Keyboard VID & PID Emulation for OSX (Keyboard Setup Assistant)

toaster · May 21, 2022, 2:16am

I’m loving the Flipper so far. However on OSX there is a known issue with keystroke injection attacks:

Both the Bash Bunny and USB Ducky have the ability to flash to a VID and PID to emulate another keyboard. Is there a way to do this with the Flipper?

The issue with OSX and some other OS is that it attempts to map the keyboard upon plugging it in, and won’t execute payloads. If you emulate an Apple keyboard’s VID and PID it will not prompt with the Keyboard Setup Assistant.

There is no way to tab through the menu that I could figure out. You must click continue and then run a simple script like this:

DELAY 1000
STRING z
DELAY 1000
STRING /
DELAY 1000

Then, when it’s done, you can hit the “ANSI” radio button and click done. Now you can run other payloads as the VID will be mapped for future payloads. You won’t get prompted by this menu again.

This obviously isn’t ideal if you want to plug into a fresh OSX device you haven’t ever connected to before and quickly run a payload without being noticed

toaster · May 21, 2022, 2:19am

I am retarded. I just downloaded the demo_macos.txt off the Flipper after updating the firmware. For those that make the same blunder as me, here is the top part of the demo script

ID 1234:5678 Apple:Keyboard
REM You can change these values to VID/PID of original Apple keyboard
REM to bypass Keyboard Setup Assistant

Edit: In case anyone needs it, here’s an example based on the Hak5 link:

ID 05ac:021e Apple:Keyboard
DELAY 1000
GUI SPACE
DELAY 500
STRING Terminal
DELAY 200
ENTER
DELAY 1000
STRING curl icanhazip.com
DELAY 200
ENTER

Astra · May 21, 2022, 12:08pm