𝘕𝘦𝘶𝘦𝘳 𝘉𝘭𝘰𝘨-𝘈𝘳𝘵𝘪𝘬𝘦𝘭: 𝗞𝗲𝘆𝗹𝗼𝗴𝗴𝗲𝗿 & 𝗕𝗮𝗱𝗨𝗦𝗕: 𝗔𝗶𝗿𝗗𝗿𝗶𝘃𝗲 𝗞𝗲𝘆𝗯𝗼𝗮𝗿𝗱 𝗪𝗶𝘇𝗮𝗿𝗱 𝗪𝗶𝗙𝗶 📖

➡️ Ich habe mir wieder eine neue Hardware besorgt: den AirDrive Keyboard Wizard WiFi. Diese kleine Hardware sieht aus wie ein USB-Tastaturadapter. Im Inneren befindet sich neben einem Hardware-Keylogger auch eine BadUSB-Funktion. Damit kann der Adapter eigenständig Tastatureingaben tätigen. Ich habe mir die Hacking-Hardware genauer angeschaut.

Zum Artikel: https://scheible.it/keylogger-badusb-airdrive-keyboard-wizard-wifi/

#HackingHardware #Innentäter #Keylogger #BadUSB

https://scheible.it/keylogger-badusb-airdrive-keyboard-wizard-wifi/

This #Linux #Kernel #Patch Protects You From #Malicious #USB #BadUSB #Privacy #Security #yt

https://youtu.be/tLKOH-CUWyI

Rubber Dolphy; FipplerZero BadUSB with exfiltration capabilities on device via Mass Storage already tested on a Mac OS Ventura 13.7.8 with an Intel processor.

Screencast demo on the repo: https://github.com/carvilsi/rubber-dolphy?tab=readme-ov-file#macos

DuckyScript for it: https://github.com/carvilsi/rubber-dolphy/blob/main/ducky_scripts_examples/exfiltration_macos_poc.txt

Still wondering how will work on a new Mac OS ARM processor. Please if someone could test it I will appreciate :)

#flipperZero #badusb

Rubber Dolphy

A PoC about BadUSB for FlipperZero with exfiltration capabilities on device via mass storage

The idea is to have a way to copy some data into FlipperZero when using it as BadUsb device, to perform data exfiltration.

Right now the project it's in a early code stage (it's just a hack), not more than a PoC and kind of "only works on my computers", I tested it on a Arch Linux and on a Windows 11 computer. Testing this on a Mac OS still on the TODO list.

Please looking for testers.

More info: https://github.com/carvilsi/rubber-dolphy

#flipperZero #testing #badusb

Just released Rubber Dolphy PoC.

The idea is to have a way to copy some data into FlipperZero when using it as BadUsb device, to perform data exfiltration.

https://github.com/carvilsi/rubber-dolphy

#flipperZero #badusb #dataexfiltration #duckyscript #cutreLabs

#usbguard #linux #badUSB

https://wiki.archlinux.org/title/USBGuard

https://web.archive.org/web/20260321192348/https://pulsesecurity.co.nz/advisories/usbguard-bypass

Added new release v1.2.0 to flipper0-badUSB-linux-tester; Test your Flipper Zero BadUSB DuckyScripts without uploading payload into device

Now with more nice and consistent cli arguments.

🤔 pondering about add a new feature to compose DukyScripts based on other template scripts.

Something like:

```
REM This is an example of external script
EDS <open_terminal.txt>

STRING echo "The world is all that is the case"
```

and on open_terminal.txt content:
```
REM try to find and open a terminal
STRINGLN sh -c "xdg-terminal-exec||kgx||ptyxis||gnome-terminal||mate-terminal||xfce4-terminal||tilix||konsole||xterm||wezterm-gui"

DELAY 500
```

So it will create a new duckyScript based on small templates script, then test it locally and later upload it the duckyScript to flipperZero for definitive testing.

What do you think?

https://github.com/carvilsi/flipper0-badUSB-linux-tester

#badusB #flipperZero #duckyScript

Added more commands from FlipperZero DuckyScript to flipperZero badUSB tester for Linux.

ESC | ID | ALT | F2

By now I think that this is quite enough to cover my testing expectations.

https://github.com/carvilsi/flipper0-badUSB-linux-tester

#flipperZero #badUSB

Just published: flipper0badusb_test

Test on Linux your Flipper Zero BadUSB Scripts without loading the payload onto the Flipper device.

After experimenting for a while and writing some BadUSB Ducky scripts on Flipper Zero, I felt a bit overwhelmed by the workflow every time I wanted to test a change in the script. I've been searching and testing some other solutions but I found lot of issues related with Linux graphical environment permissions and I decided to write something simple to test and write my FlipperZero's DuckyScripts.

https://github.com/carvilsi/flipper0-badUSB-linux-tester

#flipperZero #flipper #badusb #testing