Flipper as password kepper (keyboard proxy)

BadUSB
#1

My idea is based on online password storage.
make it offline - keep it safe!

You would run “keyboard proxy” (application) and set in a master password, once used it would decrypt th file on flipper sd containing your passwords.

Flipper “keyboard proxy” (application)
has some functions

  1. SIMPLE PASSKEEPER
  • select pass on flipper!
  • press ok
  • flipper send “password” on badusb
  1. next gen function KEYBOARDPROXY!

keyboard > custom wire (uart) > flipper > wire(usb)/bluetooth > device

now you can use:

  • rec new passwords in store
  • run macros by key pressing keys combo
  • other keys proxy to device unmodified

example: press ctrl + F1 and flipper send “password” on badusb

  1. KEYLOGGER
    but its ok if i can get keylog from sd card directly.
    this func can be activated from settings in app
    logging all key press and pauses between(customized)

ps: “keyboard proxy” (application) is only idea

pps: if you have idea how to it!
please post links or schemas
how to connect keyboard to uart
and read keys, some code example !

with big thanks to all

menu prototype

  • collections (password collection)
    • favorites
      • pass 1
        • favorite [on/off] (for all pass display in favorites)
        • delete
      • pass 2
    • folder 1
      • pass 1
    • folder 2
      • pass 2
      • pass 3
  • macros (macros is link to password)
    • macros 1 (master key + 1)
      • link to (select pass from collection)
      • delete (free link)
    • macros 2
    • macros 10
  • new folder(create)
    • input name
  • new password (create)
    • input name
      • input password
        • select folder
  • rec password
    • input name
      • rec pass from uart keyboard
        • display pass
          • select folder
  • settings
    • set master key (main button to activate macros)
      • super
      • rwin
      • win
      • input combo
    • keylog
      • enable on/off
      • pauses (write pause more than value as new line \n)
        • enable on/off
        • set value (10 - 1000 ms)
1 Like
#2

And why not use Flipper as an hardware keylogger?
Surely it’s too big to be “invisible” but can be an interesting application to develop.

1 Like
#3

Flipper as a keylogger would require for flipper to be able to retrieve a file with the pressed keys at the same time it would somehow intercept the keys so it would be quite hard unless you use GPIO with a 3rd party module to tap in the keyboard on something like ps2 kyboards or if you run software to do the logging and save back to flipper but flipper can’t behave as a external storage device and as a keyboard at the same time.

Regarding password saving it would be COOL to have something like lastpass on flipper as external app .

You would run the app and set in a master password, once used it would decrypt th file on flipper sd containing your passwords, from there it would send the selected password either by USB keyboard emulation or BT keeboard emulation. Absolutly possible to do , like a password vault encrypted that people could add passwords and store them on flipper or future use.

2 Likes
#4

ok i understand send pass over badusb no problem !

yes you understand my idea! but

can you describe where is and what problem
with keyboard proxy

  1. connect usb keyboard to gpio (maybe 13 14 pins?)
    i think any body can cut usb cable and plug it into gpio
    no boar need!
    what pins is better? or really extend board needed?

  2. read keys(signal) from keyboard

  3. proxy signals

  4. call custom func / macros
    i think 10 hard called macros its ok, other from menu.

  5. as keylogger is not main func.
    but its ok if i can get keylog from sd card directly.
    this func can be activated from settings in app

  • logging all key press and pauses between(customized)
#5

If you don’t care for password encryption and loosing your flipper you can create bad usb files/scripts with your passwords to send over usb emulated keyboard already without the need of any extra app, just write the password is text as bad usb files to the bad usb script folder …

#6

I know this is thread necromancy… but I also would like some sort of abiltiy to do mooltipass https://www.themooltipass.com/ style password stuff on a flipper… combining multiple functions…

You could use a private key on a nfc card as the to decrypt a password database.

I’m sure there’s a way.