Use Android as Rubber Ducky against another Android device

Related tags

Utility android_hid
Overview

android_hid

Use Android as Rubber Ducky against targeted Android device or PC

HID attack using Android

Using Android as Rubber Ducky against Android or Windows. This is not a new technique, just a demo how to perform HID attack using Android instead of rubber ducky. For targeted Android device it is not necessary to be rooted, have ADB/USB debugging enabled and device authorized, since attacker's smartphone behaves as connected keyboard.

hid_attack - script contains customized commands that are executed (typed) against targeted Android device hid_pc - script contains customized commands that are executed (typed) against targeted Windows 10

How to prevent this happening on Android

  1. charge you smartphone using you own adapter
  2. use none trivial PIN or password lockscreen protection
  3. use mobile security software that will detect and prevent from launching payloads

How to prevent this happening on PC

  1. Don't let anyone charge their smartphones in your PC
  2. Use security software that will detect Metasploit payload
  3. USB condom should help

PoC

Android: https://youtu.be/aOWr6rWhsIs
PC: https://youtu.be/PJbqZm73MOc

Prerequisites

  • rooted Android with HID kernel support (e.g. NetHunter ROM)
  • OTG cable

Video Tutorial using NetHunter

Watch the video In the video was used "part1/msf_install" PoC script. Tested payload is removed.

Video Tutorial without using NetHunter

Watch the video USB Gadget Tool: https://github.com/tejado/android-usb-gadget
HID gadgets: https://github.com/pelya/android-keyboard-gadget/tree/master/hid-gadget-test
For easy access, I copied USB Gadget Tool and HID gadget to https://github.com/androidmalware/android_hid/tree/main/part2

Script info

This is custom script, which might not work on your testing case scenario. Because of that, you must play around with pressed keys that are sent to targeted device. Website with my testing payload is not active anymore. List of all possible keys can be found on the link below.

Execute command

bash hid_attack bash hid_pc

How to flash custom ROM with HID support

https://github.com/pelya/android-keyboard-gadget

Brute-force pin using Android as HID

https://github.com/urbanadventurer/Android-PIN-Bruteforce

List of all keys

https://github.com/anbud/DroidDucky/blob/master/droidducky.sh

You might also like...
Multi-module, Kotlin, MVI, Compose, Hilt, Navigation Component, Use-cases, Room, Retrofit

Work in progress Multi-module demo app that gets data from dota2 api. API https://docs.opendota.com/ Players by rank (GET) https://api.opendota.com/ap

An easy-to-use, cross-platform measurement tool that pulls data out of CD pipelines and analysis the four key metrics for you.
An easy-to-use, cross-platform measurement tool that pulls data out of CD pipelines and analysis the four key metrics for you.

Maintained by SEA team, ThoughtWorks Inc. Read this in other languages: English, 简体中文 Table of Contents About the Project Usage How to Compute Contrib

Android Shared preference wrapper than encrypts the values of Shared Preferences. It's not bullet proof security but rather a quick win for incrementally making your android app more secure.
Android Shared preference wrapper than encrypts the values of Shared Preferences. It's not bullet proof security but rather a quick win for incrementally making your android app more secure.

Secure-preferences - Deprecated Please use EncryptedSharedPreferences from androidx.security in preferenced to secure-preference. (There are no active

Android library which makes it  easy to handle the different obstacles while calling an API (Web Service) in Android App.
Android library which makes it easy to handle the different obstacles while calling an API (Web Service) in Android App.

API Calling Flow API Calling Flow is a Android library which can help you to simplify handling different conditions while calling an API (Web Service)

Gesture detector framework for multitouch handling on Android, based on Android's ScaleGestureDetector

Android Gesture Detectors Framework Introduction Since I was amazed Android has a ScaleGestureDetector since API level 8 but (still) no such thing as

Android Utilities Library build in kotlin Provide user 100 of pre defined method to create advanced native android app.

Android Utilities Library build in kotlin Provide user 100 of pre defined method to create advanced native android app.

