Tips on how to Hack Pc programs Over Wi-Fi with the WiFi Duck Payload Deliverer

The USB Rubber Ducky is a well-identified hacking instrument in the cybersecurity industry, however it really wants to be preprogrammed forward of it might perchance probably perchance perchance be dilapidated. Meaning it’s tough to narrate instructions to a target computer because that you just can’t interact with it from afar after plugging it in. And while you develop no longer know what the target computer is, it’s seemingly you’ll perchance perchance perchance come up empty. That is the set aside the WiFi Duck turns out to be handy.

The WiFi Duck is a project created by Stefan Kremser, in most cases identified as Spacehuhn. With it, that you just may also shuffle the WiFi Duck correct into a target computer that is exposed even for obliging a minute, then connect to it over Wi-Fi from one other instrument to narrate whatever payloads it’s seemingly you’ll perchance perchance perchance own ready or can fabricate forward of it’s seemingly you’ll perchance perchance perchance own to disconnect.

The advantage is which that you just may also connect to a slick web interface, save your own codes, and trail them one after the opposite, or write code on the hover to cause outcomes on the computer that it’s seemingly you’ll perchance perchance perchance no longer own intended forward of you knew what used to be on the computer. For instance, while you did now not know the working system. Or if there own been totally different variables it’s seemingly you’ll perchance perchance now not fable for forward of in level of fact seeing the target computer.

  • Don’t Miss: Hack MacOS with Digispark Ducky Script Payloads

To make utilize of the Wi-Fi Duck, are trying so that you just can set aside to it thru Wi-Fi. So which that you just may also connect it to your computer and preload it with many a entire lot of Ducky Script payloads. It is seemingly you’ll perchance perchance be in a scheme to then connect it to a target instrument in the exact world, connect to its community from your smartphone, then trail instructions you had ready or can write in exact-time.

Parts Most significant

Whenever you happen to develop no longer want to manufacture your own, there are boards pre-flashed with the obliging WiFi Duck instrument, which that you just may also take dangle of from AliExpress, DSTIKE, or Tindie for $27 plus shipping that might perchance perchance trail from $6 or extra hoping for your predicament. It ships from China, which might perchance perchance no longer be helpful while you dwell in the U.S. For quicker shipping, that you just may also win a DSTIKE WiFi Duck on Amazon for $39.99 and free shipping.

  • Possess on Amazon: DSTIKE WiFi Duck USB Keyboard for $39.99

For the extra adventurous kind, a WiFi Duck will doubtless be built utilizing just a few microcontrollers. First, it’s seemingly you’ll perchance perchance need an ATmega32U4-primarily based mostly board much like an Arduino Leonard or a Pro Micro. This would be the board that acts as the USB keyboard for enter. We dilapidated the Pro Micro listed beneath because a Leonard board is a limited bigger, and portability is a hacker’s handiest obliging friend.

  • Possess on Amazon: Pro Micro ATmega32U4 Module for $11.99
  • Possess on Amazon: Arduino Leonard ATmega32U4 Module for $13.99

The next microcontroller wants to be both an ESP8266 or ESP8285, much like the NodeMCU or D1 Mini. Right here’s the board that acts as the Wi-Fi access level. Designed for wearables, the ESP8285 is a smaller model of the ESP8266 with less flash reminiscence. Again, we wanted a smaller prototype, so we went with some of the D1 Minis beneath.

  • Possess on Amazon: D1 Mini ESP8266 Board for $8.99
  • Possess on Amazon: D1 Mini ESP8285 Board for $10.99
  • Possess on Amazon: NodeMCU ESP8266 Board (3 Pack) for $13.49
  • Possess on Amazon: NodeMCU ESP8285 Board (2 Pack) for $11.49

Other than that, it’s seemingly you’ll perchance perchance want a breadboard to manufacture a prototype, jumper wires, and a Micro-USB cable while you develop no longer already own one. For the Micro-USB cable, create obvious that it’s one which is every for charging and knowledge transfer. Or no longer it’s onerous to teach, however just a few of your conventional cords laying round will doubtless be charging-handiest, and likewise it’s seemingly you’ll perchance perchance know when that you just can’t win any of the MCUs above as a port later. It is seemingly you’ll perchance perchance be in a scheme to also utilize an non-compulsory NeoPixel (WS2812b) or Dotstar (APA102) LED.

