation
$ umap2fuzz-p fd:/dev/ttyusb0-c Keyboard
After step three is executed, the fuzzing session begins.
* Original address:GitHub
UMAP2: Open source USB Host Security Assessment tool