ascorbic
-
Posts
129 -
Joined
-
Last visited
-
Days Won
1
Posts posted by ascorbic
-
-
Is it possible for the pineapple to connect to a VPN and route all traffic through the VPN (via ICS or 3G).
I would like to isolate all pineapple traffic.
-
Does "STRING_DELAY 50 %userprofile%\a.bmp" actually work? STRING_DELAY is ment to be a global setting like DEFAULT_DELAY. 50 seems too high of a number, In my testing STRING_DELAY of 1 worked great. Much higher was too slow. Here is an example
http://www.iducke.com/Encoder/IDE/44
In that example, using "STRING_DELAY 1" is exactly the same as if you did
STRING t DELAY 1 STRING h DELAY 1 STRING e DELAY 1 STRING q DELAY 1 STRING u DELAY 1 STRING i DELAY 1 STRING c DELAY 1 STRING k DELAY 1 STRING b DELAY 1 STRING r DELAY 1 STRING o DELAY 1 STRING w DELAY 1 STRING n DELAY 1 STRING f DELAY 1 STRING o DELAY 1 STRING x DELAY 1 STRING j DELAY 1 STRING u DELAY 1 STRING m DELAY 1 STRING p DELAY 1 STRING s DELAY 1 STRING o DELAY 1 STRING v DELAY 1 STRING e DELAY 1 STRING r DELAY 1 STRING t DELAY 1 STRING h DELAY 1 STRING e DELAY 1 STRING l DELAY 1 STRING a DELAY 1 STRING z DELAY 1 STRING y DELAY 1 STRING d DELAY 1 STRING o DELAY 1 STRING g
-
If you use iducke.com you can specify a string delay. http://www.iducke.com/About/Features
-
This sounds like an intersting idea. Once the new firmware is released iducke.com will need to be revamped. I will add this feature with that rerelease.
-
The current version of the encoder does not allow you to slow down the keystrokes, but the online encoder does by setting a string delay.
Keyword: STRINGDELAY N or STRING_DELAY N - Inserts a delay, N Milliseconds between each character in STRING output. Useful when the USB bus cannot keep up with the duck. Start with the smallest value of 1 and incriment the number as needed.So it is just like the normal DELAY command.
There are no tutorials for actual programming of the firmware at the moment. Once the firmware source is released you will be able to though.
-
The ducky script to do this was posted on the payloads page with the release of the wiki
-
I would hold off until the latest firmware is released, there will be a lot of improvements. I have no idea, but I imagine the current binaries will not be compatable with the new firmware.
If you want to get a head start, pass the current encoder through a decompiler such as http://java.decompiler.free.fr/
I wrote my own encoder with the same method.
-
At the moment the ducky is not a mountable device. You will need to use a USB MicroSD Card Reader or some other method to move your inject.bin to the card.
-
I think it would be nice to have access to the mouse, however the only practical use for it I can think of at the moment is periodically moving it to prevent the screen saver from turning on. I guess the keyboard arrow keys could also do this but I think a user is less likely to notice the mouse jumping around a bit as that can be "normal". So low priority.
-
I added a KEYBOARDLAYOUT command to iducke.com but I am not sure how to test this out on my yankee computer. Can someone test this out?
-
At the moment the firmware does not provide the option to move the mouse. However, you can do this easily enough with keyboard shortcuts. Here is an example
-
I think in a later firmware release, or sometime after the source code is posted, there will be the ability to have the ducky act as a com port which can send and receive data. THe ducky would then write to storage.
-
As a HID Device I don't know what the options are for detecting the OS, however on the planned features page on the wiki there is a feature which mentions there will be the possibility to deliver more than one payload by pressing the button after the ducky is inserted. You could have a payload for each OS you want to target.
-
Take a look at the screen shot you posted. Right before the first CONTROL Z you can see the VBScript for decover.vbs did not finish being copied.
Here is the last line
STRING binaryStream.Open:binaryStream.Write bytes:binaryStream.SaveToFile file, 2:End Sub
The output was only
STRING binaryStr
This could have happened because something took focus away from the command prompt. Or, what I have been seeing in my testing is sometimes the ducky pushes strings out too quickly and the machine receiving them can't keep up. I added a STRING_DELAY which will slow down the output of strings to iducke.com, give this script a try.
-
Change each \ to a double
Keyboard.print("strHDLocation = "C:\\Users\\Public\\BACK.GIF"");The slash character is a special character, when all you want is one slash, you need two of them.
-
Perhaps someone can convert the drawings to a 3D Printer friendly format. There are a number of services which will print parts for you at a cost.
-
see www.iducke.com
-
Here is a zip with six files. One with only escape (08), one with escape, control escape (29, 01) and one with the previous and some more (08, 01, ...). I would think they all would start with the same hex values, but the one with some more starts differently. I need to find out more about java's default encoding format. I am using Windows 7 notepad.
-
Another question for Jason though, my encodings are coming out a bit different. For the ESCAPE command, the code looks like it gets a byte for decimal 41 and for decimal 0. Which I would think output hex29, hex00. But it looks like it comes out as hex08 hex01. How should the ESCAPE command come out in hex? I must be missing something obvious.
-
I see the issue with the byte parsing was resolved in the shipped version jar, the one on the wiki is outdated.
-
I am fooling around with creating a Windows based IDE for DuckyScript.
So far I have very basic syntax highlighting and very basic compilation. Is there any interest in an application like this?
I do have a question for Jason Appelbaum though, how are the DELAY commands parsed? I am not too familiar with java, but it looks like the encoder class just says Byte.parseByte("500") or Byte.parseByte("1700") which would exceed a byte's capacity of 127. Does parseByte just return 127? Or am I missing something?
-
It looks like ESXi does not support NAT mode. It seems like to solution here is to emulate a router (such as smoothwall) and run all other VMs through smoothwall.
-
That's a lot of headache when you can setup in your virtual machine software a local VM network.
Or in the router, maybe something like:
Filter Internet NAT Redirection. This feature uses port forwarding to block access to local servers from local networked computers. Select Enabled to filter Internet NAT redirection, or Disabled to disable this feature.
I tried messing around with the Virtual Networks in ESXi, but it seems like the best I can do is segment the VM from other VMs, not from the rest of the local network.
-
Thanks, I will give this a try this evening.
Mk4 - Route Pineapple Traffic Through Vpn
in WiFi Pineapple Mark IV
Posted
Without VPN, clients connect to the pineapple, through a computer via ICS, to the internet {Internet} <--- {Computer} <--- {Pineapple} <--- {Clients}What I want is
-------------{VPN} V ^ {Internet} <--- {Computer} {Pineapple} <--- {Clients}So all pineapple client's traffic will route to the internet through a VPN.