The Cyber WalletOct 23, 2023 in #development #infosec
One of the projects that I've started and gotten to a usable state recently was "The Cyber Wallet".
This is a USB Rubber Ducky type device that performs USB / Mouse injection attacks against a host computer. I own an older USB rubber Ducky, but do I ever carry it? or can I be bothered to deal with compiling the payloads? If you guessed no to both of these then you would be correct.
So to make sure I always had this with me, I took something I always carry with me, my card holder / wallet, and added some cyber-ness to it. Using a Raspberry Pi Pico, an SSD1306 128x32 OLED screen, and some cheap tactile buttons, you can select a payload (or as I call it a card....) from a list.
The scripting language is very similar to the hak5 product but with some changes to allow any radical ideas I had to come alive, such as using the buttons as part of a payload.
An example card would be:
REM Hello World
RTYPE It looks like this is working, good bye!
This would be targeting a windows host and would minimise all windows, run notepad, type some text, then close without saving.
You can also include other cards as well which allows for some modularisation. I need to spend some time updating the documentation over at the Github Repo as that's always the last thing to get updates.home