Jump to content

antinfinait

Active Members
  • Content Count

    6
  • Joined

  • Last visited

About antinfinait

  • Rank
    Newbie

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I did a short static test for you.There also is an upcoming video to test the noise tolerance, recording it with my phone from farther back. LINK
  2. The ducky would directly type a powershell that would have a variable[base64 string, the loader]. Then it would write it. It will be faster to type because of compression, and the loader would run it directly in memory,so no file is dropped from a unsigned executable process file, that could trigger alarms.
  3. Thanks!! So first, the binaries are NOT infected. You can decompile them to see that(i recommended grabbing dnSpy from GitHub). Or, if you want to compile it yourself, you need Visual Studio with visual C#. These are the scans. Second, i made this program so it is very easy to use. Once in the main menu, you can use command 'a' to go to the exfiltration menu, and 'b' to decode. a- exfiltration - very easy to use. It will ask you for the file path, and then it will ask you for the filename of the output .wav file. The output is the data modulated into audio with FSK1200 (frequency shift keying, at a speed of 1200 bits per second). In fact, it is derived from AX. 25. You play the file and record the audio with an external device. Then you can decode it. b-decoding - straightforward as well, but it is [Work In Progress] . If the community finds it useful, i will make it much better. {the thing is that it interprets only UTF8 atm. So binary that is not UTF8 is left as a hex dump. The first chars are from the callerid(from AX. 25.I Will remove them in the future, you can delete them for now.)} I recommend compressing your files with LZMA if they are bigger. If someone wants to use a rubber-ducky with it, i can write a loader(1-2 kb) that has the main bin as a very compressed resource and then decompresses it and loads it into memory directly. SqueakyKitten is the only name i came up with, and a name suggestion would be greatly appreciated. Thanks for your reply. Have a nice day! ☺️
  4. Forgot to include virus scan for the bins: For the obfuscated assembly [0/26 CLEAN] For the non-obfuscated assembly [0/26 still FUD!]
  5. HELLO Hak5 COMMUNITY! This is my first thread. I have written a program that exfiltrates files over audio waves. Technical information: ======================= Protocol : AFSK1200 x25 packet radio Fire-And-Forget mod Baud rate: 1200bps stable(0.15 KBytes/second, 10 kilobytes/minute) Language : C# .NET 3.5 ======================= I have written this for the [Payload] segment of Hak5. As i am too poor to buy a rubber ducky[not kidding] ,it would be cool if someone would make a rubber ducky payload out of this. I am dreaming of a rubber ducky... This program takes as input a file, [binary data of any kind] and convert it to a .wav file, that would be then played, and the audio output would be recorded with a smartphone.Then, it takes a .wav input and converts it to a file [only supports utf8 ATM, if you plan on decoding other binary data, use minimodem or one of the tens of other FSK decoders out there]. THIS IS JUST A PoC script ! It proves that the concept of stealing files over audio is possible! Source Code Download for pre-build binary [merged and not obfuscated] : HERE Obfuscated assembly : HERE Hope you like it!
×
×
  • Create New...