Jump to content

[Release] Simple-Ducky Payload Generator v1.1.1 (International Key Mapping|Kali Compatible|Custom Payload Builder)


Recommended Posts

Just verified the Duck Programming.zip (20.8MB) - its fine. Downloads and extracts OK (Used Winrar to extract the contents).

bash: ./install_v1.0.9.sh: /bin/bash^M: bad interpreter: No such file or directory

the file has been corrupted by Windows you getting \r at the end of lines which unix systems dont use, use dos2unix to convert the file

apt-get install dos2unix

then convert the file

dos2unix install_v1.0.9.sh

it should then run fine.

Not sure about the reset of the scripts, sorry I havnt really used them or kali

Edited by midnitesnake
Link to comment
Share on other sites

  • Replies 85
  • Created
  • Last Reply

Top Posters In This Topic

I just tried the install script, and I am getting the same errors. Some how the file got damaged. I will up load a new version of the script this evening. In the meantime running these lines will install/update your simple ducky install to version 1.0.9.

root@kali:~# wget http://simple-ducky-payload-generator.googlecode.com/files/simple-ducky-v1.0.9-kali-edition.tar.gz
root@kali:~# tar zxvf simple-ducky-v1.0.9-kali-edition.tar.gz -C /usr/share
root@kali:~# ln -s /usr/share/ducky/encoder/simple-ducky.sh /usr/bin/simple-ducky
root@kali:~# rm simple-ducky-v1.0.9-kali-edition.tar.gz

~skysploit

Edited by skysploit
Link to comment
Share on other sites

List available java implementations

$ update-java-alternatives --list

Use openjdk-6

$ update-java-alternatives --set java-6-openjdk

Use the non-free sun java.

$ update-java-alternatives --set java-6-sun

Use the non-free sun java only for the web plugin

$ update-java-alternatives --plugin --set java-6-sun

That you for the response! Please forgive my ignorrance; but I still do not know exactly how to accomplish this, or even if it is the real issue. Will simply running these commands is sequencial order resolve this issue?

I tried the first two commands in kali and neither one are accepted as valid commands.

Edited by TeCHemically
Link to comment
Share on other sites

That you for the response! Please forgive my ignorrance; but I still do not know exactly how to accomplish this, or even if it is the real issue. Will simply running these commands is sequencial order resolve this issue?

Here's a break down (line by line) of everything that the Update JDK option in the Simple-Ducky does .

For the i386 version on Kali-Linux use this (PAY CLOSE ATTENTION TO # 5)...

1. Download JDK v7 from the Oracle website.
root@kali:~# wget --no-cookies --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com" "http://download.oracle.com/otn-pub/java/jdk/7/jdk-7-linux-i586.tar.gz"

2. Extract the tar.gz
root@kali:~# tar zxvf jdk-7-linux-i586.tar.gz

3. Move jdk1.7.0 to the /usr/lib/jvm directory
root@kali:~# mv jdk1.7.0 /usr/lib/jvm

4. Now we have to setup our system to refer to our new jdk 
root@kali:~# update-alternatives --install /usr/bin/java java /usr/lib/jvm/jdk1.7.0/jre/bin/java 2

5. Apply the update (Note: YOU MUST SELECT OPTION 2 MANUALLY WHEN PROMPTED!)
root@kali:~# update-alternatives --config java

6. Verify the version of JDK that you are using
root@kali:~# java -version
java version "1.7.0_03" <----(You should see something like this)
 
7. Remove the downloaded tar.gz file
root@kali:~# rm jdk-7-linux-i586.tar.gz

For the amd64 version on Kali-Linux use this (PAY CLOSE ATTENTION TO # 5)...

1. Download JDK v7 from the Oracle website.
root@kali:~# wget --no-cookies --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com" "http://download.oracle.com/otn-pub/java/jdk/7u17-b02/jdk-7u17-linux-x64.tar.gz"
		
2. Extract the tar.gz
root@kali:~# tar zxvf jdk-7u17-linux-x64.tar.gz

3. Move jdk1.7.0 to the /usr/lib/jvm directory
root@kali:~# mv jdk1.7.0_17/ /usr/lib/jvm

4.Now we have to setup our system to refer to our new jdk 
root@kali:~# update-alternatives --install /usr/bin/java java /usr/lib/jvm/jdk1.7.0_17/jre/bin/java 2

5. Apply the update (Note: YOU MUST SELECT OPTION 2 MANUALLY WHEN PROMPTED!)
root@kali:~# update-alternatives --config java

6. Verify the version of JDK that you are using
root@kali:~# java -version
java version "1.7.0_03"  <----(You should see something like this)

7. Remove the downloaded tar.gz file
root@kali:~# rm jdk-7u17-linux-x64.tar.gz

I hope this helps man...