  • Possess on Amazon: Solderless Prototype Breadboards (Varied Sizes) for $8.99
  • Possess on Amazon: Varied Jumper Wires for $7.99
  • Possess on Amazon: Nylon Braided Micro-USB Data Cable for $3.96
  • Possess on Amazon (non-compulsory): Neopixel-Vogue LEDs (100 Pack) for $15.89

In relate so that you just can solder the two microcontrollers together, that you just may also utilize one of those printed circuit board designs to create your own PCBs and solder the two parts together.

  • On EasyEDA: Win for D1 Mini + Pro Micro
  • On EasyEDA: Win for NodeMCU + Pro Micro

Tool Most significant

To push the total code to the two microcontrollers, it’s seemingly you’ll perchance perchance need the Arduino IDE, which works for Linux, macOS, and Windows, so create obvious that to set up that while you develop no longer already own it. Moreover, it’s seemingly you’ll perchance perchance want to own an up to this level model of Python 3 for your system for the reason that code we will push to the ESP8266 might perchance perchance well no longer add accurately with out it.

Whereas we develop no longer counsel inserting in any drivers because that you just may also merely no longer need them, while it’s seemingly you’ll perchance perchance perchance own disorders later connecting to your boards and know it’s no longer attributable to the Micro-USB cable, are trying inserting in the CP210x USB to UART Bridge VCP driver and/or the CH340 driver. With any luck, one or every of those will finish the trick.

Step 1: Assemble the Wi-Fi Duck

To connect the ESP8266 and ATmega32U4, we will be working with a breadboard and jumper wires. So space every MCU on the breadboard, then utilize jumper wires to create the next pin connections.

  • D1 or GPIO 5 (ESP8266) to 3 or SCL (ATmega32U4)
  • D2 or GPIO 4 (ESP8266) to 2 or SDA (ATmega32U4)
  • GND (ESP8266) to GND (ATmega32U4)
  • 5V (ESP8266) to RAW (ATmega32U4)

Whenever you happen to might perchance perchance well own a NeoPixel LED, also create these connections:

  • VCC (NeoPixel) to VCC (ATmega32U4)
  • GND (NeoPixel) to GND (ATmega32U4)
  • DI (NeoPixel) to 7 (ATmega32U4)

Without the LED, it’ll soundless take into fable esteem this:

Image by Retia/Null Byte

In case your boards own DIP switches on them, create obvious that to investigate cross-check our Cyber Weapons Lab video at round 7: 14 to learn which positions the switches must soundless be in for programming and working modes.

Step 2: Prepare the Arduino IDE

Next, now we own to configure the Arduino IDE to work with every boards. Trek to “Arduino” in the menu, then “Preferences.” Within the Further Boards Manager URLs box, add the next two URLs, and click on “OK.”

  • https://uncooked.githubusercontent.com/spacehuhn/hardware/master/wifiduck/package_wifiduck_index.json
  • https://arduino.esp8266.com/steady/package_esp8266com_index.json

Now, move to “Tools” in the menu, fly over “Board,” then make a selection out “Boards Manager.” Map a explore “wifi duck,” then set up every the WiFi Duck AVR Boards and WiFi Duck ESP8266 Boards alternatives. Whenever you happen to already own them, create obvious that they’re up to this level. Click “Discontinuance” when carried out.

Step 3: Acquire the WiFi Duck Repo

To win the code for every the ESP8266 and ATmega32U4, win the WiFi Duck repository as a zip file from GitHub. It is seemingly you’ll perchance perchance be in a scheme to win it on the next link. Then unzip it for your computer.

