Android_Hid is a tool used by android as Rubber Ducky against targeted Android device or PC.
HID Attack Using Android
Using Android as Rubber Ducky against Android or Windows. This is not a new technique, just a demo how to perform HID attack using Android instead of rubber ducky. For targeted Android device it is not necessary to be rooted, have ADB/USB debugging enabled and device authorized, since attacker’s smartphone behaves as connected keyboard.
hid_attack – script contains customized commands that are executed (typed) against targeted Android device hid_pc – script contains customized commands that are executed (typed) against targeted Windows 10
How to prevent this happening on Android?
How to prevent this happening on PC?
PoC
Prerequisites
Script Info
This is custom script, which might not work on your testing case scenario. Because of that, you must play around with pressed keys that are sent to targeted device. Website with my testing payload is not active anymore. List of all possible keys can be found on the link below.
Execute Command
bash hid_attack bash hid_pc
How to flash custom ROM with HID support?
https://github.com/pelya/android-keyboard-gadget
Brute-force pin using Android as HID
https://github.com/urbanadventurer/Android-PIN-Bruteforce
List of all keys
https://github.com/anbud/DroidDucky/blob/master/droidducky.sh
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…