HID Attack Guide: Hack Devices With Your Android Device!

Today we will show you how to use your Android device as a Rubber Ducky to perform a HID attack on an Android device or PC.


This feature already exists in Kali Nethunter and what it actually does is through a device Android, access another device.

We are given the opportunity both to bypass the lock screen, and to take full control of a device for future use.

HID attacks with Android

Not a new technique, just a demonstration of how to perform a HID attack using Android instead of a rubber ducky stick. The Android device we will attack does not need to be rooted, to have the ADB/USB option enabled or not, and to have the device authorized, since the attacker's smartphone acts as a connected keyboard.

hid_attack: the script contains custom commands that are executed against the target Android device or computer we want to attack.

The script may not work every time. Therefore, we must play with the keys we send to our target and change the exploit if it does not succeed with the first one. A list of all possible keys can be found at the link below.

What we need


  • A rooted Android device with support for HID attacks in Kernel settings (eg NetHunter ROM)
  • OTG cable


  • Crack PINs of any length from 1 to 10 digits.
  • Use configuration files to support different phones.
  • Optimized PIN lists for 3,4,5 and 6 digits.
  • Bypasses phone pop-ups including low power warning
  • It detects when the phone is disconnected or turned off and waits while retrying every 5 seconds
  • Adjustable delays in N seconds after every X PIN attempts
  • Creates Log file


  • Turn your phone into a PIN cracking machine.
  • Unlike other methods, you don't need to have ADB or USB Debug enabled on the locked phone.
  • The locked Android phone does not need to be rooted.
  • No need to buy specialized hardware, e.g. Rubber Ducky, Teensy, Cellebrite, XPIN Clip, etc..
  • You can easily modify the backoff time to jailbreak many types of devices.


Android-PIN-Bruteforce (0.2) is used to unlock an Android phone (or device) by bruteforcing the lockscreen PIN.
  Find more information at: https://github.com/urbanadventurer/Android-PIN-Bruteforce

  crack                Begin cracking PINs
  resume               Resume from a chosen PIN
  rewind               Crack PINs in reverse from a chosen PIN
  diag                 Display diagnostic information
  version              Display version information and exit

  -f, --from PIN       Resume from this PIN
  -a, --attempts       Starting from NUM incorrect attempts
  -m, --mask REGEX     Use a mask for known digits in the PIN
  -t, --type TYPE      Select PIN or PATTERN cracking
  -l, --length NUM     Crack PINs of NUM length
  -c, --config FILE    Specify configuration file to load
  -p, --pinlist FILE   Specify a custom PIN list
  -d, --dry-run        Dry run for testing. Doesn't send any keys.
  -v, --verbose        Output verbose logs

  android-pin-bruteforce <command> [options]

PoC for Android

PoC for PC

PoC with Nethunter

PoC without Nethunter

How to avoid such an attack

  1. We always charge our mobile phone with our own charger
  2. We always use a complex screen lock code or a complex pattern
  3. We use protection programs on our device and more specifically programs that detect and prevent exploits.


HID support in custom ROM


Brute-force attack using our Android


List of all available keys


iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.096 registrants.
HID, Android, hack

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).