no42 Posted May 2, 2013 Share Posted May 2, 2013 (edited) Just verified the Duck Programming.zip (20.8MB) - its fine. Downloads and extracts OK (Used Winrar to extract the contents). bash: ./install_v1.0.9.sh: /bin/bash^M: bad interpreter: No such file or directory the file has been corrupted by Windows you getting \r at the end of lines which unix systems dont use, use dos2unix to convert the file apt-get install dos2unix then convert the file dos2unix install_v1.0.9.sh it should then run fine. Not sure about the reset of the scripts, sorry I havnt really used them or kali Edited May 2, 2013 by midnitesnake Quote Link to comment Share on other sites More sharing options...
skysploit Posted May 2, 2013 Author Share Posted May 2, 2013 (edited) I just tried the install script, and I am getting the same errors. Some how the file got damaged. I will up load a new version of the script this evening. In the meantime running these lines will install/update your simple ducky install to version 1.0.9. root@kali:~# wget http://simple-ducky-payload-generator.googlecode.com/files/simple-ducky-v1.0.9-kali-edition.tar.gz root@kali:~# tar zxvf simple-ducky-v1.0.9-kali-edition.tar.gz -C /usr/share root@kali:~# ln -s /usr/share/ducky/encoder/simple-ducky.sh /usr/bin/simple-ducky root@kali:~# rm simple-ducky-v1.0.9-kali-edition.tar.gz ~skysploit Edited May 2, 2013 by skysploit Quote Link to comment Share on other sites More sharing options...
AshiOni Posted May 2, 2013 Share Posted May 2, 2013 Not sure if I should be confused or concerned when I see "./install v1.0.9.sh: /bin/bash^M: bad interpreter:" Quote Link to comment Share on other sites More sharing options...
TeCHemically Posted May 2, 2013 Share Posted May 2, 2013 (edited) List available java implementations $ update-java-alternatives --list Use openjdk-6 $ update-java-alternatives --set java-6-openjdk Use the non-free sun java. $ update-java-alternatives --set java-6-sun Use the non-free sun java only for the web plugin $ update-java-alternatives --plugin --set java-6-sun That you for the response! Please forgive my ignorrance; but I still do not know exactly how to accomplish this, or even if it is the real issue. Will simply running these commands is sequencial order resolve this issue? I tried the first two commands in kali and neither one are accepted as valid commands. Edited May 3, 2013 by TeCHemically Quote Link to comment Share on other sites More sharing options...
skysploit Posted May 3, 2013 Author Share Posted May 3, 2013 I just posted and verified a new install_v1.0.9.sh script on the Google code page. Here's the link: https://code.google.com/p/simple-ducky-payload-generator/downloads/detail?name=simple-ducky-v1.0.9-kali-edition.tar.gz&can=2&q= The new script fixes the "./install v1.0.9.sh: /bin/bash^M: bad interpreter:" error. ~skysploit Quote Link to comment Share on other sites More sharing options...
skysploit Posted May 3, 2013 Author Share Posted May 3, 2013 (edited) That you for the response! Please forgive my ignorrance; but I still do not know exactly how to accomplish this, or even if it is the real issue. Will simply running these commands is sequencial order resolve this issue? Here's a break down (line by line) of everything that the Update JDK option in the Simple-Ducky does . For the i386 version on Kali-Linux use this (PAY CLOSE ATTENTION TO # 5)... 1. Download JDK v7 from the Oracle website. root@kali:~# wget --no-cookies --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com" "http://download.oracle.com/otn-pub/java/jdk/7/jdk-7-linux-i586.tar.gz" 2. Extract the tar.gz root@kali:~# tar zxvf jdk-7-linux-i586.tar.gz 3. Move jdk1.7.0 to the /usr/lib/jvm directory root@kali:~# mv jdk1.7.0 /usr/lib/jvm 4. Now we have to setup our system to refer to our new jdk root@kali:~# update-alternatives --install /usr/bin/java java /usr/lib/jvm/jdk1.7.0/jre/bin/java 2 5. Apply the update (Note: YOU MUST SELECT OPTION 2 MANUALLY WHEN PROMPTED!) root@kali:~# update-alternatives --config java 6. Verify the version of JDK that you are using root@kali:~# java -version java version "1.7.0_03" <----(You should see something like this) 7. Remove the downloaded tar.gz file root@kali:~# rm jdk-7-linux-i586.tar.gz For the amd64 version on Kali-Linux use this (PAY CLOSE ATTENTION TO # 5)... 