Table of contents
A user-friendly open-source project to learn about keystroke injection attacks or BadUSBs.
What is a BadUSB?
By emulating a USB keyboard, a BadUSB can gain full access to a computer in a matter of seconds!
This is made possible by the fact that keyboards are trusted by computers. You can have complete control over a computer with just a keyboard.
A BadUSB pretends to be a keyboard to the computer to send keystrokes. But unlike a human, it can type hundreds of characters per second. By using a simple scripting language, it's easy to make BadUSBs type whatever you want.
The WiFi Duck goes a step further. By adding WiFi, it turns into a remote-controlled BadUSB/keyboard. You can connect to it and manage all scripts from within a web interface. This means that, unlike other BadUSBs, you don't need to install an app, log in, compile or copy scripts to an SD card.
Usage
- Plugin your WiFi Duck
- Connect to the WiFi network
wifiduck
with the passwordwifiduck
- Open a browser and visit
192.168.4.1
- Write, save and run your first script
- [Recommended] Open
Settings
(top right corner) and update SSID and password
Buy
We teamed up with DSTIKE and Maltronics to turn this project into a product!
Malduino W
A nicely encased, inconspicuous-looking BadUSB by Maltronics. Having USB-A and USB-C makes it compatible with all kinds of devices. It comes flashed with the WiFi Duck firmware and works plug and play.
🛒 Purchase one at Maltronics.com - documentation can be found here.
DSTIKE WiFi Duck
A custom-designed development board by Travis Lin coming pre-flashed with the WiFi Duck firmware.
🛒 Purchase one at DSTIKE.com - Watch the How to Update Tutorial here.
Disclaimer
This tool is intended to be used for testing, training, and educational purposes only. Never use it to do harm or create damage!
Source
If you want to learn more about this project, visit wifiduck.com or visit the project's Github repository at github.com/SpacehuhnTech/WiFiDuck.