no42
Dedicated Members-
Posts
925 -
Joined
-
Last visited
-
Days Won
17
Everything posted by no42
-
[Question] Twin Duck Firmware with no Inject.bin on the SD Storage
no42 replied to lulzme's topic in Classic USB Rubber Ducky
Re-run the ASF-Wizard -
you probably want cm_duck.hex; (alpha) Duck will initially mount as Mass Storage Device. Numlock - triggers payload 1 (inject.bin) Capslock - triggers payload 2 (inject2.bin) Due to memory restrictions, as both payloads are loaded into Ducky memory - you are limited to 2048-Bytes of instructions per inject-payload! Also only one payload can be triggered, so you have a choice payload A or payload B. NOT BOTH!!! Or even SP002 From Forum Request(http://forums.hak5.org/index.php?/topic/28470-custom-firmware-request/), to stop auto-loading HID payload. Now HID starts injecting on GPIO trigger.
-
[question][payload]Reverse shell seems to not work right for me...
no42 replied to Scrag's topic in Classic USB Rubber Ducky
What Firmware are you using? Which Encoder are you using? Your payload is using a duck-encoder version 1 script. You may need to tweak the delays, and insert an initial long delay (eg DELAY 3000) on the first line of the ducky script payload. This is why your seeing the random programs open. Alternatively , if your using Encoder v2+ search the forums for an updated script that is more compatible with the latest developments. -
[question] Teensy 3.0 to USB RUBBER DUCKY
no42 replied to n30_h4x0r's topic in Classic USB Rubber Ducky
Try this google dork: site:forums.hak5.org +payload +version1 it may be of some help to you? -
[Question][Firmware] ducky cant flash.
no42 replied to poundplay's topic in Classic USB Rubber Ducky
Have you read https://forums.hak5.org/index.php?/topic/28254-tutorial-re-flashingupgrading-the-ducky-winxp-32bit/ carefully? -
Is this any help https://github.com/magnumripper/JohnTheRipper
-
[Question] Defences Against the Ducky?
no42 replied to bag-de-body's topic in Classic USB Rubber Ducky
Agree with you on the 1 minute screensaver issue. Lumension is ok, it can block the Ducky in its default setting. But the Ducky has a secret (not so secret) weapon to bypass DLP solutions like Lumension :) I know they panicked and re-wrote some of their software just over a year ago. I havnt had chance to assess all their solutions / new products / new versions, so it may com down to configuration. So I just want to take this opportunity to say "Hi Lumension, McAffee, Sophos, Symantec! I know your watching me ..... I'm still waiting for that second date!" -
As a start try adding the commands below to pt.properties ISO_8859_1_E1 = KEY_RIGHT_BRACE, MODIFIERKEY_RIGHT_ALT ISO_8859_1_EA = KEY_RIGHT_ASH, MODIFIERKEY_RIGHT_ALT Also try: ASCII_28 = KEY_9, MODIFIERKEY_SHIFT ASCII_29 = KEY_0, MODIFIERKEY_SHIFT ASCII_3D = KEY_EQUALS, MODIFIERKEY_SHIFT Ideally, I need you to run a plug in a usb keyboard , run a usb sniffer (usblyzer) press each key that is missing 5x, and record the order you pressed the keys. Then mail me the results. Thanks
-
[Question] How to run the Ducky Encoder?
no42 replied to webdirector's topic in Classic USB Rubber Ducky
Javac is "java-compiler" for compiling the source .java files to .class files. I think your using the precompiled build, not the source here. you want to unzip the encoder.zip anywhere you want, i like on the sdcard. Open up a prompt, cd to the drive letter, java -jar encoder.jar -h -
[Question] How to run the Ducky Encoder?
