DevKitty-io / USB-Nugget

Run DuckyScript payloads on a USB Nugget!
https://usbnugget.com
MIT License
163 stars 19 forks source link
esp32s2 hid-attacks keystroke-injection tinyusb usb-hid usb-nugget

USB Nugget: Cat-Themed USB Attacks

A versatile USB attack platform that lets you hack computers in seconds using a USB Nugget!

Resources:

How to Update your Nugget:

  1. Download the latest binary file here
  2. Place your Nugget in [Device Firmware Upgrade (DFU) mode]().
  3. Open our web flasher tool in Google Chrome (other browsers not currently supported)
  4. Click on "Connect" and then select the "ESP32-S2" board. Click "Erase" and "OK" to continue.
  5. Once you see "Finished", click "Choose a file" and select the .BIN file you downloaded in step one. Click "Program" to flash your Nugget!
  6. When its done, unplug your Nugget and plug it in again to see the new features. 

Creating Payloads

To upload a payload, you can save a .txt file to the USB Nugget flash drive. Payloads must be saved under an operating system, then category type. (OS->Category->Payload.txt)

Accessing the Web Interface

To access the web interface, connect to Nugget AP with the password nugget123. In a web browser, navigate to 192.168.4.1 to access the payload deployment system.

Updating AP Credentials & Keyboard ID

To edit your USB Nugget's default AP name & password, edit or create the .usbnugget.conf file on your NUGGET drive, and add the following 2 lines:

network = "Nugget AP"
password = "nugget123"

To change the VID and PID of the keyboard, you can just add:

vid = "0x05ac"
pid = "0x20b"

If .usbnugget.conf is not present or contains invalid entries, the above settings will be used.

Current Features