Jump to content

Search the Community

Showing results for tags 'HID'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

  1. Hello! This is my first post ever, I just bought an Arduino Leonardo (this one BAD USB AMAZON), and it's working fine on windows, but when I try to plug it into a mac, the macbook prompts a window saying that I have to set up my keyboard (keyboard set up assistant) so, is there anyway of avoiding this step? And also I would like to know how to access to the arduino leonardo SD from the OS (windows and mac) to copy from the PC to the SD. Is it even possible? By the way all the code that I am writing is being developed on arduino ( C )
  2. In the spirit of April fools, I've thrown together a payload that will rick roll every device you plug into at a specified time. It types up a script in the terminal (which at the specified time will crank up the volume and rick roll the target), runs it, sends it to the background, and closes the terminal so that the process can sit until the trigger time. Let me know if you'd like to see this do anything more! https://github.com/hak5/bashbunny-payloads/pull/139
  3. Hi, I got this bash bunny for a while now, and i know there is a few new features even tho it seems dead, is there a way for the bunny to detect the keyboard language and then set itself to send it in the good language ? Thank you
  4. In order to provide a PoC that non-administrative access still can result in huge data breaches I present to you The Hidden PP Attack A one liner PoSh command that can be executed from a Teensy/Rubber Ducky which leaves the machine open to injections of PoSh code remotely. Quite happy with this project so I thought id drop it here. Ive lurked remotely without an account for some time without contributing, so... here you are https://simpleinfosec.com/2018/01/09/the-hidden-pp-attack-a-non-administrative-remote-shell-for-data-exfiltration/ https://github.com/secsi/HIDdenPPAtta
  5. Discussion thread for the RevShellBack payload. I've seen quite a few Rubber Ducky projects to do with getting a reverse shell running on a PC so that the shell can be accessed remotely on a different computer. But what got me thinking is this: the Bash Bunny is a full-on Linux ARM computer, right? It has netcat and it can do HID and ethernet simultaneously. So.. why not use that instead? At first, this payload will use a bit of HID trickery to hide itself from an observer as best as it can. As soon as it has done executing the final PowerShell command, HID is no longer used. User-de
  6. Testing the BashBunny for use on a physical pentest/red team engagement but noticing a huge problem with using this device for a real world assessment. Mainly, on a Windows 7 x64 desktop, the initial driver install process took over 2 minutes to install. After initial drivers are installed, my payload initializes and finishes within 10 seconds which is great if only I didn't have to install the drivers first... What makes this issue even worse is that the BashBunny doesn't wait until the drivers have been installed before executing the payload which means you need to unplug/re-plug the de
  7. Violation of CoC
  8. Well i'm not gonna lie I first saw this on another YouTube channel by the name Seytonic and I originally wasn't gonna show how to flash this and just demonstrate the various ducky code to Digispark code converters that came out since his video but I still hope you all enjoy and learn something from this video. PS: This device isn't as good as the USB Rubber Ducky but it's still very useful and cheap enough that if you lose it you got nothing to worry about. Click here for all links for all drivers and converters used in the video.
  9. Hi, There is something i dont understand with the bash bunny... i dont know i feel like its too hard for my brain to understand how it works compared to the Rubber Ducky so i need some help I have this on a rubber ducky its pretty basic and does what i want: Starting an admin powershell Asking for admin and THEN running my command ( download a file output that file and run it quietly ) DELAY 1500 GUI r DELAY 1000 STRING Powershell -WindowStyle Hidden -Command "Start PowerShell -WindowStyle Hidden -Verb RunAs ""& "(New-Object System.Net.WebClient).DownloadF
  10. Is there a way from the Bash Bunny shell to control what the Bash Bunny "does to" the host? For example, if my payload just checks the OS version, connects to a Bash Bunny shell and starts a new script based on that? As one simple example, determining Windows XP (UAC evasion not required) vs Windows 7+ could be useful. Another case might be defaulting to, and then unloading, the ECM_ETHERNET module and replacing it with the RNDIS if we detect that we are on Windows. I realize that the latter case might be better handled using the Switch to change payloads... but doing something like
