Jump to content

skysploit

Active Members
  • Posts

    68
  • Joined

  • Last visited

  • Days Won

    5

Everything posted by skysploit

  1. S3V3N, Yes, I am still around. Not as much as I would like, but still here. Simple-Ducky v2 is well underway, hopefully it will be available soon. v/r ~skysploit
  2. Casual, Thanks for your support. I only do it because of the effort that Hak5 has put forth in developing such an awesome tool. Some people over look the Dusky because of its simplicity. I say you have to look at who is using these devices. Most agencies/companies dont have the time/money to train and reproduce expert programmers. They need simple devices with a simple programming lanuage to conduct security audits. The USB Rubber Ducky and the simple-ducky meet those needs. From the novice to the expert, this device can do everything from boosting the confidence to the operator to performing complex security audits, resulting in better overall security of the network/people. I will be here to help as long as Hak5 and the folks using these products need me to. v/r ~skysploit
  3. ITHKS, Yes, there are some payloads that will work on guest accounts. Just use the payloads that do not require User Access Control (UAC). The powershell, download, and execute payloads are perfect for that. Granted you will have to do some privilege escalation. Take a look at the payload builder and DBD w/o UAC, let me know if you have any issues. v/r ~skysploit
  4. DrDinosaur, Yes I'm working on v1.1.2 at the moment. I have been back logged with work, so its been slow. Hopefully, I'll have it ready by the end of the month. ~skysploit
  5. Try modifying the payload and use dbd. DBD uses an SSL connection and is pretty darn good at bypassing AV without having to obfuscate at all. Not only that the size of the payload itself is tiny... I am currently working on a new version of the simple-ducky and it should be ready in the next couple of weeks. Great job TeCHemically! ~skysploit
  6. jjd, What version of the simple-ducky are you running? In your terminal run: simple-ducky-update and see if that fixes the problem. It appears that dbd is not getting forked over properly.
  7. zuma01, The simple-ducky has the ncat.exe binary built in. You can get the simple-ducky here; https://code.google.com/p/simple-ducky-payload-generator/ . If you would like to be a little more stealthy try using dbd instead (also included in the simple-ducky). ~skysploit
  8. Guys, I was messing around with my Pineapple today and for the life of me I couldn't get the "WPS Button Script" to work. I looked into the script itself to see if there was something strange going go. I noticed that when I initiated the "Update Script" button in the control panel that it was appending a "^M" to the end of every line in the script (see below). My work around was to just ssh into pineapple and alter the script using nano. Hope this helps anyone that is having the same problem. ~skysploit "Update Script" bug #!/bin/sh^M #Script is executed when WPS button^M #is pressed for 2-4 seconds.^M ^M interface=$(ifconfig -a |grep HWaddr | cut -d"L" -f1)^M ^M for i in $interface; do^M ifconfig $i down^M macchanger -a $i^M ifconfig $i up^M done^M ^M Edit the script via nano (To exit NANO use "Ctrl+x" press "y" to save changes, and press "Enter" to close) root@Pineapple:~# nano /etc/pineapple/wpsScript.sh MAC changer script #!/bin/sh #Script is executed when WPS button #is pressed for 2-4 seconds. #This script changes the MAC address of every interface... #Script by skysploit interface=$(ifconfig -a |grep HWaddr | cut -d"L" -f1) for i in $interface; do ifconfig $i down macchanger -a $i ifconfig $i up done Ensuring that the script is executable root@Pineapple:~# chmod +x /etc/pineapple/wpsScript.sh
  9. green, What distro are you installing the simple-ducky on? If the installer fails to pull burpsuite from the repository it will take another approach to installing it. Only a few distros have burpsuite in the their repos. For that purpose I have an alternative installer that will take over when you see that error... Check your machine to see if it is installed. ~skysploit
  10. Phobic81, To encode the payload.txt file that you have created just place it in the "/usr/share/simple-ducky" directory and open a terminal window and "cd" to the same directory. Run this command: java -jar encoder.jar -i payload.txt As far as importing the wallpaper prank into the simple-ducky, i would perfer not to. The simple-ducky is designed for professional penetration testers and the payloads in the are geared specifically for that purpose. However, I am in the process of completely revamping the simple-ducky. I am going to make it 100% modular, that way plugins can be added by each user. This is going to take some time to complete but it is well worth the effort. ~skysploit
  11. 411, This looks great! Thanks for putting in the work... ~skysploit
  12. If you can't find the script, that's probably because you are using v1.1.0 or prior. With version's prior to 1.1.1 the simple-ducky resides in a different directory. If you are unsure of the version use the install instruction below. It will remove the old ducky install as well install the new version. Sorry for the delay... ~skysploit
  13. I was playing with Nishang when i came across this post... I cant wait to get this integrated with the simple-ducky.
