16 matches found
Exploit for Improper Authentication in Google Android
DEDSECBKIF DEDSECBKIF is a keystroke injection tool for Androi...
WiFi-password-stealer - Simple Windows And Linux Keystroke Injection Tool That Exfiltrates Stored WiFi Data (SSID And Password)
Have you ever watched a film where a hacker would plug-in, seemingly ordinary, USB drive into a victim's computer and steal data from it? - A proper wet dream for some. Disclaimer : All content in this project is intended for security research purpose only. Introduction During the summer of 2022,...
Powershell-Backdoor-Generator - Obfuscated Powershell Reverse Backdoor With Flipper Zero And USB Rubber Ducky Payloads
Reverse backdoor written in Powershell and obfuscated with Python. Allowing the backdoor to have a new signature after every run. Also can generate auto run scripts for Flipper Zero and USB Rubber Ducky. usage: listen.py -h --ip-address IPADDRESS --port PORT --random --out OUT --verbose --delay...
USB “Rubber Ducky” Attack Tool
The USB Rubber Ducky is getting better and better. Already, previous versions of the Rubber Ducky could carry out attacks like creating a fake Windows pop-up box to harvest a users login credentials or causing Chrome to send all saved passwords to an attackers webserver. But these attacks had to ...
Exploit for Out-of-bounds Write in Polkit_Project Polkit
pwnKit About: Title: pwnKit Description: Privilege esc...
Exploit for Out-of-bounds Write in Polkit_Project Polkit
pwnKit About: Title: pwnKit Description: Privilege esc...
CVE-2021-41096
Rucky is a USB HID Rubber Ducky Launch Pad for Android. Versions 2.2 and earlier for release builds and versions 425 and earlier for nightly builds suffer from use of a weak cryptographic algorithm RSA/ECB/PKCS1Padding. The issue will be patched in v2.3 for release builds and 426 onwards for...
CVE-2021-41096
Rucky is a USB HID Rubber Ducky Launch Pad for Android. Versions 2.2 and earlier for release builds and versions 425 and earlier for nightly builds suffer from use of a weak cryptographic algorithm RSA/ECB/PKCS1Padding. The issue will be patched in v2.3 for release builds and 426 onwards for...
Security feature bypass
Rucky is a USB HID Rubber Ducky Launch Pad for Android. Versions 2.2 and earlier for release builds and versions 425 and earlier for nightly builds suffer from use of a weak cryptographic algorithm RSA/ECB/PKCS1Padding. The issue will be patched in v2.3 for release builds and 426 onwards for...
CVE-2021-41096
The CVE-2021-41096 entry concerns the Rucky Android USB HID Rubber Ducky Launch Pad. Affected releases (versions 2.2 and earlier for release builds; 425 and earlier for nightly builds) use a weak cryptographic algorithm (RSA/ECB/PKCS1Padding) for encryption. The issue is addressed in v2.3 for rel...
Android_Hid - Use Android As Rubber Ducky Against Another Android Device
Use Android as Rubber Ducky against another Android device HID attack using Android Using Android as Rubber Ducky against Android. This is not a new technique, just a demo how to perform HID attack using Android instead of rubber ducky. For targeted Android device it is not necessary to be rooted...
Ducky-Exploit - Arduino Rubber Ducky Framework
Ducky Exploit is python framework which helps as to code Digispark as Rubber Ducky. This script has been tested on KaliLinux 18.2 Ubuntu 18.04 Windows Works with both Python2 and Python3 Installation Ubuntu and Kali Usage git clone https://github.com/itsmehacker5/Ducky-Exploit.git cd Ducky-Exploi...
EvilOSX - An Evil RAT (Remote Administration Tool) For macOS/OS X
An evil RAT Remote Administration Tool for macOS / OS X. Features Emulate a terminal instance Simple extendable module system No bot dependencies pure python Undetected by anti-virus OpenSSL AES-256 encrypted payloads Persistent GUI and CLI support Retrieve Chrome passwords Retrieve iCloud tokens...
Bad Ducky - Rubber Ducky Compatible Clone Based On CJMCU BadUSB HW
Bad Ducky is yet another Rubber Ducky clone. It is based on CJMCU BadUsb ATMEGA32u4 - Arduino Leonardo clone board with onboard card reader, which you can buy on ebay or aliexpress. My goal was to create something compatible with Rubber Ducky scripts, while having ability to easily choose which...
P4wnP1: A Open Source USB Attack Platform
PenTestIT RSS Feed As of now, hardware security projects seem to be attracting me more than software based projects. Evidently, I wrote a few posts covering them - List of Portable Hardware Devices for Penetration Testing, List of Raspberry Pi DIY Projects for Anonymity, etc. among other awesome...
Regsvr32.exe (.sct) Command Delivery Server
This module uses the Regsvr32.exe Application Whitelisting Bypass technique as a way to run a command on a target system. The major advantage of this technique is that you can execute a static command on the target system and dynamically and remotely change the command that will actually run by...