1. Download JDK v7 from the Oracle website. root@kali:~# wget --no-cookies --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com" "http://download.oracle.com/otn-pub/java/jdk/7u17-b02/jdk-7u17-linux-x64.tar.gz" 2. Extract the tar.gz root@kali:~# tar zxvf jdk-7u17-linux-x64.tar.gz 3. Move jdk1.7.0 to the /usr/lib/jvm directory root@kali:~# mv jdk1.7.0_17/ /usr/lib/jvm 4.Now we have to setup our system to refer to our new jdk root@kali:~# update-alternatives --install /usr/bin/java java /usr/lib/jvm/jdk1.7.0_17/jre/bin/java 2 5. Apply the update (Note: YOU MUST SELECT OPTION 2 MANUALLY WHEN PROMPTED!) root@kali:~# update-alternatives --config java 6. Verify the version of JDK that you are using root@kali:~# java -version java version "1.7.0_03" <----(You should see something like this) 7. Remove the downloaded tar.gz file root@kali:~# rm jdk-7u17-linux-x64.tar.gz I hope this helps man... ~skysploit Edited May 3, 2013 by skysploit Quote Link to comment Share on other sites More sharing options...
rubberduckyuser Posted May 3, 2013 Share Posted May 3, 2013 hi all, using dos2unix works for me, i was able to install the script. so i will play around a bit with the scripts Quote Link to comment Share on other sites More sharing options...
TeCHemically Posted May 4, 2013 Share Posted May 4, 2013 (edited) Here's a break down (line by line) of everything that the Update JDK option in the Simple-Ducky does . For the i386 version on Kali-Linux use this (PAY CLOSE ATTENTION TO # 5)... 1. Download JDK v7 from the Oracle website. root@kali:~# wget --no-cookies --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com" "http://download.oracle.com/otn-pub/java/jdk/7/jdk-7-linux-i586.tar.gz" 2. Extract the tar.gz root@kali:~# tar zxvf jdk-7-linux-i586.tar.gz 3. Move jdk1.7.0 to the /usr/lib/jvm directory root@kali:~# mv jdk1.7.0 /usr/lib/jvm 4. Now we have to setup our system to refer to our new jdk root@kali:~# update-alternatives --install /usr/bin/java java /usr/lib/jvm/jdk1.7.0/jre/bin/java 2 5. Apply the update (Note: YOU MUST SELECT OPTION 2 MANUALLY WHEN PROMPTED!) root@kali:~# update-alternatives --config java 6. Verify the version of JDK that you are using root@kali:~# java -version java version "1.7.0_03" <----(You should see something like this) 7. Remove the downloaded tar.gz file root@kali:~# rm jdk-7-linux-i586.tar.gz For the amd64 version on Kali-Linux use this (PAY CLOSE ATTENTION TO # 5)... 1. Download JDK v7 from the Oracle website. root@kali:~# wget --no-cookies --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com" "http://download.oracle.com/otn-pub/java/jdk/7u17-b02/jdk-7u17-linux-x64.tar.gz" 2. Extract the tar.gz root@kali:~# tar zxvf jdk-7u17-linux-x64.tar.gz 3. Move jdk1.7.0 to the /usr/lib/jvm directory root@kali:~# mv jdk1.7.0_17/ /usr/lib/jvm 4.Now we have to setup our system to refer to our new jdk root@kali:~# update-alternatives --install /usr/bin/java java /usr/lib/jvm/jdk1.7.0_17/jre/bin/java 2 5. Apply the update (Note: YOU MUST SELECT OPTION 2 MANUALLY WHEN PROMPTED!) root@kali:~# update-alternatives --config java 6. Verify the version of JDK that you are using root@kali:~# java -version java version "1.7.0_03" <----(You should see something like this) 7. Remove the downloaded tar.gz file root@kali:~# rm jdk-7u17-linux-x64.tar.gz I hope this helps man... ~skysploit Thanks skysploit! I am running kali 1.0.3 686. This happens with every payload I try. This is my output from that last bit: java -version java version "1.6.0_27" OpenJDK Runtime Environment (IcedTea6 1.12.4) (6b27-1.12.4-1) OpenJDK Server VM (build 20.0-b12, mixed mode) So it appears that my java update has not gone through successfully. I have tried this on a kali 1.0.2 686 VM, kali 1.0.3 686 VM , and on a BT5r3 VM. All failed in much the same way. Edited May 4, 2013 by TeCHemically Quote Link to comment Share on other sites More sharing options...
