Adds Keystroke Reflection Exfoliation (#335)

* Adds Hak5's Keystroke Reflection Exfoliation Adds a way to read in caps, scroll, and num lock so that you can export information from the attack into a loot.bin. Has some caveats on how it works * Fixed programing status bug
2025-12-06 02:41:45 +00:00 · 2025-11-16 17:15:54 -08:00
parent ca88c6c159
commit d730a804e0
3 changed files with 154 additions and 51 deletions
--- a/boot.py
+++ b/boot.py
@@ -7,7 +7,20 @@ from board import *
 import board
 import digitalio
 import storage
+import os

+def is_exfil_enabled(payload_path="payload.dd"):
+    try:
+        with open(payload_path, "r") as f:
+            for line in f:
+                if "$_EXFIL_MODE_ENABLED" in line and "TRUE" in line.upper():
+                    return True
+    except OSError:
+        pass
+    return False
+
+exfil_enabled = is_exfil_enabled()
+loot_exists = "loot.bin" in os.listdir("/")
 noStorage = False
 noStoragePin = digitalio.DigitalInOut(GP15)
 noStoragePin.switch_to_input(pull=digitalio.Pull.UP)
@@ -23,7 +36,9 @@ noStorageStatus = noStoragePin.value
 # Pico W:
 #   GP15 not connected == USB NOT visible
 #   GP15 connected to GND == USB visible
-
+if exfil_enabled:
+    if not loot_exists:
+        storage.disable_usb_drive()
 if(board.board_id == 'raspberry_pi_pico' or board.board_id == 'raspberry_pi_pico2'):
    # On Pi Pico, default to USB visible
    noStorage = not noStorageStatus
@@ -39,3 +54,5 @@ if(noStorage == True):
 else:
    # normal boot
    print("USB drive enabled")
+
+