Is there any firmware that allows you to save data from the computer onto the SD card attached to the flipper?
If you mean to load Flipper files onto your Flipper, yes, it’s the qFlipper app. However, if you mean automated data exfiltration, not exactly…a Bad USB script could be built to send data and save it on the flash card (I think), but given the many other tools custom-built for this purpose, I’m not sure why you’d bother.
Any examples?
Well this forum is oriented around Flippers, but as a starting point, you might google the “USB Rubber Ducky,” which is a well-known and popular tool of this sort.
That wasnt really my question, I am aware of the HAK5 ducky and have one my self. On the ducky there is a special firmware where the device is a keyboard and a storage device so that you can use a script to save files to the usb drive. This works as a simple and foolproof data extraction method because it’s fully offline. I wanted to know if anyone knows how or has done this with a flipper.
When you are in BadUSB mode, you can’t also use something like Flipper CLI/RPC, …
Because you have only one USB ID at a time in your computer, depending on the opened app on the Flipper, I don’t think there is a chance, right now.
Maybe two USB Hosts can be provided in future.
This is a silly idea, but at least on my PC at home, I was able to toggle the capslock key with Autohotkey V2 eg
SetCapsLockState 0
SetCapsLockState 1
And didn’t seem to need Administrator (didn’t actually install Autohotkey was just using the executable by itself as user)
What if the BadUSB types out the AutoHotkey64 binary (or a much simpler program optimally), along with a script that encodes the data file you are siphoning to the BadUSB/Flipper that is acting like a keyboard, by using the Capslock or Numlock as a data channel back. This would work around things that block USB drives, as it is still just a ‘usb keyboard’, and wouldn’t need 2 USB ID’s.
Then the Flipper just has to decode the morse code (or more optimal code) of the blinking numlock and capslock keys and write that to file.
Would be very slow, but whatever.
I’d have to think that has been done to some extent with the Rubber Duckys but didn’t find an example using keyboard controls to send data back to the ‘keyboard’ on a very quick search of this.
EDIT:
It’s called keystroke reflection