Skip to content

Releases: circle-rd/hid-shell

v0.0.4

Choose a tag to compare

@x42en x42en released this 21 May 22:39
38ebdfb

Full Changelog: v0.0.3...v0.0.4

HID-Shell v0.0.4

Pre-built cross-platform HID-Shell payloads for the
Vandal
ESP32 agent. Drop these binaries onto an agent's MSC volume
(/payloads/) and the universal BadUSB launcher will spawn
the right one on whatever host the device is plugged into.

Assets

File Target Size SHA256 Agent path
hid_shell-linux-x86_64 Linux x86_64 (glibc, libudev) 76K 8d6b7ca761a7c133b68cc56249a3ce539c0d7f5c6731544cec9cf312c5de66b8 /payloads/sl
hid_shell-macos-arm64 macOS arm64 (requires brew install hidapi) 116K e2c8d2c0b62a56681644ddc4c6f1909e0f3998aa47741afbeef0ca672582761e /payloads/sm
hid_shell-windows-x86_64.exe Windows x86_64 (static, no DLL deps) 140K 6cf0bf889bb6a7047bf19f636ee6670c7e6e7000590c2927c0d497301d51c4c1 /payloads/sw.exe
SHA256SUMS Checksum manifest

Deploy to a Vandal agent

  1. Download the three binaries from this release.
  2. Verify checksums:
    sha256sum -c SHA256SUMS
  3. Rename them to the short names the universal launcher
    expects on the agent's MSC volume:
    hid_shell-linux-x86_64        → sl
    hid_shell-macos-arm64         → sm
    hid_shell-windows-x86_64.exe  → sw.exe
    
  4. Upload each file to /payloads/ via the Vandal web UI
    (BadUSB → File transfer). One upload per file, one time
    per agent — the binaries persist on the FAT volume across
    reboots.
  5. From the agent's Shell page, click PrepareStart.
    The BFF streams the universal DuckyScript launcher inline
    (~2 KB, single MQTT message), the agent injects it as HID
    keystrokes, the matching host OS executes the right payload,
    and the bidirectional shell channel comes up.

Runtime requirements on the target host

  • Linux: libudev (part of systemd — universal on
    modern desktops). hidapi is statically linked.
  • Windows: nothing — hidapi, setupapi.dll and
    hid.dll are statically linked or system-provided. Built
    with --app:gui so no console window appears.
  • macOS: brew install hidapi is required because
    hidapi's macOS backend uses Apple's IOKit SDK headers which
    cannot be redistributed in a pre-built static archive. See
    the project README for the opt-in process to produce a fully
    autonomous macOS binary on a real Mac.

Build provenance

  • Repository: circle-rd/hid-shell
  • Commit: 38ebdfba714aacc553e2033094e1f80b63ba2305
  • Workflow: .github/workflows/publish-binaries.yml
  • Toolchain: Ubuntu 26.04 + Nim 2.2.4 + Zig 0.14.1 +
    mingw-w64 + statically prebuilt hidapi 0.14.0

v0.0.3

Choose a tag to compare

@x42en x42en released this 21 May 06:54
03961b6

Full Changelog: v0.0.2...v0.0.3

HID-Shell v0.0.3

Pre-built cross-platform HID-Shell payloads for the
Vandal
ESP32 agent. Drop these binaries onto an agent's MSC volume
(/payloads/) and the universal BadUSB launcher will spawn
the right one on whatever host the device is plugged into.

Assets

File Target Size SHA256 Agent path
hid_shell-linux-x86_64 Linux x86_64 (glibc, libudev) 104K 9d6ae74440bc93a1d0dfca88bf7447e3f17b0faa0b050904025d9c90ef30621a /payloads/sl
hid_shell-macos-arm64 macOS arm64 (requires brew install hidapi) 140K 71cf125839321df38d3bd42aaf84653b0968b78c983aa87689546139c5c4b2fa /payloads/sm
hid_shell-windows-x86_64.exe Windows x86_64 (static, no DLL deps) 140K b132e2938224cf63d739d4eeff7ff827597db8e6f1e65bc6d53b68873c2cf6a9 /payloads/sw.exe
SHA256SUMS Checksum manifest

Deploy to a Vandal agent

  1. Download the three binaries from this release.
  2. Verify checksums:
    sha256sum -c SHA256SUMS
  3. Rename them to the short names the universal launcher
    expects on the agent's MSC volume:
    hid_shell-linux-x86_64        → sl
    hid_shell-macos-arm64         → sm
    hid_shell-windows-x86_64.exe  → sw.exe
    
  4. Upload each file to /payloads/ via the Vandal web UI
    (BadUSB → File transfer). One upload per file, one time
    per agent — the binaries persist on the FAT volume across
    reboots.
  5. From the agent's Shell page, click PrepareStart.
    The BFF streams the universal DuckyScript launcher inline
    (~2 KB, single MQTT message), the agent injects it as HID
    keystrokes, the matching host OS executes the right payload,
    and the bidirectional shell channel comes up.

Runtime requirements on the target host

  • Linux: libudev (part of systemd — universal on
    modern desktops). hidapi is statically linked.
  • Windows: nothing — hidapi, setupapi.dll and
    hid.dll are statically linked or system-provided. Built
    with --app:gui so no console window appears.
  • macOS: brew install hidapi is required because
    hidapi's macOS backend uses Apple's IOKit SDK headers which
    cannot be redistributed in a pre-built static archive. See
    the project README for the opt-in process to produce a fully
    autonomous macOS binary on a real Mac.

Build provenance

  • Repository: circle-rd/hid-shell
  • Commit: 03961b674d281253e85096bb27ed7ad74ebca4c6
  • Workflow: .github/workflows/publish-binaries.yml
  • Toolchain: Ubuntu 26.04 + Nim 2.2.4 + Zig 0.14.1 +
    mingw-w64 + statically prebuilt hidapi 0.14.0

v0.0.2

Choose a tag to compare

@x42en x42en released this 21 May 00:34
7584f4a

Full Changelog: v0.0.1...v0.0.2

v0.0.1

Choose a tag to compare

@x42en x42en released this 21 May 00:23
7b504bb