Anyway to save files back to the Flipper using BadUSB?

I’m looking to create a script to gather system information and then save it to a file on the flipper. Is there anyway to do this?

Not at the moment, possibly in the future

4 Likes

While you can’t save directly to the flipper zero normal rubber duckies require twin duck firmware. If you want something that is a bit less personal than to your email. Look at using webhook to post information back to. The following URL has a wife password grabber from windows machines. https://github.com/hak5/usbrubberducky-payloads/blob/master/payloads/library/exfiltration/WifiPassGrabberPOST/payload.txt

After it gets the password files it posts it back to a webhook.site. This allows you to retrieve the data from a webserver. This post is for educational purposes only. Don’t do anything illegal please.

6 Likes

Hello, will it be possible to add keystroke reflection, like this?

2 Likes

Yes, this should be possible to implement

2 Likes

Does anyone know whether this function has already been implemented on the Flipper by now? or is there a feasible way to make it work on your own?

first post on the forum

by the looks of things no it is still not here yet but hopefully soon…

hey if this is still not a feature… one can play around with having a spare usb drive with a unique name(something like . or _) and plug that into the target computer first before payload execution.
the script will then do its thing and at end move or directly export the data needing to be exfiltrated to the secondary usb drive :smiley:

this method was sugested by hak5 a long time ago and an example of it is somewhere on the youtubes.
not condoning anything here lol but it is something to keep in mind if data exfil like that is important for what you need it to do (this also can be usefull for offline attacks where larger programs like image files and the like are involved)

hope this is a usefull post (as i have seen webhooks here as well)

1 Like