In this article, which is nominated to be the most interesting of our articles about ATtiny, we are actually making a Rubber Ducky, to learn about Rubber Ducky, Mr. We recommend that you take a look at our article about the technologies used in the robot.
In fact, you can do all the operations here with any microprocessor with the "USB Interface" protocol. In summary, we will connect ATtiny85 to our computer with a "keyboard" view and run some command system scripts, although the descriptions here are for educational purposes, good lessons can be learned from this article to avoid such dangers. In addition, connecting the ATtiny85 you use directly via USB (micro USB or Jumper connections) can make your job a little easier.
As with any ATtiny content, you will use Arduino IDE, first you need to install ATtiny libraries on Arduino IDE and install the necessary drivers on your computer, you can access detailed information about installation by reviewing our previous ATtiny articles.
There is a lot of malicious code that creates for ATtiny85, so to avoid such dangers, it is worth knowing these payloads. In this article you will use the Wi-Fi password stealer payload created by the user MTK911 GitHub, but as you can see in the image you can try other payloads as well.
The extent of the danger is a little more illustrated by the extent of the danger that some payloads do not require admin powers.
The program code actually introduces ATtiny85 as keyboard input to the computer, so security programs cause an open data breach if antiviruses are not prepared for this attack. Connected as a keyboard input, as if under human control, powershell opens a command line, pulls data from the part where WiFi passwords are held, then transfers this WiFi data to the "unique URL" dedicated to you through the webhook.site we often use in IoT operations, if you compile and test this program on your ATtiny85, you will know exactly what we are talking about during operation.
You can use ATtiny85's EPROM to store WiFi data, or you can record this data by installing a different EPROM integration, SD Card module, but here you can get the magic of webhook to see how fast and effective this attack is.
Sample Webhook Unique URL
Each time you log in, it will give you a different unique URL, you can save and use the address you want, remember to follow which URL you enter in the required part of the program.