/USB-Nugget

Run DuckyScript payloads on a USB Nugget!

Primary LanguageCMIT LicenseMIT

USB Nugget: Cat-Themed USB Attacks

A versatile USB attack platform that lets you hack computers in seconds using a USB Nugget!

Resources:

How to Update your Nugget:

  1. Download the latest binary file here
  2. Place your Nugget in Device Firmware Upgrade (DFU) mode.
  3. Open our web flasher tool in Google Chrome (other browsers not currently supported)
  4. Click on "Connect" and then select the "ESP32-S2" board. Click "Erase" and "OK" to continue.
  5. Once you see "Finished", click "Choose a file" and select the .BIN file you downloaded in step 1. Click "Program" to flash your S2 Nugget!
  6. When its done, unplug your S2 Nugget and plug it in again to see the new features. 

Creating Payloads

To upload a payload, you can save a .txt file to the RubberNugget flash drive. Payloads must be saved under an operating system, then category type. (OS->Category->Payload.txt)

Updating AP Credentials & Keyboard ID

To edit your USB Nugget's default AP name & password, edit or create the usbnugget.conf file on your NUGGET drive, and add the following 2 lines:

network: network_name_here
password: password_here

To change the VID and PID of the keyboard, you can just add:

vid:0x6969
pid:0x6969

Accessing the Web Interface

To access the web interface, connect to the RubberNugget AP with the password nugget123. In a web browser, navigate to 192.168.4.1 to access the payload deployment system. At the moment, the web interface can only edit / run payloads.

Current Features - v1.1 (beta)

  • DuckyScript Compatible
    • Basic syntax: STRING, DELAY, keypress combos
    • Basic colors: R G B C Y M W
  • Web Interface
    • Deploy Payloads
    • Edit Payloads
  • USB Flash Drive
    • FAT filesystem
    • Create default OS folders
    • Follows Hak5 naming convention (OS->Category->Payload)
  • Nugget Interface
    • Custom graphics
    • Live command preview
    • Reactive RGB NeoPixel

Building / flashing from source

Dependencies: docker, make. Docker is used to produce a replicable build environment and ensure library/tool dependensies are met.

# Clone the repo
git clone https://github.com/HakCat-Tech/RubberNugget.git

# Navigate to src
cd RubberNugget/src

# Build
sudo make build

# Build and flash the ESP32-S2 (may need sudo)
sudo make flash
#optionally specify port: sudo make flash PORT=<port>
#optionally install default scripts: sudo make flash RESET_SCRIPTS_DURING_FLASH=true

# Produce .img for release
sudo make generate_img