  14. DrDinosaur, Great job on the video! I'm glad to see that people are still using the simple-ducky. Hak5 does a great job with the show and the products that they offer. Hopefully, these videos of the simple-ducky entice folks to go out and buy the USB Rubber Ducky.... I'm slowing working on gathering all the payloads within the forums and github. The hard part is vetting all of the payloads. Some are broken or have delay's that not realistic with what a corporate computer would be able to handle. So it takes time to make sure that all of these payloads will work the best can. With that said, I am always looking for people to help with the vetting process. Thanks again ~skysploit P.S. DerbyCon anyone??
  15. What version did you install? If you are on version 1.1.1 (current version), then issue these commands.... sudo ln -sf /usr/share/simple-ducky/simple-ducky.sh /usr/bin/simple-ducky sudo ln -sf /usr/share/simple-ducky/update.sh /usr/bin/simple-ducky-update Also inside /usr/share/simple-ducky/ there's a file called "install.sh" run that by using... sudo bash /usr/share/simple-ducky/install.sh Let me know if this works... ~skysploit
  16. Mahorelee, The simple-ducky is not compatible with Windows. It currently only supports Debian based Linux distro's (i.e. Kali-Linux, Debian, Ubuntu, Linux-Mint, BackBox)... What I recommend you do is install VMWare Player and download Kali-Linux. Below are links for everything that you need. VMWare Player Free Download: http://www.vmware.com/download/player/download.html Kali-Linux: http://www.kali.org/downloads/ (under image type select VMWare) Hope this helps... ~skysploit
  17. Thanks, man... As long as people still find it helpful/value added, i will continue to keep the project alive.
  18. yamil515, It looks like you are not finding pure-ftpd in your repositories... Try installing software-center and locating it that way (apt-get install software-center), you will see the Ubuntu Software Center in your menu. Alternatively you can compile it from source (http://download.pureftpd.org/pub/pure-ftpd/releases/pure-ftpd-1.0.36.tar.gz). Or you can use any other ftp server that you would like. If you can please shorten your last post as it is flooding the channel. thanks One last thought, add Kali's Bleeding edge repositories... echo deb http://repo.kali.org/kali kali-bleeding-edge main >> /etc/apt/sources.list apt-get update apt-get upgrade ~skysploit
  19. Hak5'ers, I have been working on version 1.1.1 over the past few weeks... Good news, its almost ready! There are some big things happening in this revision... Instead of telling you about all the awesomeness here's a teaser. ~skysploit P.S. Did someone say SYSTEM Privs??
  20. Battery_, Kali has pure-ftpd in the repositories (apt-get update && apt-get install pure-ftpd)... What is the specific issue that you are having? Here's the simple-ducky's wiki page for pure-ftpd: https://code.google.com/p/simple-ducky-payload-generator/wiki/PureFTPServer ~skysploit
  21. I'm on it... I just need to run down the street to get a USB adapter for my iPad. Give me a day or so and i will post the results. ~skysploit
  22. f33r, Sorry to hear that you are having issues... With the vm are you using Virtualbox/VMPlayer/Workstation?? Reason I ask is because the Ducky (in my personal experience) does not work with Virtualbox. Have you been able to replicate this issue with any of the other payloads? Also i would recommend moving your firmware version to duck_v2.1.hex (http://code.google.com/p/ducky-decode/). There's a great walkthrough in the Wiki that Midnitesnake put together on flashing the duck. ~skysploit
  23. I'm glad you enjoy the simple-ducky. I know that I am having a blast building the payloads. I think we are just barely scraping the surface of the true potential of this device. To answer your questions; what about combining the payloads? Great question, i am actually in the middle doing just that. Hopefully in the near future there will be a payload designer that will be completely modular. You will be able to add what ever you want, its completely up to your imagination. It's taken a lot of endless nights trying to get all the payloads in the simple-ducky to work properly. In fact version 1.0.0 only had maybe four payloads. what about using the payloads without using external services like ftp and so on? This is a tough one to answer and I'm sure there are mixed opinions... You can probably run some of the payloads using the twin-duck but that would require you to alter the device (correct me if im wrong on that), and it would require you to mount removable media in addition to the HID. The problem there is that some organizations (mine in particular) disables removable media. And a huge flag is raised when a "thumb drive" is plugged in. Therefore, we rely on those additional services to conduct our pentests. If those services are blocked/patched, then good on the company. After all, we are just trying to find the vulnerabilities... With all that said, if there is a big enough demand and someone kicks me a twin-duck i will be more than happy to add some payloads that dump password files and what not to an sd card. There are big plans in the works, its only going to get better from here. Please let me know if there's something that you would like to see added. ~skysploit
×
×
  • Create New...