no42 replied to webdirector's topic in Classic USB Rubber Ducky
Its java based, if you have java installed and its in your path, you can follow the example highlighted above. The encoder.jar, is pre-packaged so will run on its own within a JRE. If you do not have a JRE download from http://www.java.com/getjava/ If you download the source from the SVN, you will need to compile the code with a java JDK. More on the Encoder can be found : https://code.google.com/p/ducky-decode/wiki/Encoder_Howto -
STRING if [%DUCKYdrive%] EQU [] ( looks like your [ ] square-brackets are the wrong way around try swapping ASCII_5B = KEY_RIGHT_BRACE, MODIFIERKEY_RIGHT_ALT // 91 [ ASCII_5C = KEY_NON_US_100, MODIFIERKEY_RIGHT_ALT // 92 ASCII_5D = KEY_LEFT_BRACE, MODIFIERKEY_RIGHT_ALT // 93 ] with ASCII_5D = KEY_RIGHT_BRACE, MODIFIERKEY_RIGHT_ALT // 91 [ ASCII_5C = KEY_NON_US_100, MODIFIERKEY_RIGHT_ALT // 92 ASCII_5B = KEY_LEFT_BRACE, MODIFIERKEY_RIGHT_ALT // 93 ]
-
you want to figure out the chipset if possible, hints might be in a linux "dmesg" or under "device manager in windows" also what is the vid & pid of the device? As for re-flashing - your looking for an icsp, jtag, or a button that may trigger a boot loader?
- 4 replies
-
- rubber ducky
- hack
-
(and 3 more)
Tagged with:
-
Prefix every line with STRING, and re-encode, then open notepad, make sure it remains the active window, while inserting the Ducky. the Ducky should then start typing into notepad. This output will enable us to do some debugging! Also are you Windows or Linux the \ or / after "resources" might make a difference?
-
aah, when you use -l uk, your using the built in language map that may be slightly older. Update the SVN repository and try: java -jar encoder.jar -l resources\gb.properties -i input.txt -o inject.bin I've changed some of the country codes to ISO-3166-1 to avoid confusion as the Ducky hits worldwide (UK is Ukraine); GB is Great Britain following ISO-3166-1 compliance. Otherwise the new gb.properties file can be downloaded from here: gb.properties
-
[Firmware] Twin & Detour Duck Projects Merge (Alpha)
no42 replied to no42's topic in Classic USB Rubber Ducky
No as REM instructions are ignored, the calculation is not related directly to the file size (due to blank lines and REM lines), each keystroke is typically represented as two bytes (incase shift/alt/ctrl is used as a modifier) so both "shift-a" and "a" are represented by 2-bytes. In Twin Duck you can have approximately 4096 bytes or 2048 key presses, as there are two optional payloads in this alpha build this memory is now halfed ; 2048 bytes = 1024 key presses for each payload to fit in memory- 12 replies
-
- TwinDuck
- DetourDuck
-
(and 2 more)
Tagged with:
-
iducke.com uses version 1.2 of the encoder, I suggest using version 2.6, and scripts typically need to start with an initial long delay (eg DELAY 3000) as the Ducky will start almost straight away (and needs time for drivers to be recognised/installed).
-
[Question] I Can't remove micro-sdcard?
no42 replied to kidovate's topic in Classic USB Rubber Ducky
FAQ - https://forums.hak5.org/index.php?/topic/28824-faq-frequently-asked-questions/ -
If people are wary of running someone else's compiled code. Full instructions are on the Ducky-decode website and Ducky guide ! See my signature
-
thats very odd, as it works fine for me. As I'm temporarily residing in the UK at the moment. Run this through the encoder, it will help be debug your problem. DELAY 2000 STRING qwertyuiopasdfghjklzxcvbnm DELAY 500 ENTER STRING QWERTYUIOPASDFGHJKZXCVBNM DELAY 500 ENTER STRING 1234567890-= DELAY 500 ENTER STRING !"£$%^&*()_+ DELAY 500 ENTER STRING `[];'#,./ DELAY 500 ENTER STRING ~{}:@~|<>? \ | DELAY 500 ENTER STRING € ENTER
-
[Question] Duck adding a Y at the front of all the commands?
no42 replied to barry99705's topic in Classic USB Rubber Ducky
OK, your inject.bin is fine! if your language-map is US. So that rules out the encoder. Update: I just tested it on UK Windows 7 64bit and it works fine. I dont have a Windows 8 OS to test it on just yet. Update 2: Think i figured out your problem, the first part of the code is a UAC bypass. Thats where the y is coming from. My bet is you do not have the UAC enabled, or your've disabled it!! simply remove the "alt y" part of the code -
Your using OSX's Native 1.6.36 Java. You need to upgrade to version 1.7. http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html