  11. Discussion Thread for Root CA installer. (No Local Admin Rights necessary) current development via: https://github.com/jrsmile/bashbunny-payloads/tree/master/payloads/library/rooter (TESTED and Working) pull request waiting. small Howto create self-signed-root-ca: Create the Root Certificate (Done Once) Creating the root certificate is easy and can be done quickly. Once you do these steps, you’ll end up with a root SSL certificate that you’ll install on all of your desktops, and a private key you’ll use to sign the certificates that get installed on your various devices. Cr
  12. Hi, My problem is that when i tried : ATTACKMODE HID STORAGE DUCKY_LANG ca LED R B QUACK DELAY 1500 LED B QUACK GUI r LED G QUACK DELAY 1000 LED R FAST QUACK STRING Powershell -WindowStyle............insert the magic here QUACK ENTER LED R G B It stays blinking red fast... indefinitely tried a couple things but idk is it related to my language been bad ? because in the languages i do have all the languages...
  13. Violation of CoC
  14. I have recently found an article by Samy Kamkar regarding HID exploitation and was wondering which is better. (i understand preference but im more interested in the speed and flexibility aspect of the two as well as ease of deployment) Also, i was wondering if there was a way to turn a teensy into a faux Rubber ducky in regards to making it possible to use the Rubber Ducky coding language on a teensy?
  15. First off, thank you for creating such a remarkable device! I haven't stopped playing with this since it arrived yesterday afternoon. :) I have a USB keylogger from KeeLog.com and I either forgot the password or else there is something wrong with the unit. It's been a few years since I last played with it so I don't know what its issue is wrt the keyboard sequence. The way it works is that it passes though your keyboard to the host computer while logging the input. If you simultaneously press the secret keys, it will register the keylogger as a storage device. By d
  16. Violation of CoC
  17. So, I'm not sure what to make of this. Maybe it's nothing. My friend was setting up a bunch of dells and noticed this http://www.dell.com/support/home/us/en/04/Drivers/DriversDetails?driverId=5DD13 it looks like just another driver, but HID and BIOS got me wondering. I found this link http://h20564.www2.hp.com/hpsc/swd/public/detail?swItemId=ob_150812_1 that gives a better description. I couldn't find anything online about what BIOS HID commands there could be. Why would the BIOS need access to HID? If it does have access, what keys does it have, and how do computers i
  18. Is there a reason why hid attacks dont use copy and past? Like open cmd /open notepad /open txt from usb/ copy/ past to cmd/ ? is there a possibility that AV would detect the malicious code in the clipboard? Thanks -- lost my old account -thedeadhand
  19. Hey, folks. I've tried using my LAN Turtle on a few engagements now, and while it's nice to show it plugged into a computer in the report, I rarely get much love out of it, and the shell feels too slow to be useful (guess that's why it's called a LAN Turtle! - It's a really slow shell!) Anyway - The idea that I wanted to float today is whether or not it would be possible to turn the LAN Turtle into a "TwinTurtle", similar to the "TwinDuck" firmware for the USB Rubber Ducky, but in this case, the LANTurtle would continue to be a USB-to-Ethernet adapter as well as acting as a HID device, so you
  20. Hello Everybody! I introduce myself, I am new into the forum. I am just going to order my ducky in the few days but I have some questions. 1. The only avaiable ducky model at now is the deluxe one? 2. What is Twin Ducky? A mod for a normal (or deluxe) ducky? 3. Where are the scripts stored, micro SD card? Can I store files into the same micro SD (Twin Ducky is something like that i believe) 5. How is the support for Spanish keyboards? Official? Is it nice? 4. What is ducky encoder? Is it like a firmware for our duckys? Can I update it´s firmware? Thanks in advance everybody! PD: Do you
  21. Hello everyone, I am Cr0wTom and I recently posted in my channel a video about how to implement rubber ducky scripts in a vulnerable to BadUSB, USB thumb drive. I think that you will appreciate it here. I will be happy to hear your responce, here or in my videos commends. Feel free to subscribe :) Video Link: Thank you for watching!! (More videos to come)
  22. Hi to all, I am playing with this fantastic gadget and I very like it ! I ordered more than 10 usb and all works great. I am also working on a custom firmware so I had cloned the svn repository for compile the frmwares. Currently I am working on composite_duck firmware: Composite_Duck.zip. In this firmware I have notice a bug..that elaborate only 77-90 instructions. My operations are: --> open a notepad --> write text here. The maximum lenght that I can write into notepad is only 77 character. The character/instructions are hard-coded into the firmware.. trought the array ui_
  • Create New...