Today I have an Arduino MKR1000 which is a board with built-in wifi chipset specially designed for IOT projects. Recently I came to know that, this little board can act as a Human Interface Device such as a keyboard or a mouse. So I thought of using it for some Wireless HID attacks over WiFi.
In this video, I will show you a small demo of some basic attacks. Click the subscribe button down this video.
Wireless HID Attack Demo
Here, the Arduino is programmed in such a way that, whenever I power it up, it will connect to my mobile phones WiFi network and starts a web server at port 80, which can be accessed from any web browser in my phone. So what I can do is connect this board to my victim PCs back USB port and walk away so that the victim won’t be suspicious. Now I can open up a browser, go to MKR1000 board’s IP address and wait for the victim to walk away from his computer. When he is away from the computer, if the PC is not locked, we can easily do remote HID attacks.
One advantage of this is we can store multiple commands in this board and we can issue one by one from our phone whenever we want. Which means, we can use this same for multiple devices without uploading the code each time for each purpose.
How To Do It?
Wireless HID Attack using Arduino Video Tutorial
Download, Install and Setup Arduino IDE
This was written as experimental code and it is not well written. I have plans to update the code with support for other OS and more complicated attacks
in the future.
Editing the Code
Now all you have to do is do some basic modifications in the downloaded code. Just change the ESSID and Password. Now connect the board and upload the code to your board.
And that’s it.