Keystroke injection attacks with the ATtiny85
Вставка
- Опубліковано 4 чер 2023
- Setting the up Development Environment:
1. Download the Arduino IDE: www.arduino.cc/en/software
2. Additional Boards Manager URL: digistump.com/package_digistum...
3. Download the Digispark Drivers: github.com/digistump/Digistum...
Help the project grow with a Star or by following me on GitHub:
⭐ Repository ➡ github.com/t3l3machus/Synergy...
⚡️ Please subscribe and connect with me:
GitHub ➡ github.com/t3l3machus
Twitter ➡ / t3l3machus
LinkedIn ➡ / t3l3machus
Instagram ➡ / t3l3machus
💚 Respect on HackTheBox:
app.hackthebox.com/profile/87301
Bless you man!
You have shared some knowledge which will not only enlighten us but strengthen to protect ourselves and others.
Thanks for sharing your Knology and hard work, bless you
You are my fav on UA-cam platform 🔥
Great work!
Hey mn I love all ur tools 🙃
amazing video man!
Thanks for watching
🎉🎉🎉🎉
Great Video!
one question though, what about the payload after it executes in the victim system? Is it reboot persistent or do we need to plug it everytime when we need to execute it?
Unfortunately, this particular payload is not persistent. But you could develop a different payload that could survive a reboot and/or a user log off.
Hi.bro.please give a DigiSpark complete program to open android pin.so thanks.
I had just amazoned for this product after seeing tcm vedio of making a rubber ducky with this device he used a code from a github repository forgot the name it was in arguing and plugged the USB in having this device in it and it worked but then I thought won't a good av or even defender catch this in the first place or is it because using arduino code that it won't detect this device as doing something malicious as running a keyloger ??
This type of micro controllers (rubber ducky, ATtiny85, etc) are acting as a legit USB Keyboard, which is hard for AV software to detect. There are, though, other obstacles to worry about, for example, if you plug a keystroke injector to a machine that has caps lock turned on, any case sensitive part of the injected code will not work. Same goes for the active keyboard layout. If you plug it to a machine that has, e.g. the Greek keyboard layout enabled or some weird English variant, the injected characters will be messed up.
@@HaxorTechTones ohhk but won't the threat actor check is the capslock key is in keydown state and write code such a way to change that and keyboard layout can be more complex than the capslock problem I think . I just had a thought that simply pluging in an usb can it work or not cause av defender the point of all these things we pay money is to detect such activity write and I see like code that isn't even much obfuscated work past defender I thought how can that be . And I think now if a threat actor or a pentestor can physically be present and insert the USB directly into the system a lot of work could be avoided like phishing and all don't have to be done to gain access into any organization. He could insert the USB and rest could be history
@@firosiam7786 I think it's a completely different scenario to just plug a bad usb than having to also interact with a machine's keyboard. Given the circumstances, it might be convenient for a threat actor to plug in a usb without being noticed, even if monitored by CCTV / humans (e.g., sitting as a guest in someone's office with the tower/usb hub placed in a way that exposes its ports to guests). The injected payload will be scanned by the antivirus (AMSI will take care of that on Windows) and react accordingly, it just didn't occur in the example I recorded.
Can you create a video or a repo about obfuscating vba macros?
I'll try :)
@@HaxorTechTones thank you so much
arent vba macros useless now that theyre disabled by default?
@@rob2rox yes but it's good to play with
Hello! I really like your projects. Here are some tips for digispark that discovered. 1. You can skip 5 seconds delay at the begin by updating your frimware to old one. It is kinda risky but it worth it in my opinion.2. you can execute commands in win+r menu without oppening command prompt which can fix delay problem. Also you can find tutorials on Google for this things. Thank you for your work!
Cool, thank you :)
are you greek i am?