OverThruster – HID Attack Payload Generator For Arduinos
An Arduino that supports keyboard emulation
Python 2.7 (Python 3 version is coming)
Arduino IDE: http://ift.tt/1GPE3bU
NicoHood’s HID: http://ift.tt/2kMkcV6 (This can be installed straight from the Arduino IDE from the menu: Sketch->.Include Library->manage Libraries and search for “HID-Project”)
start by launching OverThruster.py
Select the target’s OS
Select the specific payload
Fill in the required settings
Generate the .ino file
Open the .ino file in the Arduino IDE
Flash the sketch to your Arduino device
After flashing the payload, the Arduino IDE will disconnect the Arduino, then it will automatically reconnect, and deliver the payload. Be ready for characters to suddenly be typed to the screen; I recommend having notepad or similar open and focused when you flash the sketch
OverThruster currently drops the .ino file and the Metasploit .rc file in the working directory, so look for them there.
For the UAC Bypass techniques, timing is key. Older devices will open the Terminal with Admin rights at a slower speed, and therefore you may need to adjust the delay() in the BypassUAC functions in the sketch
This is just the beginning. Many more payloads, features, options and additions are coming.
Please contribute if you have something to add.