NEW CONTENT RANDOM THREAD Unread Post

Wireless Rubber Ducky

by penjagalilin - 05-05-2017 at 02:55 AM
penjagalilin
Hydrus
Hydrus
Posts:
28
Joined:
Jun 2016
Likes:
1
Reputation:
0
2 Year Of Member
#1
OP
Posted: 05-05-2017, 02:55 AM (This post was last modified: 06-21-2017, 04:34 AM by koboi. Edit Reason: typo judul )
WiFi Ducky

Untuk yang belum tau tentang USB Rubber Ducky, yaitu merupakan BadUSB tool yang dikomersilkan oleh HakShop. Bagi yang sering liat serial movie Mr Robot pasti pernah liat scene/adegan ini.

[Image: mrduck7.gif]

Beberapa waktu lalu ane bikin tutor cara buat BadUSB sendiri dengan Arduino Pro Micro (ATmega32U4) yang harganya jauh lebih murah dari USB Rubber Ducky. Bisa kalian coba lihat disini.
Kemudian setelah itu ane juga bikin WiFI Jammer dengan salah satu IoT Module, yaitu NodeMCU ESP8266. Kalian bisa liat juga disini.
Tapi belum lama setelah ane buat keduanya, muncul lagi rasa penasaran. Yaitu, bagaimana jika kedua device diatas disatukan? Tool apalagi yang bisa kita buat? Lalu beberapa saat setelah ngulik sana sini, akhirnya ane nemuin salah satu project di GitHub yang kurang lebih sejalur dengan rasa penasaran ane. Lanjot.

KONSEP

Jika pada Rubber Ducky biasa, kita perlu melakukan flashing tiap kali ingin merubah payload.

Dengan Wireless Rubber Ducky masalah itu kini teratasi. Cukup dengan tool ini yang tercolok ke target, akan tersedia Panel yang bisa diakses via internet browser. Kalian bisa melakukan LIVE ATTACK via Panel yang sudah tersedia dari jauh lewat smartphone/komputer kalian. Ada beberapa fitur menarik yang akan mempermudah penggunaan. Tak perlu flashing berkali - kali, cukup upload melalui panel kapanpun kalian mau.


ALAT & BAHAN

Sebelumnya kalian perlu punya :
1. Arduino Pro Micro (ATmega32U4).
2. ESP8266, bisa dibilang jenisnya lumayan banya, disini ane pake NodeMCU ESP8266.
3. Regulator 5V StepDown 3.3V AMS1117.
4. Kabel yang kecil banget, timah, solder, gunting, dan kopi serta sepiring pisang goreng hangat.

PEMBUATAN

Langsung yuk kita garap!

1. Soldering.
Kita perlu soldering dulu. Buat rangkaian seperti dibawah ini.

[Image: a878ddf7058947f5816a3733fe97b1f3.png]


2. Flashing Arduino Pro Micro
Soldering kelar? Lanjut download & install dulu Arduino IDE. Kemudian konekin Arduino Pro Micro dengan kabel USB ke komputer. Buka Arduino IDE.
Klik tab Tool > Board > Pilih Arduino/Genuino Micro.
klik tab Tool > Port > Pilih Port milik Arduino Pro Micro yang benar, bisa dilihat di Device Manager kalo Windows.

[Image: f86ed041f6ce43528ea35b39afdb4171.png]

Lalu kita flash dengan sketch dari :
https://gist.github.com/spacehuhn/b2b7d8...64fa7f4b36.
Nih sketch nya, copy aja di arduino ide, lalu klik Upload.
Code:
int program_pin = 12;
int enable_pin = 13;

void setup()
{
 Serial1.begin(115200);
 Serial.begin(115200);
 pinMode(enable_pin, OUTPUT);
 pinMode(program_pin, OUTPUT);
 digitalWrite(program_pin, LOW);
 digitalWrite(enable_pin,HIGH);
}

void loop()
{
 while(Serial1.available()){
   Serial.write((uint8_t)Serial1.read());
 }

 if(Serial.available()){
   while(Serial.available()){
     Serial1.write((uint8_t)Serial.read());
   }
 }
}
Tunggu sampai Upload done.


3. Flashing ESP8266
Cabut kabel USB, lalu colokin NodeMCU ESP8266 dengan kabel USB ke komputer. Sekarang giliran kita flash ESP8266 nya.
a. Download dulu tool flasher nya disini :
https://github.com/nodemcu/nodemcu-flasher/tree/master/Win32/Release (32bit)
https://github.com/nodemcu/nodemcu-flash...64/Release (64bit)
*sesuaikan dengan OS kalian.
b. Lalu download file .bin untuk ESP8266 nya disini :
https://github.com/spacehuhn/wifi_ducky/releases
Pilih versi v1.1 dan bernama esp8266_wifi_duck_4mb.bin
Jika udah didownload semua, buka ESP8266Flasher yang udah kalian download di poin (a) tadi.
- Pilih port milik nodemcu.
- Klik tab Config, klik tombol berlogo gerigi, kemudian pilih file esp8266_wifi_duck_4mb.bin yang udah kalian download di pin (b) tadi.
- Klik tab Advance, untuk Bautrate : 115200, Flash size : 4MByte, Flash speed : 80MHz, dan SPI Mode  : DIO.
- Balik ke tab Operation, lalu klik Flash(F).
- Tunggu sampe kelar.

