Permalink
Browse files

updating readme with more resources

  • Loading branch information...
whid-injector committed Sep 3, 2018
1 parent ef0d949 commit d042af864385273d78c027cc69221a04d8584bd5
Showing with 27 additions and 10 deletions.
  1. +27 −10 README.md
View
@@ -1,16 +1,16 @@
# WHID Injector #
[![Black Hat Arsenal Europe](https://github.com/toolswatch/badges/blob/master/arsenal/europe/2017.svg)](http://www.toolswatch.org/2018/01/black-hat-arsenal-top-10-security-tools/) [![ToolsWatch Best Tools](https://github.com/toolswatch/badges/blob/master/toptools/2017.svg)](http://www.toolswatch.org/2018/01/black-hat-arsenal-top-10-security-tools/)
[![Black Hat Arsenal Europe](https://github.com/toolswatch/badges/blob/master/arsenal/europe/2017.svg)](http://www.toolswatch.org/2018/01/black-hat-arsenal-top-10-security-tools/) [![Black Hat Arsenal USA](https://github.com/toolswatch/badges/blob/master/arsenal/usa/2018.svg)](https://www.blackhat.com/us-18/arsenal/schedule/index.html#whid-injector-and-whid-elite-a-new-generation-of-hid-offensive-devices-10459) [![ToolsWatch Best Tools](https://github.com/toolswatch/badges/blob/master/toptools/2017.svg)](http://www.toolswatch.org/2018/01/black-hat-arsenal-top-10-security-tools/)
WiFi HID Injector for Fun & Profit
**WiFi HID Injector for Fun & Profit**
Hardware Design Author: Luca Bongiorni - https://twitter.com/lucabongiorni
Initial sw based on ESPloit by Corey Harding of www.LegacySecurityGroup.com
Available at**:
**For Sale at:****
* [Aliexpress Shop](https://www.aliexpress.com/item/Cactus-Micro-compatible-board-plus-WIFI-chip-esp8266-for-atmega32u4/32318391529.html)
* [Tindie Shop](https://www.tindie.com/products/aprbrother/cactus-whid-wifi-hid-injector-usb-rubberducky)
@@ -19,6 +19,12 @@ Available at**:
**The Author has no profit out of the Cactus WHID sales.
# Generic Overwiev #
[![WHID's Talk @ HackInParis 2018](https://raw.githubusercontent.com/whid-injector/WHID/master/tools/images/HiP_2k18.png)](https://www.youtube.com/watch?v=ADqMCKtufNY)
Here its slides: [HiP 2018 Slides](https://hackinparis.com/data/slides/2018/talks/HIP2018_Luca_Bongiorni_How_To_Bring_HID_Attacks_To_The_Next_Level.pdf)
## HOW TO START [Newbies Edition] ##
Since July 2017 all Cactus WHID are delivered with pre-loaded ESPloitV2 and are ready to Plug-n-Hack ✌
@@ -57,7 +63,7 @@ The pin closer to USB-A is GND. The pins are:
<img src="https://raw.githubusercontent.com/whid-injector/WHID/master/tools/hardware/p2-usb-pinout.png" width="300">
[ If also an USB HUB is needed (i.e. to weaponize a wired mouse), usually, I do use this one https://www.tindie.com/products/mux/nanohub-tiny-usb-hub-for-hacking-projects ]
[ In case an USB HUB is needed (i.e. to weaponize some USB gadget or mouse), usually, I do use this one https://www.tindie.com/products/mux/nanohub-tiny-usb-hub-for-hacking-projects or this https://www.aliexpress.com/item/Random-Color-Redbud-High-Speed-USB-2-0-4-Port-HUB-Fashion-Design-HUB-Computer-Accessories/32788390064.html]
## Documentation WIKI ##
@@ -66,13 +72,11 @@ https://github.com/whid-injector/WHID/wiki
## Third-Party Softwares Compatible with WHID's Hardware ##
https://github.com/exploitagency/ESPloitV2 An improved version of WHID GUI
https://github.com/exploitagency/ESPloitV2 (Improved version of WHID GUI, installed by default on Cactus WHID hardware)
https://github.com/sensepost/USaBUSe
https://github.com/sensepost/USaBUSe (Dedicated software for AirGap bypass Vs Windows)
https://github.com/spacehuhn/wifi_ducky
https://github.com/basic4/WiDucky
https://github.com/spacehuhn/wifi_ducky (old software similar to ESPloitV2)
## Possible Applications ##
@@ -83,7 +87,7 @@ Deploy WHID on Victim's machine and remotely control it by accessing its WiFi A
<img src="https://raw.githubusercontent.com/whid-injector/WHID/master/tools/images/WHID_GUI.png" width="300">
- Social Engineering: Deploy WHID inside an USB-enable gadget
- Social Engineering: Deploy WHID inside an USB gadget
The main idea behind it is to test for Social Engineering weaknesses within your target organization (e.g. DLP policy violations) and to bypass physical access restrictions to Target's device.
Usually, I create a fancy brochure (sample template https://github.com/whid-injector/WHID/tree/master/tools/Social_Engineering_Lures ) attached with a weaponized USB gadget and then use a common delivery carrier (e.g. UPS, DHL, FedEx).
@@ -95,3 +99,16 @@ Usually, I create a fancy brochure (sample template https://github.com/whid-inje
## Video Tutorials ##
[![WHID's Attack Simulation](https://raw.githubusercontent.com/whid-injector/WHID/master/tools/images/snapshot_youtube_2.jpg)](https://www.youtube.com/watch?v=U-TtobZXJcw)
More Video on WHID's Youtube Channel:
https://www.youtube.com/channel/UCzh8wlTSYbdZCs__Djym5UQ/videos
## Blogposts about WHID ##
https://blog.rootshell.be/2018/05/22/evil-mouse-project/
https://medium.com/@LucaBongiorni/whid-injector-how-to-bring-hid-attacks-to-the-next-level-b06a40b7df22

0 comments on commit d042af8

Please sign in to comment.