Bingoe33 Posted November 13, 2016 Share Posted November 13, 2016 Hello, I have been trying to make some payloads for my USB Rubber Ducky, but have run into some problems. When making my payloads sometimes I might open a file from the duck itself (I have the twin duck firmware installed). After using the payload on my personal computer I went and tryed it on an old Win7 computer of mine. But relised when plugging in that the drive letter had changed from the drive letter that was on my personal computer, which I have scripted it on. As I would not like to change the payload each time I plug it in to a diiferent computer, is there some type of special path thing I could do so that I don't have to know the exact path letter when scripting. Would there be a kind fello out there that could help me out with this? Thanks in advance. Bingoe33 Quote Link to comment Share on other sites More sharing options...
ZILF Posted November 14, 2016 Share Posted November 14, 2016 REM Rename DUCKY to what ever your volume label name for your duck is STRING for /f %d in ('wmic volume get driveletter^, label ^| findstr "DUCKY"') do set duck=%d ENTER Quote Link to comment Share on other sites More sharing options...
Bingoe33 Posted November 14, 2016 Author Share Posted November 14, 2016 37 minutes ago, ZILF said: REM Rename DUCKY to what ever your volume label name for your duck is STRING for /f %d in ('wmic volume get driveletter^, label ^| findstr "DUCKY"') do set duck=%d ENTER Do you or anyone else know how to change the USB Rubber Ducky's drive letter from cmd only. Would prefer it not to take long to execute. Quote Link to comment Share on other sites More sharing options...
Tamasco Posted November 14, 2016 Share Posted November 14, 2016 3 hours ago, Bingoe33 said: Do you or anyone else know how to change the USB Rubber Ducky's drive letter from cmd only. Would prefer it not to take long to execute. This is another way: STRING $usbPath = Get-WMIObject Win32_Volume | ? { $_.Label -eq 'DUCKY' } | select name DELAY 100 ENTER STRING cd $usbPath.name DELAY 100 ENTER Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted November 15, 2016 Share Posted November 15, 2016 DELAY 3000 GUI r DELAY 100 STRING powershell -NoP -NonI -W Hidden -Exec Bypass "rp -Path ‘HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU’ -Name ‘*’ -ErrorAction SilentlyContinue; $uP = Get-WMIObject Win32_Volume | ? { $_.Label -eq 'DK' } | select name; cd $uP.name; .\d.cmd" ENTER Executes "d.cmd" off the root of the USB drive with the label "DK" and clears Run dialog history, as seen in Hak5 episode 2112. To quickly and easily label the USB drive, select it from "My Computer" and press the F2 key. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.