Skip to content
Permalink
Browse files

Merge pull request #48 from joelsernamoreno/master

FingerprintUSBHost implementation to detect OS
  • Loading branch information...
whid-injector committed Aug 5, 2019
2 parents aaf6d89 + 7f85b1a commit f53d53369670a8e5022ecab8911a09ceca897a4c
@@ -170,6 +170,10 @@ Set a one time delay between sending lines in payload
To make a generic delay:
-"Delay"
--"Delay" would wait for The Default Delay x 2 before proceeding to next item in payload

To detect the OS of the victim computer:
-"GetOS:"
--"After executing the command "GetOS:" in the Exfiltrate section an OS.txt file will appear. In this file you can find the operating system that has the victim computer."

For individual keypresses or combinations of key presses:
-"Press:X" or "Press:X+Y" or "Press:X+Y+Z" and so forth
@@ -310,6 +314,17 @@ The victim is forced to access the URL above and now under "List Exfiltrated Dat
For FTP exfiltration method use the credentials configured in the "Configure ESPloit" page. Also note that only Passive Mode FTP is supported.

See the example payloads for more in depth examples.

-----
Detect OS
-----

Based on the Keyboardio FingerprintUSBHost library.

Inspect USB Descriptors and guess the host operating system based on markers it sees.

Execute the "GetOS:" command in the textarea or in a payload.
After executing the command "GetOS:" in the Exfiltrate section an OS.txt file will appear. In this file you can find the operating system that has the victim computer.

-----
ESPortal Credential Harvester(Phisher)
@@ -30,6 +30,7 @@
//Requires Keyboard and SoftwareSerial library
#include <Keyboard.h>
#include <Mouse.h>
#include "FingerprintUSBHost.h"
//#include <SoftwareSerial.h>

//Setup RX and TX pins to be used for the software serial connection
@@ -41,13 +42,14 @@
//const int debug=0;

String version = "2.2";
String os;

//Used later for determining if we are ready to release a key press or a combination of key presses
int keypressdone=0;

//Start serial interfaces and HID keyboard emulator
void setup() {

void setup() {
//Start up the ESP 8266
pinMode(13, OUTPUT);
digitalWrite(13,HIGH);
@@ -59,6 +61,9 @@ void setup() {
Serial1.begin(38400);
Serial.begin(38400);
Keyboard.begin();
delay(3000);
FingerprintUSBHost.guessHostOS(os);
delay(3000);
}

//Do-IT!
@@ -105,6 +110,12 @@ void loop() {
keypressdone=0;
}
}

//If command equals "GetOS"
else if(cmd.startsWith("GetOS")) {
Serial1.print("OS: ");
Serial1.println(os);
}

//If command equals "Print:X"
else if(cmd == "Print") {
@@ -1168,6 +1168,13 @@ void loop() {
f.println(SerialEXFIL);
f.close();
}
else if(cmd == "OS"){
String os = Serial.readStringUntil('\n');
File f = SPIFFS.open("/OS.txt", "a+");
f.print("Target OS: ");
f.println(os);
f.close();
}
else if(cmd == "BlinkLED") {
String cmdinput = Serial.readStringUntil('\n');
int blinkcount = cmdinput.toInt();
Binary file not shown.

0 comments on commit f53d533

Please sign in to comment.
You can’t perform that action at this time.