~skysploit

Edited by skysploit
Link to comment
Share on other sites

Here's a break down (line by line) of everything that the Update JDK option in the Simple-Ducky does .

For the i386 version on Kali-Linux use this (PAY CLOSE ATTENTION TO # 5)...

1. Download JDK v7 from the Oracle website.
root@kali:~# wget --no-cookies --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com" "http://download.oracle.com/otn-pub/java/jdk/7/jdk-7-linux-i586.tar.gz"

2. Extract the tar.gz
root@kali:~# tar zxvf jdk-7-linux-i586.tar.gz

3. Move jdk1.7.0 to the /usr/lib/jvm directory
root@kali:~# mv jdk1.7.0 /usr/lib/jvm

4. Now we have to setup our system to refer to our new jdk 
root@kali:~# update-alternatives --install /usr/bin/java java /usr/lib/jvm/jdk1.7.0/jre/bin/java 2

5. Apply the update (Note: YOU MUST SELECT OPTION 2 MANUALLY WHEN PROMPTED!)
root@kali:~# update-alternatives --config java

6. Verify the version of JDK that you are using
root@kali:~# java -version
java version "1.7.0_03" <----(You should see something like this)
 
7. Remove the downloaded tar.gz file
root@kali:~# rm jdk-7-linux-i586.tar.gz

For the amd64 version on Kali-Linux use this (PAY CLOSE ATTENTION TO # 5)...

1. Download JDK v7 from the Oracle website.
root@kali:~# wget --no-cookies --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com" "http://download.oracle.com/otn-pub/java/jdk/7u17-b02/jdk-7u17-linux-x64.tar.gz"
		
2. Extract the tar.gz
root@kali:~# tar zxvf jdk-7u17-linux-x64.tar.gz

3. Move jdk1.7.0 to the /usr/lib/jvm directory
root@kali:~# mv jdk1.7.0_17/ /usr/lib/jvm

4.Now we have to setup our system to refer to our new jdk 
root@kali:~# update-alternatives --install /usr/bin/java java /usr/lib/jvm/jdk1.7.0_17/jre/bin/java 2

5. Apply the update (Note: YOU MUST SELECT OPTION 2 MANUALLY WHEN PROMPTED!)
root@kali:~# update-alternatives --config java

6. Verify the version of JDK that you are using
root@kali:~# java -version
java version "1.7.0_03"  <----(You should see something like this)

7. Remove the downloaded tar.gz file
root@kali:~# rm jdk-7u17-linux-x64.tar.gz

I hope this helps man...

~skysploit

Thanks skysploit! I am running kali 1.0.3 686. This happens with every payload I try. This is my output from that last bit:

java -version

java version "1.6.0_27"

OpenJDK Runtime Environment (IcedTea6 1.12.4) (6b27-1.12.4-1)

OpenJDK Server VM (build 20.0-b12, mixed mode)

So it appears that my java update has not gone through successfully. I have tried this on a kali 1.0.2 686 VM, kali 1.0.3 686 VM , and on a BT5r3 VM. All failed in much the same way.

Edited by TeCHemically
Link to comment
Share on other sites

I get the following error on all payloads that I try to generate on Kali 1.0.3 VM (I have already updated 64 bit java)

Exception in thread "main" java.lang.UnsupportedClassVersionError: Encoder : Unsupported major.minor version 51.0

at java.lang.ClassLoader.defineClass1(Native Method)

at java.lang.ClassLoader.defineClass(ClassLoader.java:634)

at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)

at java.net.URLClassLoader.defineClass(URLClassLoader.java:277)

at java.net.URLClassLoader.access$000(URLClassLoader.java:73)

at java.net.URLClassLoader$1.run(URLClassLoader.java:212)

at java.security.AccessController.doPrivileged(Native Method)

at java.net.URLClassLoader.findClass(URLClassLoader.java:205)

at java.lang.ClassLoader.loadClass(ClassLoader.java:321)

at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:294)

at java.lang.ClassLoader.loadClass(ClassLoader.java:266)

Could not find the main class: Encoder. Program will exit.

The end result is that no inject.bin file is ever created. The payload.txt file is created; but I cannot manually from terminal use encoder to convert that to the inject.bin either. Kali linux has the pae kernel and should be considered 64 bit right? When I updated java should I have selected 32 bit? Could that be the cause of my grief?

UPDATE: Just tried this all out in BT5r3 with the other linux installer and I am getting the exact same error. I know it is 32 bit and I used the 32 bit java update option. I am not even getting the payload.txt generated in the ducky folder in BT5r3. Also, when installing dependencies it downloaded the latest 64 bit metasploit installer; but MSF is already installed and fully updated. Should I bother running this installer? I fear it will bork up my MSF install. Thanks for all who respond! :)

With Backtrack, you should be fine using the Kali install (I don't advertise that because Offensive Security is trying to move folks off of Backtrack)... You don't need to install the dependencies for Backtrack as it has all the necessary software. The "other-linux" install is designed for ubuntu/linux mint etc...

try running this command again...

update-alternatives --config java 

When prompted select this option... It may not be at number two if you have run the install multiple times.

