*Update at bottom*
I wanted to see if I could use the LOGITacker to compromise a machine remotely. This is just a quick and dirty attempt. I'm using a Logitech MX Master and nano receiver as the device being attacked on the victim machine. Even though the only device attached is a mouse, we are still able to inject keystrokes.
Rundown of what is happening:
Launch Virus & Threat Protection
Disable Real-Time Protection
Open Command Prompt
Use certutil.exe to download malicious payload and execute
I'm sure there are better ways to accomplish the same end goal but this was my quick attempt at "hey, can this work?"
The script the LOGITacker is executing is as follows:
Once we run the script, we have a shell from our attacker machine! Here is a video of it in action:
UPDATE:
There was some question about further detail in working with LOGITacker. Here is more information:
Once a target is detected, you can enter inject mode. Type “inject target <MAC>” and press return.
From there, you should be able to start writing your scripts!
Here is a quick rundown of the main commands:
script press <key> - press the corresponding <key>: GUI, ALT, LEFT, UP
script delay 500 - wait 500ms before next command
script string “cmd.exe” - type cmd.exe
script show - show the current commands
script undo - undo the last command
script store “scriptName” - save script to device as “scriptName”
script load “scriptName” - load script
inject execute - run current script
press, delay, string and show commands