  • github.com/spacehuhn/wifiduck

Step 4: Flash Code to the ATmega32u4

From the repo you obliging extracted, move into the atmega_duck folder, then inaugurate the atmega_duck.ino file in the Arduino IDE. No adjustments to the code are mandatory. With it inaugurate in Arduino IDE, move to “Tools” in the menu, fly over “Board,” then “WiFi Duck AVR,” and opt the board that it’s seemingly you’ll perchance perchance perchance own.

Join the ATmega32u4 board to your computer thru your Micro-USB cable, then make a selection out its port in the “Port” choice in the “Tools” menu. Whenever you happen to develop no longer peep your board’s serial port relate up, the principle thing it’s top to soundless finish is create obvious that you just are utilizing a upright Micro-USB cable. I had about 5 cables, and handiest one of them ended up working with knowledge transfers.

Whenever you happen to are carried out, click the “Add” button in the project to flash this plan to the board. Then obliging stay up for the code to total flashing over; it’s seemingly you’ll perchance perchance win a notification on the backside of the project.

Step 5: Flash Code to the ESP8266

Now it’s time to flash the code to your ESP8266. From the repo, move into the esp_duck folder, then inaugurate the esp_duck.ino file in the Arduino IDE. No adjustments to the code are mandatory. With it inaugurate in Arduino IDE, move to “Tools” in the menu, fly over “Board,” then “WiFi Duck ESP8266,” and opt the board that it’s seemingly you’ll perchance perchance perchance own.

After disconnecting the ATmega32U4, connect the ESP8266 board to your computer thru your Micro-USB cable, then make a selection out its port in the “Port” choice in the “Tools” menu. Again, while you develop no longer peep your board’s serial port relate up, test that you just are utilizing a upright Micro-USB cable.

Whenever you happen to are carried out, click the “Add” button in the project to flash this plan to the board. Then obliging stay up for the code to total flashing over; it’s seemingly you’ll perchance perchance win a notification on the backside of the project.

Step 6: Join & Hotfoot Your First Script

With every little thing flashed, disconnect the ESP8266 from your computer, then connect ATmega32U4 relieve up with the Mini-USB cable. To your computer, alternate your Wi-Fi connection to the community known as “wifiduck” and utilize “wifiduck” as the password.

It is seemingly you’ll perchance perchance well no longer own any cyber web, however it’s seemingly you’ll perchance perchance be communicating with your WiFi Duck setup. And in case your target computer is much like your computer, that you just may also fabricate your payloads forward of time and take a take into fable at them out for your computer to create obvious that they work.

Once on the helpful-looking out community, inaugurate a browser and consult with 192.168.4.1. This interface will can relief you to total issues esteem trail the instrument, save scripts, and extra. To alternate the WiFi community’s name, click on “Settings,” then alternate the SSID and password.

Now, that you just may also return to the principle menu to jot down, save, and trail Ducky Script payloads. There are reference scripts so that you just can play with and a key for the total capabilities readily on the market to attend write your own payloads. To total one thing in level of fact easy, in the Editor, are trying “GUI SPACE” while you raze up on a Mac. Whenever you happen to trail that script, Highlight Search must soundless pop up.

GUI SPACE

To enlarge that, that you just may also add “STRING null-byte.com” to own “google.com” seem in the Highlight Search box.

GUI SPACE STRING null-byte.com

To inaugurate a Terminal window, alternate the URL to “terminal” and add “ENTER.” Then, add a “DELAY 2000” so as which that you just may also write one thing esteem “STRING whoami.” That will populate a Terminal window with whoami. It is seemingly you’ll perchance perchance be in a scheme to add one other extend and “ENTER” to in level of fact trail the relate.

GUI SPACE STRING null-byte.com ENTER DELAY 2000 STRING whoami DELAY 2000 ENTER

Now, to ascertain it out in an real-world disaster, connect your computer relieve to your traditional Wi-Fi community so that you just may also access the cyber web. With the WiFi Duck soundless plugged into your computer, move onto one other instrument much like your smartphone, connect to the WiFi Duck’s community, consult with 192.168.4.1, then trail any of your scripts. And here’s the set aside I could move away you to debris round.

Screen photo and screenshots by Retia/Null Byte