Flashsploit - Exploitation Framework For ATtiny85 Based HID Attacks
Flashsploit is an Exploitation Framework for Attacks using ATtiny85 HID Devices such as Digispark USB Development Board, flashsploit generates Arduino IDE Compatible (.ino) Scripts based on User Input and then Starts a Listener in Metasploit-Framework if Required by the Script, in Summary : Automatic Script Generation with Automated msfconsole.
- TODO : Add Linux and OSX Scripts
Windows
Data Exfiltration
- Extract all WiFi Passwords and Uploads an XML to SFTP Server:
- Extract Network Configuration Information of Target System and Uploads to SFTP Server:
- Extract Passwords and Other Critical Information using Mimikatz and Uploads to SFTP Server:
Reverse Shells
- Get Reverse Shell by Abusing Microsoft HTML Apps (mshta):
- Get Reverse Shell by Abusing Certification Authority Utility (certutil)
- Get Reverse Shell by Abusing Windows Script Host (csript)
- Get Reverse Shell by Abusing Windows Installer (msiexec)
- Get Reverse Shell by Abusing Microsoft Register Server Utility (regsvr32)
Miscellaneous
- Change Wallpaper of Target Machine:
- Make Windows Unresponsive using a .bat Script (100% CPU and RAM usage)
- Drop and Execute a File of your Choice, a ransomware maybe? ;)
- Disable Windows Defender Service on Target Machine
Tested on
- Kali Linux 2019.2
- BlackArch Linux
Dependencies
Flashsploit Depends upon 4 Packages which are Generally Pre-installed in Major Pentest OS :
- Metasploit-Framework
- Python 3
- SFTP
- PHP
Usage
git clone https://github.com/thewhiteh4t/flashsploit.git
cd flashsploit
python3 flashsploit.py
Flashsploit - Exploitation Framework For ATtiny85 Based HID Attacks
Reviewed by Zion3R
on
9:06 AM
Rating: