Today I have an Arduino MKR1000 which is a board with built-in wifi chipset specially designed for IOT projects. Recently I came to know that, this little board can act as a Human Interface Device such as a keyboard or a mouse. So I thought of using it for some HID attacks over WiFi.
In this video, I will show you a small demo of some basic attacks. Click the subscribe button down this video.
Here, the board is programmed in such a way that, whenever I power it up, it will connect to my mobile phones WiFi network and starts a web server at port 80, which can be accessed from any web browser in my phone. So what I can do is connect this board to my victim PCs back USB port and walk away so that the victim wont be suspicious. Now I can open up a browser, go to MKR1000 board’s IP address and wait for the victim to walk away from his computer. When he is away from the computer, if the PC is not locked, we can easily do HID attacks remotely.
One advantage of this is we can store multiple commands in this baord and we can issue one by one from our phone whenever we want. Which means, we can use this same for multiple devices without uploading the code each time for each purposes.
How To Do It?
Download, Install and Setup Arduino IDE
This was written as experimental code and it is not well written. I have plans to update the code with support for other OS and more complicated attacks
in the future.
Editing the Code
Now all you have to do is do some basic modifications in the downloaded code. Just change the ESSID and Password. Now connect the board and upload the code to your board.
And thats it.