Jump to content

Purchasing USB Rubber Ducky Questions

WoctorDho

By WoctorDho
in Everything Else

 Share

Recommended Posts

WoctorDho Newbie

WoctorDho

Posted
Posted

Hello!

I'm new to this forum (this is my first post). I am considering buying the USB Rubber Ducky and have two questions.

Is there more than one place to buy it? I found it on http://hakshop.myshopify.com/ but the price seems high. If that is the only way to get it, that is fine. I will be happy to get it there if that is the case.

Does it come with the software to program it? Or is it downloaded separately?

Thank you in advance!

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

Depends on where you live, but that is the price(and official store). There are re-sellers/distributors, and a forum member who runs a (UK??) store for the Europe market but I imagine the prices there reflect the currency + any shipping/import fees.

Link to comment
Share on other sites
cooper Newbie

cooper

Posted
Posted

The official reseller is in Ireland. http://edutech-hakshop.myshopify.com/

If you're in the EU, you're best off buying there because there will be no additional import duties and other customs fees to further increase the price. Also, due to the location, you're likely to get your product sooner.

Link to comment
Share on other sites
Sebkinne Grand Master

Sebkinne

Posted
Posted

The hakshop (http://hakshop.com) is the official store of Hak5 and Hak5 products, the USB Rubber Ducky included.

In the EU, as Cooper said, we have an official reseller for WiFi Pineapples and USB Rubber Duckies.

The USB Rubber Ducky comes with all instructions needed when you purchase it. Further information can be found at http://usbrubberducky.com.

Best regards,

Sebkinne

Link to comment
Share on other sites
WoctorDho Newbie

WoctorDho

Posted
  • Author
Posted

One more quick question. I am thinking about getting the usb hub listed on the link below, and plugging a ducky and a thumb drive into it at the same time. I would assume this would work? I feel like this would be easier than setting up the ducky to act like both a drive and a ducky at the same time.

http://www.amazon.com/gp/product/B00XMD7KPU?psc=1&redirect=true&ref_=ox_sc_act_title_3&smid=A294P4X9EWVXLJ

Link to comment
Share on other sites
cooper Newbie

cooper

Posted
Posted

The ducky is either a keyboard or a memory device. There's no such thing (to the best of my knowledge) of a device that exposes both. The best I've seen of a device that does both was the old USB switchblade which was both a USB CD drive and a memory stick which had great potential back when the OS would auto-run any CD attached to it.

Now, the problem with a memory stick is that when you clamp down an OS you can restrict to a high degree what USB ports are active and if so, what sort of devices can be attached to them. By and large, keyboards are in that group of always accepted devices. So they made the ducky to be a pre-scripted keyboard. The only problem the attacker now has is that the machine he plugs the ducky in has to already be logged on, and whatever you want to do has to be right where you expect it for any machine. I mean, you can't just alt-tab to something and expect to get there because there may be several other programs active and the order of things might be different. There's your challenge with ducky script. That and the pace at which you feed the machine characters because some machines don't react well to very fast keyboard input. And you need to remain unnoticed while it runs too... Challenges challenges.

The best way to get data out of a machine using the ducky would be to email it to you or to plug it on pastebin with a known description that you can search for later.

Link to comment
Share on other sites
WoctorDho Newbie

WoctorDho

Posted
  • Author
Posted (edited)

Now, the problem with a memory stick is that when you clamp down an OS you can restrict to a high degree what USB ports are active and if so, what sort of devices can be attached to them...

Good point.

The best way to get data out of a machine using the ducky would be to email it to you or to plug it on pastebin with a known description that you can search for later.

This is something that I had not thought about doing. Could you post a link to somewhere I can learn how to email like this?

Edited by Cubli7
Link to comment
Share on other sites
cooper Newbie

cooper

Posted
Posted

I don't have any links (anyone else?) but just think about what you would do with a keyboard to get a mail client open. What happens when you open the start menu and run a "mailto:you@domain.com"? If that opens the local mail client it might suffice to just paste something you copied previously and usually ctrl-return sends the email off. If you know the mail client you could even script how you'd go into the sent mail box and remove the topmost email there to cover your tracks.

