Jump to content

no42

Dedicated Members
 View Profile  See their activity

  • Posts

    925

  • Joined

  • Last visited

  • Days Won

    17

 Content Type 

Everything posted by no42

  1. no42
    Re-run the ASF-Wizard
  2. no42
    you probably want cm_duck.hex; (alpha) Duck will initially mount as Mass Storage Device. Numlock - triggers payload 1 (inject.bin) Capslock - triggers payload 2 (inject2.bin) Due to memory restrictions, as both payloads are loaded into Ducky memory - you are limited to 2048-Bytes of instructions per inject-payload! Also only one payload can be triggered, so you have a choice payload A or payload B. NOT BOTH!!! Or even SP002 From Forum Request(http://forums.hak5.org/index.php?/topic/28470-custom-firmware-request/), to stop auto-loading HID payload. Now HID starts injecting on GPIO trigger.
  3. no42
    What Firmware are you using? Which Encoder are you using? Your payload is using a duck-encoder version 1 script. You may need to tweak the delays, and insert an initial long delay (eg DELAY 3000) on the first line of the ducky script payload. This is why your seeing the random programs open. Alternatively , if your using Encoder v2+ search the forums for an updated script that is more compatible with the latest developments.
  4. no42
    just replace the green words and [ ], leave the "" in place
  5. no42
    Try this google dork: site:forums.hak5.org +payload +version1 it may be of some help to you?
  6. no42
    Have you read https://forums.hak5.org/index.php?/topic/28254-tutorial-re-flashingupgrading-the-ducky-winxp-32bit/ carefully?
  7. no42
    Is this any help https://github.com/magnumripper/JohnTheRipper
  8. no42
    selection: irssi, epic4, bitchX, Xchat, pidgin (purple?) if your kde based - konversation gnome - chatzilla ?
  9. no42
    Agree with you on the 1 minute screensaver issue. Lumension is ok, it can block the Ducky in its default setting. But the Ducky has a secret (not so secret) weapon to bypass DLP solutions like Lumension :) I know they panicked and re-wrote some of their software just over a year ago. I havnt had chance to assess all their solutions / new products / new versions, so it may com down to configuration. So I just want to take this opportunity to say "Hi Lumension, McAffee, Sophos, Symantec! I know your watching me ..... I'm still waiting for that second date!"
  10. no42
    As a start try adding the commands below to pt.properties ISO_8859_1_E1 = KEY_RIGHT_BRACE, MODIFIERKEY_RIGHT_ALT ISO_8859_1_EA = KEY_RIGHT_ASH, MODIFIERKEY_RIGHT_ALT Also try: ASCII_28 = KEY_9, MODIFIERKEY_SHIFT ASCII_29 = KEY_0, MODIFIERKEY_SHIFT ASCII_3D = KEY_EQUALS, MODIFIERKEY_SHIFT Ideally, I need you to run a plug in a usb keyboard , run a usb sniffer (usblyzer) press each key that is missing 5x, and record the order you pressed the keys. Then mail me the results. Thanks
  11. no42
    Javac is "java-compiler" for compiling the source .java files to .class files. I think your using the precompiled build, not the source here. you want to unzip the encoder.zip anywhere you want, i like on the sdcard. Open up a prompt, cd to the drive letter, java -jar encoder.jar -h
  12. no42

