tag:blogger.com,1999:blog-8135211063584500909.post8018532158171752310..comments2023-10-02T15:18:02.659+05:30Comments on Lab of a Penetration Tester: Teensy USB HID for Penetration Testers - Part 2 - Basics of Arduino and Hello WorldNikhil SamratAshok Mittalhttp://www.blogger.com/profile/02092541175521734123noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-8135211063584500909.post-54206983662542644502014-08-29T12:27:02.727+05:302014-08-29T12:27:02.727+05:30Make sure you are selecting the correct board type...Make sure you are selecting the correct board type in Arduino Development Environment. More details would help, like, the device you are using, the sketch you are trying to compile etc.Nikhil SamratAshok Mittalhttps://www.blogger.com/profile/02092541175521734123noreply@blogger.comtag:blogger.com,1999:blog-8135211063584500909.post-36362102296618621532014-08-29T12:05:04.987+05:302014-08-29T12:05:04.987+05:30please help me,THX! code error is :"error: ‘K...please help me,THX! code error is :"error: ‘Keyboard’ was not declared in this scope" Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-8135211063584500909.post-75163717487562300432012-12-15T09:25:27.854+05:302012-12-15T09:25:27.854+05:30Yes, you can create and admin account yourself, yo...Yes, you can create and admin account yourself, you can do everything in Kautilya by yourself for that matter. There are two ways to use HID attack vector:<br />1. Social Engineering<br />2. Physical Acess<br /><br />In former case, you do not have a physical access, you can trick a user to plug-in the device and the device will do the stuff. In later case, a HID will always be faster and more accurate then one could ever be, specially in case of complex attacks. Hope this helps.<br /><br />BTW, I use "add admin user" majorly for PoC, adding a user to a machine during a pen test is not a good idea.Nikhil SamratAshok Mittalhttps://www.blogger.com/profile/02092541175521734123noreply@blogger.comtag:blogger.com,1999:blog-8135211063584500909.post-28338962840156921062012-12-14T20:41:25.842+05:302012-12-14T20:41:25.842+05:30Ok, I've done with this, thanks anyway.
But n...Ok, I've done with this, thanks anyway.<br /><br />But now I've got a more serious problem: in the 1st payload in Kautilya, you say I can add an admin user account. But it seems I must be an admin to do this. Is it correct? If this is the case, where's the usefulness of this payload? I could create a new admin account by myself, if I already have an admin account.. francesconoreply@blogger.comtag:blogger.com,1999:blog-8135211063584500909.post-34056327316469981752012-12-14T16:56:14.677+05:302012-12-14T16:56:14.677+05:30Yeah, now it works! Thanks Nikhil!
I've got a...Yeah, now it works! Thanks Nikhil!<br /><br />I've got another question, this time about Kautilya:<br /><br />if I want to test some payload on a virtual machine, do I have to upload the sketch (using arduinoIDE) directly from that vm?<br /><br />I tried to use my (real) windows xp machine to upload a payload, but it immediately starts to make stuff, before I can switch on my virtual machine, even if the Auto button on teensy loader is off..<br /><br />ThanksAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-8135211063584500909.post-29686989071508730472012-12-13T23:46:35.126+05:302012-12-13T23:46:35.126+05:30On the cursor..Try adding a delay(5000) before Key...On the cursor..Try adding a delay(5000) before Keyboard.print in the sample code if the device is not "typing".Nikhil SamratAshok Mittalhttps://www.blogger.com/profile/02092541175521734123noreply@blogger.comtag:blogger.com,1999:blog-8135211063584500909.post-21630389882790468392012-12-13T17:13:27.948+05:302012-12-13T17:13:27.948+05:30Where "Hello World" should be shown??Where "Hello World" should be shown??Anonymousnoreply@blogger.com