Great job on the new release! I'm working on getting all the hid language attacks working, if anyone got any input on that please give me a shout!
Thanks,
Si
Printable View
hey i was wondering if this was possible, so at my school if a teacher takes away your phone they sometimes give it to the princpal and he tries cracking the password. he has done this on ios and android, and i was thinking if it was possible that if he were to connect my phone to his PC that a script would run and trash it like a Fork bomb or a drive wiper, would this work or does this fall under badusb.
Edit:
Swearing
I actually like the idea of offensively defending my device. :D
Haven't tested it, but maybe it works with an event-trigger app (like AutomateIt) and running the hid-attack python script within a terminal...
Not sure if windows7/8 are vulnerable against fork bombs - IMHO a modern operating system should limit the number of processes per user. Also, not sure if a "format c:" or similar would work even in an elevated session. But I'm sure, a "funny" payload isn't the problem. ;)
My guess is, that starting cmd from your nethunter device is too slow, since your principal is most probably not just sitting in front of his computer and watches start menu and cmd popping up but kind of interacts with his pc, which would "disturb" the whole process of the hid-attack.
hmm.. thanks for your feedback, would a badUSB attack work better then since it executes silently.
I agree its an interesting idea, incorrect pin/password to unlock. Executes script. Although id rather it connect to a waiting msf listener and be more for if device was lost/stolen.
yo devs what do you think? would a self defence type thing be cool or a wast of time.
Anyone can make a tutorial video, how to make a new keyseed.py? I want to make hungarian layout for hid attack
teensy all the way or rubber ducky...........
teensy is more flexible and its cheaper.
a cool script for teensy
https://github.com/samyk/usbdriveby
Running the HID attack from terminal with "su" "bootkali start-rev-met --us --hid7cmd" clears the terminal, shows only cursor for 15 seconds and drops back to root@A0001.
Tried to run USB keyboard, this shows that the kernel isn't compatible.
When checking kernel it shows;
3.4.104
root@fringe #1
Sat jan 3 15:52
Anybody a idea what the issue could be? looks like right kernel as alfa on OTG is working :)
Serendipity - What device are you running?
Hi!
Sorry for the late reply, I'm rocking a bacon / one plus one 64gb.
Thanks for the help!
The teensy is great, solder it right into a brand new flashy keyboard then lay it somewhere IT usually can't resist especially if it has flashy light whoo :)
I know that people use base64 encoding and decoding for this most of the time to evade AV I made a project that you can use custom character sets to make it harder for AV
Simple C program
git clone https://github.com/lillypad/chameleon.git
cd chameleon
make
./chameleon --help
Enjoy :p
there should be an update to kali nethunter to make it more stable like teensy :confused:
Solved....
Feel free to leave feedback if something is broken or works. Thanks everyone!