add shell payload

dragonlock2 · Jul 29, 2024 · 4f5831f · 4f5831f
1 parent 5a82186
commit 4f5831f
Show file tree

Hide file tree

Showing 5 changed files with 58 additions and 4 deletions.
diff --git a/samples/apps/rubberducky/CMakeLists.txt b/samples/apps/rubberducky/CMakeLists.txt
@@ -27,3 +27,4 @@ function(add_payload PAYLOAD_NAME)
 endfunction()
 
 add_payload(example)
+add_payload(shell)
diff --git a/samples/apps/rubberducky/payloads/shell.cpp b/samples/apps/rubberducky/payloads/shell.cpp
@@ -0,0 +1,48 @@
+#include "common.h"
+
+extern "C" void run(void) {
+    switch (hid_get_os()) {
+        case hid_os::MACOS: {
+            rgb_write(rgb_color::GREEN);
+            kb_type(HID_KEY_SPACE, HID_KBD_MODIFIER_LEFT_UI);
+            k_msleep(100);
+            kb_print("Terminal.app");
+            kb_type(HID_KEY_ENTER, 0);
+            k_msleep(1500);
+            kb_print("echo hello world!"); // TODO replace w/ payload
+            kb_type(HID_KEY_ENTER, 0);
+            break;
+        }
+        case hid_os::WINDOWS: {
+            rgb_write(rgb_color::BLUE);
+            kb_type(HID_KEY_R, HID_KBD_MODIFIER_LEFT_UI);
+            k_msleep(100);
+            kb_print("powershell.exe");
+            kb_type(HID_KEY_ENTER, 0);
+            k_msleep(1000);
+            kb_print("echo \"hello world!\""); // TODO replace w/ payload
+            kb_type(HID_KEY_ENTER, 0);
+            break;
+        }
+        case hid_os::LINUX: { // Ubuntu
+            rgb_write(rgb_color::RED);
+            kb_type(HID_KEY_T, HID_KBD_MODIFIER_LEFT_CTRL | HID_KBD_MODIFIER_LEFT_ALT);
+            k_msleep(1000);
+            kb_print("echo hello world!"); // TODO replace w/ payload
+            kb_type(HID_KEY_ENTER, 0);
+            break;
+        }
+        default: {
+            printk("unknown os");
+            while (true) {
+                rgb_write(rgb_color::YELLOW);
+                k_msleep(100);
+                rgb_write(rgb_color::OFF);
+                k_msleep(100);
+            }
+            break;
+        }
+    }
+}
+
+LL_EXTENSION_SYMBOL(run);
diff --git a/samples/apps/rubberducky/prj.conf b/samples/apps/rubberducky/prj.conf
@@ -12,8 +12,8 @@ CONFIG_LOG_PROCESS_TRIGGER_THRESHOLD=0
 CONFIG_LOG_PROCESS_THREAD_SLEEP_MS=100
 
 CONFIG_USB_DEVICE_STACK=y
-CONFIG_USB_DEVICE_VID=0x0069
-CONFIG_USB_DEVICE_PID=0x0420
+CONFIG_USB_DEVICE_VID=0x05ac
+CONFIG_USB_DEVICE_PID=0x021e
 CONFIG_USB_DEVICE_MANUFACTURER="dragonlock2"
 CONFIG_USB_DEVICE_PRODUCT="rubberducky"
 CONFIG_USB_SELF_POWERED=n

diff --git a/samples/apps/rubberducky/src/hid.cpp b/samples/apps/rubberducky/src/hid.cpp
@@ -74,7 +74,7 @@ void hid_init(void) {
         error_fatal(error_reason::HID);
     }
     k_sem_take(&data.usb_conn, K_FOREVER);
-    k_msleep(250); // first report ignored if too soon
+    k_msleep(500); // reports ignored if too soon
 
     // algorithm inspired by https://github.com/qmk/qmk_firmware/blob/master/quantum/os_detection.c
     // due to OS updates, this may not work forever

diff --git a/samples/apps/rubberducky/src/main.cpp b/samples/apps/rubberducky/src/main.cpp
@@ -18,5 +18,10 @@ int main(void) {
     hid_mouse_report m{};
     hid_keyboard_raw(k);
     hid_mouse_raw(m);
-    rgb_write(rgb_color::GREEN);
+    while (true) {
+        rgb_write(rgb_color::GREEN);
+        k_msleep(50);
+        rgb_write(rgb_color::OFF);
+        k_msleep(50);
+    }
 }
Original file line number	Diff line number	Diff line change
Expand Up		@@ -27,3 +27,4 @@ function(add_payload PAYLOAD_NAME)
		endfunction()

		add_payload(example)
		add_payload(shell)