OverThruster is a tool to generate sketches for Arduinos when used as an HID Attack. It was designed around devices with the ATMEGA32U4 chip, like the CJMCU-BEETLE, or the new LilyGo “BadUSB” devices popping up on ebay and aliexpress that look like USB sticks but contain an Arduino.
The developer gave a detailed clarification on his thoughts. “I wrote this because the few other tools out there that do similar don’t have as many customization options like the UAC Bypass options or the notification bubble options. I wanted to create something that could quickly generate a custom payload and that did not require anything extra to be install beyond the standard Python libraries and the Arduino IDE. I also wrote this to get better at Python. This is my first release of anything, so expect problems.”
Requirements
- An Arduino that supports keyboard emulation
- Python 2.7 (Python 3 version is coming)
- Arduino IDE: https://www.arduino.cc/en/Main/Software
- NicoHood’s HID: https://github.com/NicoHood/HID/ (This can be installed straight from the Arduino IDE from the menu: Sketch->.Include Library->manage Libraries and search for “HID-Project”)
Use
- start by launching OverThruster.py
- Select the target’s OS
- Select the specific payload
- Fill in the required settings
- Generate the .ino file
- Open the .ino file in the Arduino IDE
- Flash the sketch to your Arduino device
Notes
- After flashing the payload, the Arduino IDE will disconnect the Arduino, then it will automatically reconnect, and deliver the payload. Be ready for characters to suddenly be typed to the screen; I recommend having notepad or similar open and focused when you flash the sketch
- OverThruster currently drops the .ino file and the Metasploit .rc file in the working directory, so look for them there.
- For the UAC Bypass techniques, timing is key. Older devices will open the Terminal with Admin rights at a slower speed, and therefore you may need to adjust the delay() in the BypassUAC functions in the sketch
- This is just the beginning. Many more payloads, features, options and additions are coming.
- Please contribute if you have something to add.
