Jump to content

String command problem


johnwulp

Recommended Posts

Hi,

I got my usb key deliverd today, and compiling my first script, but the string command doesnt work for some reason:

This is what's in the script before compiling

STRING $filepath = "c:\windows\wlan $(((get-date).ToUniversalTime()).ToString("yyyyMMddThhmmssZ")).txt"

And this is written in notepad

$filepath = "c:\windows\wlan $(((get-date).ToUniversalTime()).ToString(ÿyyyMMddThhmmssZ")).txt"

Note that the "yyyyMMddThhmmssZ" is typed in as ÿyyyMMddThhmmssZ"

How can i resolve this?

Link to comment
Share on other sites

My keyboard is united-states international. I created the payload on http://www.ducktoolkit.com/Encoder.jsp and selected Unites states. If i select UK then everything is wrong.

If i type in a " then if have to press the space bar to actually see it on the screen. I have always taught that this was normal. If i press the same key followed by a o then i get > ö.

So if the rubberducky key presses a space after a double quote " then everything will be fine i guess. Is this something that can be adjusted?

Link to comment
Share on other sites

Yes,

First, use the encoder provided by midnitesnake on github https://github.com/midnitesnake/USB-Rubber-Ducky

Then, enconde your payload with:

$java -jar duckencode.jar -i YOUR_PAYLOAD -o inject.bin -l us

If this still inserting wrong chars, you have two options:

  1. Try searching on this forum for a custom US keyboard layout and add to "resource" folder, then you need to encode with -l resources/US_CUSTOM_KEYBOARD_YOU_JUST_DOWNLOAD
  2. Edit the file located in resources/us.properties and adjust to your keyboard layout

To test, try using this payload:

DELAY 2000
REM -- assuming you're using Windows by the previous example provided
GUI R
STRING notepad
DELAY 500
ENTER
DELAY 750
STRING qwertyuiopasdfghjklzxcvbnm
DELAY 500
ENTER
STRING QWERTYUIOPASDFGHJKZXCVBNM
DELAY 500
ENTER
STRING 1234567890-=
DELAY 500
ENTER
STRING !"£$%^&*()_+
DELAY 500
ENTER
STRING `[];'#,./
DELAY 500
ENTER 
STRING ~{}:@~|<>? \ |
DELAY 500
ENTER 

And see what happens.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...