NetHunter has a feature that allows us to turn our device and OTG cable to behave as a keyboard and hence type any given commands on any connected PC. This allows us to perform HID attacks.
"HID (human interface device) attack vector is a remarkable combination of customized hardware and restriction bypass via keyboard emulation. So, when we insert the device, it will be detected as a keyboard, and using the microprocessor and onboard flash memory storage, you can send a very fast set of keystrokes to the target's machine and completely compromise it."– https://www.safaribooksonline.com/library/view/metasploit/9781593272883/
To perform HID attacks follow the given steps:
- We can perform them by opening the NetHunter app.
- In the menu, we choose HID attacks:
- We will see two tabs:
PowerSploit
andWindows CMD
:
- Let's try the
Windows CMD
; in theEdit source
box, we can type the command we want to be executed. We can even chooseUAC Bypass
from the options...