skysploit Posted May 4, 2013 Author Share Posted May 4, 2013 I get the following error on all payloads that I try to generate on Kali 1.0.3 VM (I have already updated 64 bit java) Exception in thread "main" java.lang.UnsupportedClassVersionError: Encoder : Unsupported major.minor version 51.0 at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:634) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142) at java.net.URLClassLoader.defineClass(URLClassLoader.java:277) at java.net.URLClassLoader.access$000(URLClassLoader.java:73) at java.net.URLClassLoader$1.run(URLClassLoader.java:212) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:205) at java.lang.ClassLoader.loadClass(ClassLoader.java:321) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:294) at java.lang.ClassLoader.loadClass(ClassLoader.java:266) Could not find the main class: Encoder. Program will exit. The end result is that no inject.bin file is ever created. The payload.txt file is created; but I cannot manually from terminal use encoder to convert that to the inject.bin either. Kali linux has the pae kernel and should be considered 64 bit right? When I updated java should I have selected 32 bit? Could that be the cause of my grief? UPDATE: Just tried this all out in BT5r3 with the other linux installer and I am getting the exact same error. I know it is 32 bit and I used the 32 bit java update option. I am not even getting the payload.txt generated in the ducky folder in BT5r3. Also, when installing dependencies it downloaded the latest 64 bit metasploit installer; but MSF is already installed and fully updated. Should I bother running this installer? I fear it will bork up my MSF install. Thanks for all who respond! :) With Backtrack, you should be fine using the Kali install (I don't advertise that because Offensive Security is trying to move folks off of Backtrack)... You don't need to install the dependencies for Backtrack as it has all the necessary software. The "other-linux" install is designed for ubuntu/linux mint etc... try running this command again... update-alternatives --config java When prompted select this option... It may not be at number two if you have run the install multiple times. /usr/lib/jvm/jdk1.7.0_17/jre/bin/java So with the i386 (Linux kali 3.7-trunk-686-pae #1 SMP Debian 3.7.2-0+kali6 i686 GNU/Linux) version you should be running the 32bit jdk update.... ~skysploit Quote Link to comment Share on other sites More sharing options...
TeCHemically Posted May 8, 2013 Share Posted May 8, 2013 (edited) With Backtrack, you should be fine using the Kali install (I don't advertise that because Offensive Security is trying to move folks off of Backtrack)... You don't need to install the dependencies for Backtrack as it has all the necessary software. The "other-linux" install is designed for ubuntu/linux mint etc... try running this command again... update-alternatives --config java When prompted select this option... It may not be at number two if you have run the install multiple times. /usr/lib/jvm/jdk1.7.0_17/jre/bin/java So with the i386 (Linux kali 3.7-trunk-686-pae #1 SMP Debian 3.7.2-0+kali6 i686 GNU/Linux) version you should be running the 32bit jdk update.... ~skysploit I ran the 32 bit setup and selected the "/usr/lib/jvm/jdk1.7.0_17/jre/bin/java" option. The following error is what I get: Your new JDk version is... /usr/bin/simple-ducky: line 3892: /usr/bin/java: cannot execute binary file Would you like to return to the main menu [y/n]? When I try to generate the inject.bin from a selected payload I get the following: Generating your inject.bin file... /usr/bin/simple-ducky: line 1021: /usr/bin/java: cannot execute binary file Your payload has been created, its located in /usr/share/ducky/encoder Your evil executable has been created, it is in located at /var/www/winmgmt.txt Press any key to contiue Edited May 8, 2013 by TeCHemically Quote Link to comment Share on other sites More sharing options...
skysploit Posted May 8, 2013 Author Share Posted May 8, 2013 hmmm.... Man that is something that i have not seen.... Hit me up on private chat and send me the results of: java -version ~skysploit Quote Link to comment Share on other sites More sharing options...