/usr/lib/jvm/jdk1.7.0_17/jre/bin/java

So with the i386 (Linux kali 3.7-trunk-686-pae #1 SMP Debian 3.7.2-0+kali6 i686 GNU/Linux) version you should be running the 32bit jdk update....

~skysploit

Link to comment
Share on other sites

With Backtrack, you should be fine using the Kali install (I don't advertise that because Offensive Security is trying to move folks off of Backtrack)... You don't need to install the dependencies for Backtrack as it has all the necessary software. The "other-linux" install is designed for ubuntu/linux mint etc...

try running this command again...

update-alternatives --config java 

When prompted select this option... It may not be at number two if you have run the install multiple times.

/usr/lib/jvm/jdk1.7.0_17/jre/bin/java

So with the i386 (Linux kali 3.7-trunk-686-pae #1 SMP Debian 3.7.2-0+kali6 i686 GNU/Linux) version you should be running the 32bit jdk update....

~skysploit

I ran the 32 bit setup and selected the "/usr/lib/jvm/jdk1.7.0_17/jre/bin/java" option. The following error is what I get:

Your new JDk version is...

/usr/bin/simple-ducky: line 3892: /usr/bin/java: cannot execute binary file

Would you like to return to the main menu [y/n]?

When I try to generate the inject.bin from a selected payload I get the following:

Generating your inject.bin file...

/usr/bin/simple-ducky: line 1021: /usr/bin/java: cannot execute binary file

Your payload has been created, its located in /usr/share/ducky/encoder

Your evil executable has been created, it is in located at /var/www/winmgmt.txt

Press any key to contiue

Edited by TeCHemically
Link to comment
Share on other sites

Hey guys,

anyone else getting the message:

"bash: simple-ducky: command not found"

The script seems to be running good and installs without issues as far as I can tell. It says to press any key to continue, so I do. After that, when I type simple-ducky as a command, it gives me the above message.

I read through the entire post and no one had this same issue or I wouldn't be asking.

I'm probably just doing something wrong so any help would be appreciated.

Thank you,

-JCAG

Forgot to mention that I am doing this on Kali Linux using their Raspberry Pi image.

Hope that helps!

Edited by JCAG
Link to comment
Share on other sites

Hey guys,

anyone else getting the message:

"bash: simple-ducky: command not found"

The script seems to be running good and installs without issues as far as I can tell. It says to press any key to continue, so I do. After that, when I type simple-ducky as a command, it gives me the above message.

I read through the entire post and no one had this same issue or I wouldn't be asking.

I'm probably just doing something wrong so any help would be appreciated.

Thank you,

-JCAG

Forgot to mention that I am doing this on Kali Linux using their Raspberry Pi image.

Hope that helps!

It seems like the symbolic link didnt take...

Try running this command:

ln -s /usr/share/ducky/encoder/simple-ducky.sh /usr/bin/simple-ducky

Let me know if this works. I have not tried the R-Pi, so I am interested to see how the simple-ducky holds up... On a side note I have a new version that I'm finalizing now that has a much more detailed installer. It should be up by this time tomorrow (fingers crossed).

~skysploit

Link to comment
Share on other sites

I just recently changed my screen resolution to a higher ratio. I am now receiving the following error:

"resize: Time out occurred"

I can stop the process then highlight my blank konsole window to reveal that the main menu was generated.

Though I can only do so once I have used ^C. I have tried using different color profiles for konsole but to

no avail. Any ideas?

Link to comment
Share on other sites

I just recently changed my screen resolution to a higher ratio. I am now receiving the following error:

"resize: Time out occurred"

I can stop the process then highlight my blank konsole window to reveal that the main menu was generated.

Though I can only do so once I have used ^C. I have tried using different color profiles for konsole but to

no avail. Any ideas?

This is certainly a new issue... What version of the simple ducky are you using?

