Cactus WHID: WiFi HID Injector USB Rubberducky On Steroids
Cactus WHID: WiFi HID Injector USB (Rubberducky)
£26.99 Add to basket

Cactus WHID: WiFi HID Injector USB (Rubberducky)

£26.99

Cactus WHID: WiFi HID Injector USB Rubberducky On Steroids

WiFi HID Injector for Fun & Profit – An USB Rubberducky On Steroids. [Customized HW based on Atmega 32u4 and ESP-12S].

This device allows keystrokes to be sent via WiFi to a target machine. The target recognises the Ducky as both a standard HID keyboard and a serial port, allows interactive commands and scripts to be executed on the target remotely.

Hardware Design Author: Luca Bongiorni

Only 2 left in stock (can be backordered)

Only 2 items left in stock!

Free shipping on £10+ UK and £100+ International orders

  • £150+ International orders have free priority shipping
  • £150+ UK orders have free next day delivery
  • UK next day delivery available if ordered before 1pm, as well as worldwide express 1-3 day delivery.
  • 14 day returns for replacements or store credit
  • Lifetime or limited warranty on applicable products

Available Payment Methods

Gadgets & Tools Red Team Tools Merchandise

Cactus WHID: WiFi HID Injector USB Rubberducky On Steroids

WiFi HID Injector for Fun & Profit – An USB Rubberducky On Steroids. [ Customized HW based on Atmega 32u4 and ESP-12S.

This device allows keystrokes to be sent via WiFi to a target machine. The target recognises the Ducky as both a standard HID keyboard and a serial port, allows interactive commands and scripts to be executed on the target remotely.

WiFi HID Injector for Fun & Profit
Hardware Design Author: Luca Bongiorni – https://twitter.com/lucabongiorni
Initial sw based on ESPloit by Corey Harding of www.LegacySecurityGroup.com
WHID Mobile Connector by Paul https://twitter.com/paulwebsec

Third-Party Softwares Compatible with WHID’s Hardware

  • https://github.com/whid-injector/WHID
  • whid.ninja
  • https://github.com/sensepost/USaBUSe
  • https://github.com/spacehuhn/wifi_ducky
  • https://github.com/basic4/WiDucky
  • https://m.youtube.com/channel/UCzh8wlTSYbdZCs__Djym5UQ

HOW TO START [Newbies Edition]

Since July 2017 all Cactus WHID are delivered with pre-loaded ESPloitV2 and are ready to Plug-n-Hack ✌

Thus, even if you are not an Arduino expert, you can immediately have fun!

Just plug it in an USB port and connect to the WiFi network:

SSID “Exploit”

Password “DotAgency”

Open a web browser pointed to “http://192.168.1.1

The default administration username is “admin” and password “hacktheplanet”.

https://youtu.be/5WTrKvQbK9o

For cool payloads or more info check the Wiki or the Payloads directory.

The Hardware

USB Pinouts

In order to make easier the process of weaponizing USB gadgets, you can solder the USB wires to the dedicated pinouts.

The pin closer to USB-A is GND. The pins are:

  • GND
  • D+
  • D-
  • VCC

Documentation WIKI

I HEAVILY RECOMMEND TO READ IT ALL! https://github.com/whid-injector/WHID/wiki

Third-Party Softwares Compatible with WHID’s Hardware

Possible Applications

  • Classic: Remote Keystrokes Injection Over WiFi

Deploy WHID on Victim’s machine and remotely control it by accessing its WiFi AP SSID. (eventually you can also setup WHID to connect to an existing WiFi network)

  • Social Engineering: Deploy WHID inside an USB gadget

The main idea behind it is to test for Social Engineering weaknesses within your target organization (e.g. DLP policy violations) and to bypass physical access restrictions to Target’s device. Usually, I create a fancy brochure (sample template https://github.com/whid-injector/WHID/tree/master/tools/Social_Engineering_Lures ) attached with a weaponized USB gadget and then use a common delivery carrier (e.g. UPS, DHL, FedEx).

Video Tutorials

WHID's Attack Simulation

More Video on WHID’s Youtube Channel:

https://www.youtube.com/channel/UCzh8wlTSYbdZCs__Djym5UQ/videos

Blogposts about WHID

Forensics Analysis of HID Offensive Implants from Societe Generale’s CERT

https://github.com/certsocietegenerale/Publications/blob/master/DFRWS%20EU19%20-%20The%20Rise%20Of%20HID%20Devices.pdf