    SSL-VPN

    no42 replied to G-Stress's topic in Questions

    OpenVPN http://openvpn.net
  13. no42
    Its java based, if you have java installed and its in your path, you can follow the example highlighted above. The encoder.jar, is pre-packaged so will run on its own within a JRE. If you do not have a JRE download from http://www.java.com/getjava/‎ If you download the source from the SVN, you will need to compile the code with a java JDK. More on the Encoder can be found : https://code.google.com/p/ducky-decode/wiki/Encoder_Howto
  14. no42
    STRING if [%DUCKYdrive%] EQU [] ( looks like your [ ] square-brackets are the wrong way around try swapping ASCII_5B = KEY_RIGHT_BRACE, MODIFIERKEY_RIGHT_ALT // 91 [ ASCII_5C = KEY_NON_US_100, MODIFIERKEY_RIGHT_ALT // 92 ASCII_5D = KEY_LEFT_BRACE, MODIFIERKEY_RIGHT_ALT // 93 ] with ASCII_5D = KEY_RIGHT_BRACE, MODIFIERKEY_RIGHT_ALT // 91 [ ASCII_5C = KEY_NON_US_100, MODIFIERKEY_RIGHT_ALT // 92 ASCII_5B = KEY_LEFT_BRACE, MODIFIERKEY_RIGHT_ALT // 93 ]
  15. no42
    you want to figure out the chipset if possible, hints might be in a linux "dmesg" or under "device manager in windows" also what is the vid & pid of the device? As for re-flashing - your looking for an icsp, jtag, or a button that may trigger a boot loader?
  16. no42
    Prefix every line with STRING, and re-encode, then open notepad, make sure it remains the active window, while inserting the Ducky. the Ducky should then start typing into notepad. This output will enable us to do some debugging! Also are you Windows or Linux the \ or / after "resources" might make a difference?
  17. no42
    aah, when you use -l uk, your using the built in language map that may be slightly older. Update the SVN repository and try: java -jar encoder.jar -l resources\gb.properties -i input.txt -o inject.bin I've changed some of the country codes to ISO-3166-1 to avoid confusion as the Ducky hits worldwide (UK is Ukraine); GB is Great Britain following ISO-3166-1 compliance. Otherwise the new gb.properties file can be downloaded from here: gb.properties
  18. no42
    No as REM instructions are ignored, the calculation is not related directly to the file size (due to blank lines and REM lines), each keystroke is typically represented as two bytes (incase shift/alt/ctrl is used as a modifier) so both "shift-a" and "a" are represented by 2-bytes. In Twin Duck you can have approximately 4096 bytes or 2048 key presses, as there are two optional payloads in this alpha build this memory is now halfed ; 2048 bytes = 1024 key presses for each payload to fit in memory
  19. no42
    iducke.com uses version 1.2 of the encoder, I suggest using version 2.6, and scripts typically need to start with an initial long delay (eg DELAY 3000) as the Ducky will start almost straight away (and needs time for drivers to be recognised/installed).
  20. no42
    as root edit the /etc/sysctl.conf net.ipv4.ip_default_ttl = <0-255>
  21. no42
    FAQ - https://forums.hak5.org/index.php?/topic/28824-faq-frequently-asked-questions/
  22. no42
    If people are wary of running someone else's compiled code. Full instructions are on the Ducky-decode website and Ducky guide ! See my signature
  23. no42
    thats very odd, as it works fine for me. As I'm temporarily residing in the UK at the moment. Run this through the encoder, it will help be debug your problem. DELAY 2000 STRING qwertyuiopasdfghjklzxcvbnm DELAY 500 ENTER STRING QWERTYUIOPASDFGHJKZXCVBNM DELAY 500 ENTER STRING 1234567890-= DELAY 500 ENTER STRING !"£$%^&*()_+ DELAY 500 ENTER STRING `[];'#,./ DELAY 500 ENTER STRING ~{}:@~|<>? \ | DELAY 500 ENTER STRING € ENTER
  24. no42
    OK, your inject.bin is fine! if your language-map is US. So that rules out the encoder. Update: I just tested it on UK Windows 7 64bit and it works fine. I dont have a Windows 8 OS to test it on just yet. Update 2: Think i figured out your problem, the first part of the code is a UAC bypass. Thats where the y is coming from. My bet is you do not have the UAC enabled, or your've disabled it!! simply remove the "alt y" part of the code
  25. no42
    Your using OSX's Native 1.6.36 Java. You need to upgrade to version 1.7. http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html
×
×
  • Create New...