-
Notifications
You must be signed in to change notification settings - Fork 1
Events display
Mobile Badger is designed to run in full headless mode (without monitor, and without auto-logging on local console).
However, there is a way to control its activities - it supports some LED/LCD displays:
- Bakebit NanoHat OLED (for NanoPi-NEO2 devices)
- Pimoroni Blinkt! (for Raspberry Pi devices)
Here you will find a repository containing the current list of drivers, along with their documentation.
Data exfiltration takes time, especially when run on relatively slow device, instead on a normal computer. Therefore it is crucial to know, what is actually happening with this device:
- was the attached target drive properly recognized?
- was the user drive properly recognized and decrypted?
- is the exfiltration still running, or already finished?
- any other important events?
The easiest way to handle this, especially in the field use, is to use simple LED interface, that will show such event using multiple LED colors, eg.:
There are a few types of events:
- global events (ready, shutdown etc.)
- events regarding target drives (partition UUID registered in
/etc/drivebadger/drives/target.list
file) - events regarding MTP/PTP devices
- events linked to partition numbers
Global events, and events related to target drives
© Copyright 2020-2022 by Tomasz Klim Payload.pl