Link to comment
Share on other sites
WoctorDho Newbie

WoctorDho

Posted
  • Author
Posted

If you know the mail client you could even script how you'd go into the sent mail box and remove the topmost email there to cover your tracks.

Yeah, that is what I was worried about. I want to do it without leaving a trace, but I won't know the email client. I'll keep looking. I might have an idea using php. I'll see what I can find. If I am successful, I'll post about it.

Thank you!

Link to comment
Share on other sites
cooper Newbie

cooper

Posted
Posted (edited)

WindowKey-I starts IE if I'm not mistaken. Then alt-L for the location bar. "pastebin.com" RETURN. Wait a second or two, then paste, a few tabs to reach the subject field, "Cubli7 loves data", few more tabs to reach the submit button, RETURN, ALT-F4 and you're done.

Later from home, go to pastebin and search for that subject. All the target machine has on this is maybe a browser cache which you could've cleared prior to ALT-F4'ing the thing.

Edited by Cooper
Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted (edited)

WindowKey-I starts IE if I'm not mistaken. Then alt-L for the location bar. "pastebin.com" RETURN. Wait a second or two, then paste, a few tabs to reach the subject field, "Cubli7 loves data", few more tabs to reach the submit button, RETURN, ALT-F4 and you're done.

Later from home, go to pastebin and search for that subject. All the target machine has on this is maybe a browser cache which you could've cleared prior to ALT-F4'ing the thing.

I don;t know if winkey+i works on specific windows OS's but I've never seen it work. winkey+r then "iexplore" will launch internet explorer. winkey+i does nothing on my OS.

Edited by digip
Link to comment
Share on other sites
WoctorDho Newbie

WoctorDho

Posted
  • Author
Posted

Just did some testing:

Win+I does nothing on a Windows 7 computer.

Win+E opens windows explorer not Internet Explorer.

I will probably use the following:

Ctrl+Esc

String Internet Explorer

Enter / Return

(I know the syntax isn't correct. I'll take care of that later) In my research, I couldn't find a better way to open IE.

My only other idea is to use command prompt to find the file path for IE's exe...

Link to comment
Share on other sites
WoctorDho Newbie

WoctorDho

Posted
  • Author
Posted

Yes, it does but there is one catch. I just set Firefox as my default browser and tested it out. The link opened in Firefox not IE. It looks like this method will redirect to the default browser, not IE only.

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

Just did some testing:

Win+I does nothing on a Windows 7 computer.

Win+E opens windows explorer not Internet Explorer.

I will probably use the following:

Ctrl+Esc

String Internet Explorer

Enter / Return

(I know the syntax isn't correct. I'll take care of that later) In my research, I couldn't find a better way to open IE.

My only other idea is to use command prompt to find the file path for IE's exe...

winkey + r, then iexplore will launch on any windows system. XP systems don't let you do the auto search from the start menu like you list here that vista? 7 and later use. Grandted, if they have XP installed they have bigger issues, but even on windows 2000/2003 servers, you won't get it to run this way, so using the run prompt is probably more portable.

Also with the run prompt, depending on the OS version, you cna pass -private and a URL, say to delete your surfing after close, and also grab a payload for example(although you might not want to make it go to the internet directly, depending on what you do, leads back to you).

Link to comment
Share on other sites
WoctorDho Newbie

WoctorDho

Posted
  • Author
Posted

winkey + r, then iexplore will launch on any windows system. XP systems don't let you do the auto search from the start menu like you list here that vista? 7 and later use. Grandted, if they have XP installed they have bigger issues, but even on windows 2000/2003 servers, you won't get it to run this way, so using the run prompt is probably more portable.

Also with the run prompt, depending on the OS version, you cna pass -private and a URL, say to delete your surfing after close, and also grab a payload for example(although you might not want to make it go to the internet directly, depending on what you do, leads back to you).

Ha ha cool! Thank totally works. Thanks! I would asume the "-private" wouldn't work on XP?

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

Ha ha cool! Thank totally works. Thanks! I would asume the "-private" wouldn't work on XP?

Depends on the version of internet explorer, which I think IE 8 and later use private browsing, but don't quote me on that.

https://msdn.microsoft.com/en-us/library/hh826025(v=vs.85).aspx

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...