forked from RoganDawes/P4wnP1
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsetup.cfg
62 lines (50 loc) · 2.41 KB
/
setup.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
#!/bin/sh
###########################
# General config
# these are the default settings
# the setting are only used, if not defined in the payload itself
###########################
# USB setup
# ---------------------------
# Make sure to change USB_PID if you enable different USB functionality in order
# to force Windows to enumerate the device again
USB_VID="0x1d6b" # Vendor ID
USB_PID="0x0137" # Product ID
USE_ECM=true # if true CDC ECM will be enabled
USE_RNDIS=true # if true RNDIS will be enabled
USE_HID=false # if true HID (keyboard) will be enabled
USE_RAWHID=false # if true a raw HID device will be enabled
USE_RAWHID_FULLDUPLEX=false # if true two raw HID devices will be enabled (input + output)
USE_UMS=false # if true USB Mass Storage will be enabled
# ==========================
# Network and DHCP options
# ==========================
# We choose an IP with a very small subnet (see comments in README.rst)
IF_IP="172.16.0.1" # IP used by P4wnP1
IF_MASK="255.255.255.252"
IF_DHCP_RANGE="172.16.0.2,172.16.0.2" # DHCP Server IP Range
ROUTE_SPOOF=false # set two static routes on target to cover whole IPv4 range
WPAD_ENTRY=false # provide a WPAD entry via DHCP pointing to responder
# ============================
# WiFi options (only work if wlan0 interface is present (Pi Zero W)
# ============================
WIFI_ACCESSPOINT=true
WIFI_ACCESSPOINT_NAME="P4wnP1"
WIFI_ACCESSPOINT_PSK="MaMe82-P4wnP1"
WIFI_ACCESSPOINT_IP="172.24.0.1" # IP used by P4wnP1
WIFI_ACCESSPOINT_NETMASK="255.255.255.0"
WIFI_ACCESSPOINT_DHCP_RANGE="172.24.0.2,172.24.0.100" # DHCP Server IP Range
# =====================
# Keyboard config
# =====================
lang="us" # Keyboard language for outhid and duckhid commands
HID_KEYBOARD_TEST=true # if enabled 'onKeyboardUp' is fired as soon as the host initializes the keyboard
# =====================
# payload selection
# =====================
PAYLOAD=network_only.txt
#PAYLOAD=hid_backdoor.txt # under (heavy) development
#PAYLOAD=creds.txt
#PAYLOAD=hid_frontdoor.txt # HID covert channel demo: Triggers P4wnP1 covert channel console by pressing NUMLOCK 5 times on target (Windows)
#PAYLOAD=hid_keyboard.txt # HID keyboard demo: Waits till target installed keyboard driver and writes "Keyboard is running" to notepad
#PAYLOAD=hid_keyboard2.txt # HID keyboard demo: triggered by CAPS-, NUM- or SCROLL-LOCK interaction on target