wangyihang / usbkeyboarddatahacker: usb keyboard traffic packet forensics tool, used to recover the keystroke information of users

Description :

Usage : 
        python UsbKeyboardHacker.py data.pcap
Tips : 
        To use this python script , you must install the tshark first.
        You can use `sudo apt-get install tshark` to install it
Author : 
        WangYihang <[email protected]>
        If you have any questions , please contact me by email.
        Thank you for using.

Demo :

1. Step1 , Get data

[email protected]:~/UsbKeyboardDataHacker$ tshark -r ./example.pcap -T fields -e usb.capdata
00:00:09:00:00:00:00:00
00:00:00:00:00:00:00:00
00:00:0f:00:00:00:00:00
00:00:00:00:00:00:00:00
00:00:04:00:00:00:00:00
00:00:00:00:00:00:00:00
00:00:0a:00:00:00:00:00
00:00:00:00:00:00:00:00
20:00:00:00:00:00:00:00
20:00:2f:00:00:00:00:00
...


2. Step2 , decode

[email protected]:~/UsbKeyboardDataHacker$ python UsbKeyboardDataHacker.py ./example.pcap 
[-] Unknow Key : 01
[-] Unknow Key : 01
[+] Found : flag{pr355_0nwards_a2fee6e0}

Example video:

https://www.youtube.com/watch?v=unBwmcpXbhE

IMCAFS

wangyihang / usbkeyboarddatahacker: usb keyboard traffic packet forensics tool, used to recover the keystroke information of users

Description :

Demo :

Example video: