USB Armory MkII Tutorial 1
Published:
How to use USB Armory MkII (Part 1 Boot the device)
Since I didn’t find very strightforward tutorial on USB Armory MK2, I deceided to write my own. Many of the steps and ideas can be applied to other embedded devices.
How to start?
In order to use the USB armory it is possible to either load a Debian linux disk image, or load a program uses Tamago framework on bare metal ARM System-on-Chip (SoC). the latter option allows you to run your program without the support of OS. The eaisest way one should start with is a pre-compiled Debian linux. Debian for usbarmory . You can of course build your the Debian image from the scratch, but I havent done that yet build from scratch.
Flash the OS to micro-sd card
usbarmory-mark-two-usd-debian_bookworm-base_image-20240702.raw.xz Once you finish download, unzip it and use Etcher to load the image on a micro-sd card. Etcher is an open-source and free app on Windows OS used for writing image files onto storage media. Loading image under Linux takes a few more steps.
On Linux (verify target from terminal using dmesg):
sudo dd if=<path to raw file> of=/dev/sdX bs=1M conv=fsync
IMPORTANT: <path to raw file> must be replaced with the uncompressed raw file (e.g. not the .xz file) matching your USB armory model and boot media.
IMPORTANT: /dev/sdX, /dev/diskN must be replaced with your microSD device (not eventual microSD partitions), ensure that you are specifying the correct one. Errors in target specification will result in disk corruption.
NOTE: Remember to uncompress the downloaded image file before imaging.
after flashing the OS, plug in the sd card to usbarmory.
Plug in
Now we have an image of Debian linux in the sd card. Before connect usb armory to PC, lets set up debug accessory that comes with the usb armory package. NOTE: the connection between the debug accessory and the target is supported only with the same orientation for both top layers (side with components(uart header) for the accessory, side with LEDs for the USB armory). Also, remember to cap the jumper header at the location of uart on the debug accessory PCB. Open up the terminal, use either screen or picocom to monitor the stdout from the usb armory
sudo screen /dev/ttyUSB0 115200
sudo picocom -b 115200 -eb /dev/ttyUSB2 --imap lfcrlf
This is the output of lsusb command on the host machine.
$ lsusb
Bus 001 Device 045: ID 0525:a4a2 Netchip Technology, Inc. Linux-USB Ethernet/RNDIS Gadget
now connect debug accessory to the mk2 and connect both of them to your pc. you should be able to see the output about booting process, and in the end, login prompt asking for the id and password. the default id and password is usbarmory. This concludes the first part of the tutorial. IN the next part, we will talk about how to ssh and also enable the network forwarding from the USB armory to the host machine.