Search the Community
Showing results for tags 'exfiltrate'.
Hi, I just ordered my Bash Bunny, and while I'm waiting for it, I'm gathering info for my project. On the github, there is a payload to loot data from a Windows host and I would like to do the same for an Android phone. The idea will be to use adb to extract the data, but if the Debug Mode is not on (mostly the case for normal users) you can't really use adb. I have a Galaxy S5 mini (Android 4.4 I think) to test my code on. The idea is to proceed like below: 1/ Being able to steal data from an -unlocked- phone with Debub mode enable (I think this part is easy :) ).
tl;dr- Add logic to the RD to monitor key lock values. Use this for functions like file transfer. Because I wanted to see if I could, I wrote a VBScript to transmit a file using the Scroll lock, Caps lock, and Num lock keys. As it turns out, if you record the data with a fast enough camera you can decode the bits and reproduce the transmitted file. Unfortunately, to make it feasible for a camera to pickup the LED fluctuations and and then for a human to interpret the blinks, the transfer rate is very slow. In fact, if you have the time and ability to use a camera to record the computer