P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W (required for HID backdoor).

P4wnP1 Features (quick summary)

  • WiFi Hotspot for SSH access (Pi Zero W only), support for hidden ESSID
  • operate WiFi in client mode (Pi Zero W only), to relay USB network attacks through WiFi with internet access (MitM)
  • the USB device features work in every possible combination with Windows Plug and Play support (class drivers)
  • Support for device types
    • HID covert channel communication device (see sections ‘HID covert channel frontdoor’ and ‘HID covert channel backdoor’)
    • HID Keyboard
    • USB Mass storage (currently only in demo setup with 128 Megabyte drive)
    • RNDIS (Windows Networking)
    • CDC ECM (MacOS / Linux Networking)
  • Raspberry Pi LED state feedback with a simple bash command (led_blink)
  • customizable bash based payload scripts (see payloads/ subfolder for examples)
  • includes Responder and a precompiled John the Ripper Jumbo version
  • Auto attack: P4wnP1 automatically boots to standard shell if an OTG adapter is attached, the current payload only runs if P4wnP1 is connected as USB device to a target (without USB OTG adapter)

Official Wiki

Stealing Browser Credentials



About Author

Comments are closed.