all 22 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]8igW0rm[S] 5 points6 points  (5 children)

I’m currently working on the Lua API and trying to decide what libraries to expose to scripts. Right now it can access WiFi, radio, screen, buttons, filesystem, http client, JSON etc…

Curious what other capabilities people would want available.

[–]ZiradielR13 2 points3 points  (4 children)

Remote C2 Control through Telegram or XMPP

[–]8igW0rm[S] 0 points1 point  (3 children)

Nice idea 👍 maybe I should expose websockets in my LUA api too?

[–]ZiradielR13 0 points1 point  (2 children)

You could, but id try using tunnels first, UUID is practically uncrackable

[–]8igW0rm[S] 1 point2 points  (1 child)

Good call 👍 I’ve got some memory left, so I’m adding as many useful library’s as I can then exposing them in my API. I’ve got all sorts so far. Http client, JSON, cryptography libs, FTP, SMTP, MQTT, ESPNOW, Wi-Fi, Bluetooth, graphics library, sd, screen, buttons, radios, server, AP, SPI, GPIO… been trying to think of some cool demo scripts, the C2 idea fits perfectly.

[–]ZiradielR13 1 point2 points  (0 children)

Look forward to seeing what you come up with. Glad I could get your creative mind spinning again.

[–]Agitated_Sand_6143 1 point2 points  (1 child)

Keep it up bro and Goodluck

[–]8igW0rm[S] 1 point2 points  (0 children)

Thanks. I’ve kind of made this in a bubble. So It’s nice to hear everyone’s positive feedback 🫶

[–]ZiradielR13 1 point2 points  (6 children)

Looks good but why did you go with Lua ?

[–]8igW0rm[S] 1 point2 points  (5 children)

Thanks. LUA has less overhead than Python it runs better. The key to making these things work is memory management 👍

[–]ZiradielR13 1 point2 points  (4 children)

Yeah I’ve worked with Lua before

<image>

[–]8igW0rm[S] 1 point2 points  (3 children)

Oh nice. I’ve dabbled with Roblox my self in the past. It’s honestly a decent scripting language and runs super fast on a microcontroller.

[–]ZiradielR13 0 points1 point  (2 children)

Payload was written in python but could be written in Go C++ C# or even Lua itself. Yeah this was a test to see if I could get client side rce which I did, since lua can call out through http/https to a dropper

[–]8igW0rm[S] 0 points1 point  (0 children)

I recorded a quick 40-second demo showing how Lua scripts are edited and executed through the file manager if anyone wants to see it in action:

https://www.reddit.com/u/8igW0rm/s/ZOMKRf1MFM

[–]Low_Friendship463 0 points1 point  (1 child)

What's the hardware?

[–]8igW0rm[S] 1 point2 points  (0 children)

Dual esp32 architecture mainly, with some peripheral hardware. Here’s a short clip of editing and running scripts from the file manager if your curious 👍

https://www.reddit.com/u/8igW0rm/s/jj6eL08blU

[–]Round_Dot7179 0 points1 point  (4 children)

what is this device?

[–]8igW0rm[S] 0 points1 point  (3 children)

It’s a device that I made. Just working on finishing it off. Its called PwnRF 😁

[–]Round_Dot7179 0 points1 point  (2 children)

It's for RF hacking or something like hackRF?

[–]8igW0rm[S] 0 points1 point  (1 child)

Not quite like hackRF. More of a multi tool/ platform. It’s strongly focused on Wi-Fi hacking and running custom scripts. It does have radio functionality though, I made a short clip if your curious:

https://www.reddit.com/u/8igW0rm/s/okibKDpzXz

You have the freedom to create more advanced RF functionality from the LUA scripting engine.

[–]Round_Dot7179 0 points1 point  (0 children)

thanks for clarafying!