[Image: 8a771106638a4898a299bb46c3ff8152.png]


4. re-Flashing Arduino Pro Micro
Cabut kabel USB nya. Trus konekin ke Arduino Pro Micro dengan kabel USB ke komputer. Lu kira udah kelar ngeflash pro micro nya? Belom! Udah nancep? Sekarang buka Arduino IDE lagi dan pastiin Port dan Type Board udah kalian periksa dengan benar.
Trus kita pake sketch dari sini :
https://github.com/spacehuhn/wifi_ducky/..._wifi_duck
Atau copy aja sketch dibawah ini ke Arduino IDE trus klik Upload.
Code:
#include <Keyboard.h>
#define BAUD_RATE 57200

#define ExternSerial Serial1

String bufferStr = "";
String last = "";

int defaultDelay = 0;

void Line(String _line)
{
 int firstSpace = _line.indexOf(" ");
 if(firstSpace == -1) Press(_line);
 else if(_line.substring(0,firstSpace) == "STRING"){
   for(int i=firstSpace+1;i<_line.length();i++) Keyboard.write(_line[i]);
 }
 else if(_line.substring(0,firstSpace) == "DELAY"){
   int delaytime = _line.substring(firstSpace + 1).toInt();
   delay(delaytime);
 }
 else if(_line.substring(0,firstSpace) == "DEFAULTDELAY") defaultDelay = _line.substring(firstSpace + 1).toInt();
 else if(_line.substring(0,firstSpace) == "REM"){} //nothing :/
 else if(_line.substring(0,firstSpace) == "REPLAY") {
   int replaynum = _line.substring(firstSpace + 1).toInt();
   while(replaynum)
   {
     Line(last);
     --replaynum;
   }
 } else{
     String remain = _line;

     while(remain.length() > 0){
       int latest_space = remain.indexOf(" ");
       if (latest_space == -1){
         Press(remain);
         remain = "";
       }
       else{
         Press(remain.substring(0, latest_space));
         remain = remain.substring(latest_space + 1);
       }
       delay(5);
     }
 }

 Keyboard.releaseAll();
 delay(defaultDelay);
}


void Press(String b){
 if(b.length() == 1) Keyboard.press(char(b[0]));
 else if (b.equals("ENTER")) Keyboard.press(KEY_RETURN);
 else if (b.equals("CTRL")) Keyboard.press(KEY_LEFT_CTRL);
 else if (b.equals("SHIFT")) Keyboard.press(KEY_LEFT_SHIFT);
 else if (b.equals("ALT")) Keyboard.press(KEY_LEFT_ALT);
 else if (b.equals("GUI")) Keyboard.press(KEY_LEFT_GUI);
 else if (b.equals("UP") || b.equals("UPARROW")) Keyboard.press(KEY_UP_ARROW);
 else if (b.equals("DOWN") || b.equals("DOWNARROW")) Keyboard.press(KEY_DOWN_ARROW);
 else if (b.equals("LEFT") || b.equals("LEFTARROW")) Keyboard.press(KEY_LEFT_ARROW);
 else if (b.equals("RIGHT") || b.equals("RIGHTARROW")) Keyboard.press(KEY_RIGHT_ARROW);
 else if (b.equals("DELETE")) Keyboard.press(KEY_DELETE);
 else if (b.equals("PAGEUP")) Keyboard.press(KEY_PAGE_UP);
 else if (b.equals("PAGEDOWN")) Keyboard.press(KEY_PAGE_DOWN);
 else if (b.equals("HOME")) Keyboard.press(KEY_HOME);
 else if (b.equals("ESC")) Keyboard.press(KEY_ESC);
 else if (b.equals("INSERT")) Keyboard.press(KEY_INSERT);
 else if (b.equals("TAB")) Keyboard.press(KEY_TAB);
 else if (b.equals("END")) Keyboard.press(KEY_END);
 else if (b.equals("CAPSLOCK")) Keyboard.press(KEY_CAPS_LOCK);
 else if (b.equals("F1")) Keyboard.press(KEY_F1);
 else if (b.equals("F2")) Keyboard.press(KEY_F2);
 else if (b.equals("F3")) Keyboard.press(KEY_F3);
 else if (b.equals("F4")) Keyboard.press(KEY_F4);
 else if (b.equals("F5")) Keyboard.press(KEY_F5);
 else if (b.equals("F6")) Keyboard.press(KEY_F6);
 else if (b.equals("F7")) Keyboard.press(KEY_F7);
 else if (b.equals("F8")) Keyboard.press(KEY_F8);
 else if (b.equals("F9")) Keyboard.press(KEY_F9);
 else if (b.equals("F10")) Keyboard.press(KEY_F10);
 else if (b.equals("F11")) Keyboard.press(KEY_F11);
 else if (b.equals("F12")) Keyboard.press(KEY_F12);
 else if (b.equals("SPACE")) Keyboard.press(' ');
 //else Serial.println("not found :'"+b+"'("+String(b.length())+")");
}

void setup() {
 
 Serial.begin(BAUD_RATE);
 ExternSerial.begin(BAUD_RATE);

 pinMode(13,OUTPUT);
 digitalWrite(13,HIGH);