~skysploit

Link to comment
Share on other sites

Hi skysploit ,

thanks for ure work. i really enjoyed it to follow.

some question: what about combining the payloads, means including more than one payload to the ducky, example, first, dump hashes, then dump wlankeys and so on?

and another question:

what about using the payloads without using external services like ftp and so on?

regards

Edited by rubberduckyuser
Link to comment
Share on other sites

Hi skysploit ,

thanks for ure work. i really enjoyed it to follow.

some question: what about combining the payloads, means including more than one payload to the ducky, example, first, dump hashes, then dump wlankeys and so on?

and another question:

what about using the payloads without using external services like ftp and so on?

regards

I'm glad you enjoy the simple-ducky. I know that I am having a blast building the payloads. I think we are just barely scraping the surface of the true potential of this device. To answer your questions;

what about combining the payloads? Great question, i am actually in the middle doing just that. Hopefully in the near future there will be a payload designer that will be completely modular. You will be able to add what ever you want, its completely up to your imagination. It's taken a lot of endless nights trying to get all the payloads in the simple-ducky to work properly. In fact version 1.0.0 only had maybe four payloads.

what about using the payloads without using external services like ftp and so on? This is a tough one to answer and I'm sure there are mixed opinions... You can probably run some of the payloads using the twin-duck but that would require you to alter the device (correct me if im wrong on that), and it would require you to mount removable media in addition to the HID. The problem there is that some organizations (mine in particular) disables removable media. And a huge flag is raised when a "thumb drive" is plugged in. Therefore, we rely on those additional services to conduct our pentests. If those services are blocked/patched, then good on the company. After all, we are just trying to find the vulnerabilities... With all that said, if there is a big enough demand and someone kicks me a twin-duck i will be more than happy to add some payloads that dump password files and what not to an sd card.

There are big plans in the works, its only going to get better from here. Please let me know if there's something that you would like to see added.

~skysploit

Link to comment
Share on other sites

This is certainly a new issue... What version of the simple ducky are you using?

~skysploit

I believe it was all down to a corrupted / misconfigured install of backtrack. I decided to take the chance to use kali linux. What a fresh breath of air that was installing from kali. What can I say, I REALLY appreciate the work put into this script.

Link to comment
Share on other sites

  • 4 weeks later...

Hi,

Just to start great kudos to the developer! great job.

my prob, i just received the ducky and tested with a hello payload all works fine. but when using simple-ducky-payload-generator or just the ducky encoder to create a reverse shell with or without uac admin, in the payload.txt file all is ok but when plug the ducky to a vm with windows 7 when the tipping starts on the cmd some chars just get heated! :S

this is result from cmd

http://pastebin.com/0shy7hmt

at first i thougth it had to be with the keyboard that i selected PT, but i created a hello payload with some native PT chars all ok.

i have my ducky as stock so no firmware only testing payloads for now.

any idea?

thks

f33r

Link to comment
Share on other sites

Hi,

Just to start great kudos to the developer! great job.

my prob, i just received the ducky and tested with a hello payload all works fine. but when using simple-ducky-payload-generator or just the ducky encoder to create a reverse shell with or without uac admin, in the payload.txt file all is ok but when plug the ducky to a vm with windows 7 when the tipping starts on the cmd some chars just get heated! :S

this is result from cmd

http://pastebin.com/0shy7hmt

at first i thougth it had to be with the keyboard that i selected PT, but i created a hello payload with some native PT chars all ok.

i have my ducky as stock so no firmware only testing payloads for now.

any idea?

thks

f33r

f33r,

Sorry to hear that you are having issues... With the vm are you using Virtualbox/VMPlayer/Workstation?? Reason I ask is because the Ducky (in my personal experience) does not work with Virtualbox. Have you been able to replicate this issue with any of the other payloads?

Also i would recommend moving your firmware version to duck_v2.1.hex (http://code.google.com/p/ducky-decode/). There's a great walkthrough in the Wiki that Midnitesnake put together on flashing the duck.

~skysploit

Link to comment
Share on other sites

f33r,

Sorry to hear that you are having issues... With the vm are you using Virtualbox/VMPlayer/Workstation?? Reason I ask is because the Ducky (in my personal experience) does not work with Virtualbox. Have you been able to replicate this issue with any of the other payloads?

Also i would recommend moving your firmware version to duck_v2.1.hex (http://code.google.com/p/ducky-decode/). There's a great walkthrough in the Wiki that Midnitesnake put together on flashing the duck.

~skysploit

Hi skysploit,

thks for the reply i'm using vmware workstation 9.0.

I have tested reverse windows 7 and 8 with and without uac and all do the same... this also happens if using the ducky-encoder.

I will test with the firmware you advice and get back with news.

Link to comment
Share on other sites

Hi skysploit,

thks for the reply i'm using vmware workstation 9.0.

I have tested reverse windows 7 and 8 with and without uac and all do the same... this also happens if using the ducky-encoder.

I will test with the firmware you advice and get back with news.

Thks Sploit prob solved with new firmware!

Link to comment
Share on other sites

I'm having issues with Pure-FTPD not being installed, or installed correctly. The setup script didn't have it working and the repositories can't find it in Kali.

I downloaded and installed it from a tar.gz file but simple-ducky still can't work with it. Has anyone run into this issue before?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...