JCAG Posted May 15, 2013 Share Posted May 15, 2013 (edited) Hey guys, anyone else getting the message: "bash: simple-ducky: command not found" The script seems to be running good and installs without issues as far as I can tell. It says to press any key to continue, so I do. After that, when I type simple-ducky as a command, it gives me the above message. I read through the entire post and no one had this same issue or I wouldn't be asking. I'm probably just doing something wrong so any help would be appreciated. Thank you, -JCAG Forgot to mention that I am doing this on Kali Linux using their Raspberry Pi image. Hope that helps! Edited May 15, 2013 by JCAG Quote Link to comment Share on other sites More sharing options...
skysploit Posted May 17, 2013 Author Share Posted May 17, 2013 Hey guys, anyone else getting the message: "bash: simple-ducky: command not found" The script seems to be running good and installs without issues as far as I can tell. It says to press any key to continue, so I do. After that, when I type simple-ducky as a command, it gives me the above message. I read through the entire post and no one had this same issue or I wouldn't be asking. I'm probably just doing something wrong so any help would be appreciated. Thank you, -JCAG Forgot to mention that I am doing this on Kali Linux using their Raspberry Pi image. Hope that helps! It seems like the symbolic link didnt take... Try running this command: ln -s /usr/share/ducky/encoder/simple-ducky.sh /usr/bin/simple-ducky Let me know if this works. I have not tried the R-Pi, so I am interested to see how the simple-ducky holds up... On a side note I have a new version that I'm finalizing now that has a much more detailed installer. It should be up by this time tomorrow (fingers crossed). ~skysploit Quote Link to comment Share on other sites More sharing options...
Tius Posted May 20, 2013 Share Posted May 20, 2013 I just recently changed my screen resolution to a higher ratio. I am now receiving the following error: "resize: Time out occurred" I can stop the process then highlight my blank konsole window to reveal that the main menu was generated. Though I can only do so once I have used ^C. I have tried using different color profiles for konsole but to no avail. Any ideas? Quote Link to comment Share on other sites More sharing options...
skysploit Posted May 20, 2013 Author Share Posted May 20, 2013 I just recently changed my screen resolution to a higher ratio. I am now receiving the following error: "resize: Time out occurred" I can stop the process then highlight my blank konsole window to reveal that the main menu was generated. Though I can only do so once I have used ^C. I have tried using different color profiles for konsole but to no avail. Any ideas? This is certainly a new issue... What version of the simple ducky are you using? ~skysploit Quote Link to comment Share on other sites More sharing options...
rubberduckyuser Posted May 21, 2013 Share Posted May 21, 2013 (edited) Hi skysploit , thanks for ure work. i really enjoyed it to follow. some question: what about combining the payloads, means including more than one payload to the ducky, example, first, dump hashes, then dump wlankeys and so on? and another question: what about using the payloads without using external services like ftp and so on? regards Edited May 21, 2013 by rubberduckyuser Quote Link to comment Share on other sites More sharing options...
skysploit Posted May 22, 2013 Author Share Posted May 22, 2013 Hi skysploit , thanks for ure work. i really enjoyed it to follow. some question: what about combining the payloads, means including more than one payload to the ducky, example, first, dump hashes, then dump wlankeys and so on? and another question: what about using the payloads without using external services like ftp and so on? regards I'm glad you enjoy the simple-ducky. I know that I am having a blast building the payloads. I think we are just barely scraping the surface of the true potential of this device. To answer your questions; what about combining the payloads? Great question, i am actually in the middle doing just that. Hopefully in the near future there will be a payload designer that will be completely modular. You will be able to add what ever you want, its completely up to your imagination. It's taken a lot of endless nights trying to get all the payloads in the simple-ducky to work properly. In fact version 1.0.0 only had maybe four payloads. what about using the payloads without using external services like ftp and so on? This is a tough one to answer and I'm sure there are mixed opinions... You can probably run some of the payloads using the twin-duck but that would require you to alter the device (correct me if im wrong on that), and it would require you to mount removable media in addition to the HID. The problem there is that some organizations (mine in particular) disables removable media. And a huge flag is raised when a "thumb drive" is plugged in. Therefore, we rely on those additional services to conduct our pentests. If those services are blocked/patched, then good on the company. After all, we are just trying to find the vulnerabilities... With all that said, if there is a big enough demand and someone kicks me a twin-duck i will be more than happy to add some payloads that dump password files and what not to an sd card. There are big plans in the works, its only going to get better from here. Please let me know if there's something that you would like to see added. ~skysploit Quote Link to comment Share on other sites More sharing options...