A util for setting status bar style on Android App.
A util for setting status bar style on Android App.

StatusBarUtil A util for setting status bar style on Android App. It can work above API 19(KitKat 4.4). 中文版点我 Sample Download StatusBarUtil-Demo Chang

A logger with a small, extensible API which provides utility on top of Android's normal Log class.
A logger with a small, extensible API which provides utility on top of Android's normal Log class.

This is a logger with a small, extensible API which provides utility on top of Android's normal Log class. I copy this class into all the little apps

Java implementation of a Disk-based LRU cache which specifically targets Android compatibility.

Disk LRU Cache A cache that uses a bounded amount of space on a filesystem. Each cache entry has a string key and a fixed number of values. Each key m

Comments
  • Question about waiting time on wrong PIN

    Question about waiting time on wrong PIN

    How this works? I mean, Androdi has a basic security that is when wrong PIN/Pattern entered, we got to wait 30 seconds to enter next then 30 seconds for each wrong try after that. How is this method gonna get over it I wonder?

    opened by mizzunet 2
  • Permission for Contribution

    Permission for Contribution

    Hi, I want to contribute to this repository, I have fixed some of the typos in README.md file. But I am having a permission denied issue and unable to push the code to a new branch in your repository. Please grant me access to your repository so that I can open PR.

    image

    opened by aliadnanaslam 0
  • Use pc to run HID script.

    Use pc to run HID script.

    Hi, shall we use a normal Linux machine to do HID attack instead of using nethunter phone? Literally am asking, How to convert a Linux machine to a rubber ducky?

    opened by yuvarajancitspl 2
Owner
null
Migrating from one PostgreSQL to another via S3

Migrating from one PostgreSQL to another via S3 In one terminal start initial setup. ./gradlew buildDockerImage docker-compose up --build dbmig-s3 dbm

Stefan Bissell 1 May 19, 2022
:iphone: [Android Library] Get device information in a super easy way.

EasyDeviceInfo Android library to get device information in a super easy way. The library is built for simplicity and approachability. It not only eli

Nishant Srivastava 1.7k Dec 22, 2022
Android device shake detection.

Seismic Android device shake detection. Download Download the latest .jar or depend via Maven: <dependency> <groupId>com.squareup</groupId> <artif

Square 1.2k Dec 27, 2022
An Android library allowing images to exhibit a parallax effect that reacts to the device's tilt

Motion An Android library allowing images to exhibit a parallax effect. By replacing static pictures and backgrounds with a fluid images that reacts t

Nathan VanBenschoten 781 Nov 11, 2022
A small utility to record Android device screen to a GIF

RoboGif A small utility to record Android device screen to an optimized GIF so you can paste it to GitHub or a similar service. Requirements Python 2.

Jernej Virag 526 Dec 9, 2022
Android library for checking the internet connectivity of a device.

ConnectionChecker Android library for checking the internet connectivity of a device. Used in https://play.google.com/store/apps/details?id=com.muddas

Muddassir Ahmed Khan 34 Dec 24, 2022
adds an option to the Android Sharesheet that allows you to save files to your device.

Save On Device adds an option to the Android Sharesheet that allows you to save files to your device. Download Get the app from the Google Play Store

null 24 Nov 29, 2022
Android tiny device flow client

OAuth 2.0 Device Flow Example Setup Create an Auth0 application Enable Device Code Grants in Advanced settings Disable Client Credentials Enable Devic

Kenji Saito 0 May 15, 2022
Very easy to use wrapper library for Android SharePreferences

Treasure English document Treasure是一个Android平台上基于SharePreferences的偏好存储库,只需要定义接口,无需编写实现,默认支持Serializable和Parcelable。运行时0反射,不仅使用方便而且性能和原生写法几乎无差别。 使用方法 1

星一 507 Nov 12, 2022
A simple and easy to use stopwatch and timer library for android

TimeIt Now with Timer support! A simple and easy to use stopwatch and timer library for android Introduction A stopwatch can be a very important widge

Yashovardhan Dhanania 35 Dec 10, 2022