 Keyboard.begin();
}

void loop() {
 if(ExternSerial.available()) {
   bufferStr = ExternSerial.readStringUntil("END");
   Serial.println(bufferStr);
 }
 
 if(bufferStr.length() > 0){
   
   bufferStr.replace("\r","\n");
   bufferStr.replace("\n\n","\n");
   
   while(bufferStr.length() > 0){
     int latest_return = bufferStr.indexOf("\n");
     if(latest_return == -1){
       Serial.println("run: "+bufferStr);
       Line(bufferStr);
       bufferStr = "";
     } else{
       Serial.println("run: '"+bufferStr.substring(0, latest_return)+"'");
       Line(bufferStr.substring(0, latest_return));
       last=bufferStr.substring(0, latest_return);
       bufferStr = bufferStr.substring(latest_return + 1);
     }
   }
   
   bufferStr = "";
   ExternSerial.write(0x99);
   Serial.println("done");
 }
}



Tunggu upload nya selesai. Dan udah gitu aja.


Gimana cara penggunaanya?



1. Colokin Wireless Rubber Ducky ke komputer target.
2. Connect kan smartphone/komputer kalian ke SSID milik Wireless Rubber Ducky, yang bernama WiFi Duck. Password nya adalah quackquack.
3. Buka internet browser, baiknya pake Chrome. Masuk ke IP 192.168.4.1 milik Wireless Rubber Ducky.
4. Enjoy. Ane rasa dari sini kalian bisa explore sendiri.

*Kalian juga bisa menerapkan payload rubberducky dari Hak5, kalo males bikin payload sendiri.
Hak5 Official RubberDucky Script/Payload : 
https://github.com/hak5darren/USB-Rubber...i/Payloads



Source :
https://github.com/spacehuhn/wifi_ducky

Jadi yah, sekian. Semoga bermanfaat. Terimakasih.
{There's no God in My Code}
Message
Reply
Find Posts
♔ koboi ♔
Administrator
Administrators
Posts:
91
Joined:
Mar 2016
Likes:
2
Reputation:
0
2 Year Of Member
#2
Posted: 05-05-2017, 03:34 AM
Perthamax (y)
Message
Reply
Find Posts
penjagalilin
Hydrus
Hydrus
Posts:
28
Joined:
Jun 2016
Likes:
1
Reputation:
0
2 Year Of Member
#3
OP
Posted: 05-05-2017, 04:28 AM
(05-05-2017, 03:34 AM)koboi Wrote: Perthamax (y)

gak salah kamar kan om? :D
{There's no God in My Code}
Message
Reply
Find Posts
aproxtime
Junior Member
Posts:
2
Joined:
May 2017
Likes:
0
Reputation:
0
2 Year Of Member
#4
Posted: 05-05-2017, 11:44 PM
ada cara lain selain solder - menyolder gak stah ? :D
Message
Reply
Find Posts
penjagalilin
Hydrus
Hydrus
Posts:
28
Joined:
Jun 2016
Likes:
1
Reputation:
0
2 Year Of Member
#5
OP
Posted: 05-06-2017, 02:48 AM
(05-05-2017, 11:44 PM)aproxtime Wrote: ada cara lain selain solder - menyolder gak stah ? :D

masa cmptr hckr cuman nyolder aja gamau ster? :*
{There's no God in My Code}
Message
Reply
Find Posts
aproxtime
Junior Member
Posts:
2
Joined:
May 2017
Likes:
0
Reputation:
0
2 Year Of Member
#6
Posted: 05-06-2017, 01:08 PM
(05-06-2017, 02:48 AM)penjagalilin Wrote:
(05-05-2017, 11:44 PM)aproxtime Wrote: ada cara lain selain solder - menyolder gak stah ? :D

masa cmptr hckr cuman nyolder aja gamau ster? :*
males aja :v kalau pake breadboard gk bisa kah ???
Message
Reply
Find Posts
penjagalilin
Hydrus
Hydrus
Posts:
28
Joined:
Jun 2016
Likes:
1
Reputation:
0
2 Year Of Member
#7
OP
Posted: 06-11-2017, 07:44 AM
bisa bangeet :v
{There's no God in My Code}
Message
Reply
Find Posts
Register an account or login to reply
Create an account
Create a free account today and start posting right away. It only takes a few seconds.
Login
Log into an existing account.
1 Guest(s)
Navigation
Latest News
Bugtracker
Team
Mark forum as read
Community
Banlist
Usergroups
Memberlist
Statistics
Help/Account
Help Documents and Rules
Contact
Login
Create an account
About Us
Forum Backbox Indonesia adalah salah satu media pembelajaran bagi siapa saja yang ingin belajar mengenai dunia Open Source khususnya untuk memperdalam Backbox Linux.
Posts:
971
Members:
1322
Threads:
199
Resources:
0
New :
spongebob