Looping Payload with Smartphone

exploitagency / ESPloitV2

WiFi Keystroke Injection Tool designed for an Atmega 32u4/ESP8266 Paired via Serial (Cactus WHID Firmware). Also features Serial, HTTP, and PASV FTP exfiltration methods and an integrated Credential Harvester Phishing tool called ESPortal.

MIT License

558 stars 136 forks source link

Looping Payload with Smartphone #29

Closed ChandraOrbit closed 5 years ago

ChandraOrbit commented 5 years ago

I found a bug if the Attacker controls using a Smartphone. when executing payload (Run Payload), there will be a repeat delivery, which is at least 2x payload delivery.

exploitagency commented 5 years ago

Sounds like you hit the back button or refreshed the page. This is a browser/user isssue.

ChandraOrbit commented 5 years ago

I tested 30 units of the 50 units of Cactus WHID that I have, all experienced the same thing if the controller is a smartphone, especially the Samsung S7 Edge, but if you use other brands like Nexus 6p there is no loop.

so I can conclude that repetition is not caused by the device, but because problems in the browser on each brand of smart phones have different characteristics.

Okay, thanks,