Tius Posted May 23, 2013 Share Posted May 23, 2013 This is certainly a new issue... What version of the simple ducky are you using? ~skysploit I believe it was all down to a corrupted / misconfigured install of backtrack. I decided to take the chance to use kali linux. What a fresh breath of air that was installing from kali. What can I say, I REALLY appreciate the work put into this script. Quote Link to comment Share on other sites More sharing options...
DrDinosaur Posted May 23, 2013 Share Posted May 23, 2013 Thanks for this big project. Your efforts are certainly appreciated. Quote Link to comment Share on other sites More sharing options...
f33r Posted June 15, 2013 Share Posted June 15, 2013 Hi, Just to start great kudos to the developer! great job. my prob, i just received the ducky and tested with a hello payload all works fine. but when using simple-ducky-payload-generator or just the ducky encoder to create a reverse shell with or without uac admin, in the payload.txt file all is ok but when plug the ducky to a vm with windows 7 when the tipping starts on the cmd some chars just get heated! :S this is result from cmd http://pastebin.com/0shy7hmt at first i thougth it had to be with the keyboard that i selected PT, but i created a hello payload with some native PT chars all ok. i have my ducky as stock so no firmware only testing payloads for now. any idea? thks f33r Quote Link to comment Share on other sites More sharing options...
skysploit Posted June 15, 2013 Author Share Posted June 15, 2013 Hi, Just to start great kudos to the developer! great job. my prob, i just received the ducky and tested with a hello payload all works fine. but when using simple-ducky-payload-generator or just the ducky encoder to create a reverse shell with or without uac admin, in the payload.txt file all is ok but when plug the ducky to a vm with windows 7 when the tipping starts on the cmd some chars just get heated! :S this is result from cmd http://pastebin.com/0shy7hmt at first i thougth it had to be with the keyboard that i selected PT, but i created a hello payload with some native PT chars all ok. i have my ducky as stock so no firmware only testing payloads for now. any idea? thks f33r f33r, Sorry to hear that you are having issues... With the vm are you using Virtualbox/VMPlayer/Workstation?? Reason I ask is because the Ducky (in my personal experience) does not work with Virtualbox. Have you been able to replicate this issue with any of the other payloads? Also i would recommend moving your firmware version to duck_v2.1.hex (http://code.google.com/p/ducky-decode/). There's a great walkthrough in the Wiki that Midnitesnake put together on flashing the duck. ~skysploit Quote Link to comment Share on other sites More sharing options...
f33r Posted June 16, 2013 Share Posted June 16, 2013 f33r, Sorry to hear that you are having issues... With the vm are you using Virtualbox/VMPlayer/Workstation?? Reason I ask is because the Ducky (in my personal experience) does not work with Virtualbox. Have you been able to replicate this issue with any of the other payloads? Also i would recommend moving your firmware version to duck_v2.1.hex (http://code.google.com/p/ducky-decode/). There's a great walkthrough in the Wiki that Midnitesnake put together on flashing the duck. ~skysploit Hi skysploit, thks for the reply i'm using vmware workstation 9.0. I have tested reverse windows 7 and 8 with and without uac and all do the same... this also happens if using the ducky-encoder. I will test with the firmware you advice and get back with news. Quote Link to comment Share on other sites More sharing options...
f33r Posted June 17, 2013 Share Posted June 17, 2013 Hi skysploit, thks for the reply i'm using vmware workstation 9.0. I have tested reverse windows 7 and 8 with and without uac and all do the same... this also happens if using the ducky-encoder. I will test with the firmware you advice and get back with news. Thks Sploit prob solved with new firmware! Quote Link to comment Share on other sites More sharing options...
skysploit Posted June 17, 2013 Author Share Posted June 17, 2013 f33r, Glad to hear that buddy... ~skysploit Quote Link to comment Share on other sites More sharing options...
Battery_ Posted June 19, 2013 Share Posted June 19, 2013 I'm having issues with Pure-FTPD not being installed, or installed correctly. The setup script didn't have it working and the repositories can't find it in Kali. I downloaded and installed it from a tar.gz file but simple-ducky still can't work with it. Has anyone run into this issue before? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.