Feature: Hak5's Keystroke Reflection Exfoliation #89
Comments
|
Looks like the peripheral-side could be implemented by checking |
Yeah I believe that's how it's implemented in Hak5's Ducky as well. I read something about it watches the LED for a specific start sequence and then records the data. |
|
I've been looking at the HID API. I'm not sure yet if there is a way in the current API to get the data back from the host system. |
|
Just read the whitepaper on: HAK5 and they (probably) are using the numlock and capslock states, since those are sent from the computer to the keyboard. So numlock for the 1's and capslock for 0's or vice versa. Simple but effective idea. |
Not a bug, just a feature request.
It would be awesome if you could include Hak5's new Rubber Ducky Keystroke Reflection Exfiltration technique! It allows data Exfiltration WITHOUT the need for Mass Storage or Network. It works by converting your exfil data (text only? not sure) to a binary data stream and then toggling the keyboard LEDs (Caps Lock and Scroll Lock I think) to represent the 1's and 0's of the data stream, and the Rubber Ducky see's any keyboard status LED changes so it decodes and saves the the binary stream to the Rubber Ducky right along side the original payload (actually, it might store it as raw binary and you manual decode if afterwards, I'm not sure), without the Ducky ever having to be mounted as mass storage during the attack!
The text was updated successfully, but these errors were encountered: