no42
-
Posts
925 -
Joined
-
Last visited
-
Days Won
17
Posts posted by no42
-
-
Three little Pigs -oink oink
-
You must only have one of the keyboard LEDs lit, if you have more than 1x it defaults to inject.bin only.
inject.bin triggers first by default, then either inject2/3/4 depending on the keyboard LEDs triggers next.
-
Answer is covered here - Previous topic - http://forums.hak5.org/index.php?/topic/28670-question-ducky-as-a-plain-old-usb-drive/
The solution is use a USB Hub and another drive, and have the ducky as a sole HID injection device - just as Overwraith stated above.
-
If you like Nishang, you will also like : https://github.com/clymb3r/PowerShell/tree/master/Invoke-NinjaCopy
-
This is great - I would like to add this into the main Encoder repository.
-
i wanted to make surei am doing the right thing before facing ones(problems). what do you mean by:" Duck Programming vanished with usbrubberducky.com"?
thanks for your response btw
Yes your doing the right thing.
There used to be a website called www.usbrubberducky.com (full of ducky resources) - it got owned, now the URL redirects to these forums.
-
hi everyone,
first time flashing in here. though it seems like an easy noob friendly guide, i'm still a bit confused about one part. Duck Programming.zip contained a file JRE_Flip_Installer_3.4.2.exe. And you also posted a link for a Flip installer download , which i followed and downloaded a version Flip Installer - 3.4.7.112.exe since i already have JRE installed. so when you say Install Flip, which file were you referring to, the one from download link, or the one from the zip? would you please clarify this for me. I'm running win 7 ultimate 64.
thanks
Should not really matter, are you having problems?
Duck Programming vanished with usbrubberducky.com, people were asking so I made the original available.
-
sounds like when the cmd prompt opens, it doesn't activate as the active window, strange when that happens?
-
You can generally identify make of devices through mac address prefix analysing;
http://www.coffer.com/mac_find/?string=apple
will give you the Vendor mac address prefixes assigned to Apple - this includes Laptops, Desktops, aswell as iDevices - you will have to do your own research to narrow it down.
-
You have not got the java SDK/JDK installed: jdk7-downloads-1880260.html. The encoder (uses Java) and ducky-script uses (high level language).
You need Atmel studio if you want to programme the Ducky directly in C/C++ http://www.softpedia.com/get/Science-CAD/Atmel-Studio.shtml use Atmel studio 5.x or 6.0. I have not ported the code over to v6.1 just yet, when I tested 6.1 earlier this year - it broke my codebase and development environment - as there are class changes.
-
thanks for the update
-
is this any help http://wikidevi.com/wiki/ALFA_Network_AWUS036NHA
its meant to use the ath9k driver?
-
java -version
bet your on java 1.6
current version uses java 1.7, either upgrade to version 1.7.X, or compile the .java source to a .class /.jar
more info (though mac/osx orientated same stuff for linux) https://code.google.com/p/ducky-decode/wiki/Encoder_Howto
-
This was tested on 2.7, when I get the time later this week, I'll confirm on 2.8
In the meantime, can you post a screen grab?
Im only guessing, but have you given the POE a static IP??
Have you read: https://github.com/WiFiPineapple/web-interface/wiki/mk34guidemacics
There are two possible setup configs
-
That is the only single new improvement (it also includes all past mods).
-
Macbook Air pin code brute force pin code - YouTube
Detail, scripts: http://orvtech.com/en/howto/atacar-efi-pin-macbook-pro/
Without the BOOT flag enabled, it is not possible to do this attack on standard ducky firmware
-
BOOT allows the Ducky to work from boot: BIOS, EFI, Firmware, possibility of more devices like OSX firmware Pin bruteforce and iOS pin lock?
-
iOS keyboard exploit allows brute force iPad lock screen attack
If someone with an iPad can test this out? (I dont own one) Previous attempts at using a usb adapter meant we could type into Notes. Be interesting if this can be achieved with the new HID firmware compiled with BOOT mode (thats duck_v2.1.hex).
Thanks
~Snake
-
I want to buy a Ducky but have a question about this first. If I flash my Ducky can I still run playloads? Thanks in advance!
Depends on the payload:
- HID - Yes
- USB(FAT Duck) No!
- Multi/Detour Duck - Yes
- Composite/Twin Duck - Yes.
- Multi-Composite PoC - Yes
- 1
-
Yes, composite firmware( c_duck_v2.1.hex ) is the one your after - mass storage and payload trigger.
Theres, flashing information on the ducky-decode wiki, additionally there is a good flashing walkthrough on Windows here:
-
it can be used as a normal USB, using alternative firmware. This was a stepping stone to composite firmware. However, the Ducky does not have a SDIO license so the file transfer is much slower in comparison to other USB drives on the market.
I think you are after the composite firmware - check the website in my signature, for more details. Any questions? Post back here.
-
Command-<key> should be implemented in the later encoders.
the multiple keys presses (three+ keys) will likely require more research and work for support in ducky script.
The multiple key presses and holding a key down are easier to implement in the C-based firmware, as Fox Mulder said "source-is-out-there". Compared to the current version of Ducky-script. The downside of the C-based firmware is Atmel studio is Windows based. It might be possible to compile with avrdude; but I have not tried.
~Snake
-
it might be ASCII_5E = KEY_TILDE, KEY SPACE
Not sure whats going on? Can you use a usb sniffer and a usb keyboard, to capture the key sequence, then we can look at patching the code.
-
USB does not support DMA (Direct Memory Access)
Firewire does have the handy module SBP2 which enables full DMA.
You could probably exploit MS13-027, but you would have to program your own payload.
How if the WiFi Pineapple sold?
in WiFi Pineapple Mark IV
Posted
I think Darren has a deal/purchase-order with Alfa and purchases them directly in large volumes, stock condition and at a stock value.
Then the pineapple Team re-flash the boot loaders as the stock boot loaders can not take the actual size of the pineapple firmware (stock is limited to 4MB, whereas the Hak5 firmware is closer to 6-8MB). Sebkinne will probably correct me if I'm wrong here...
Then once the boot loader has been re-flashed, then the Pineapple firmware is flashed.
Then its all tested... (Successful boot, firmware md5's etc.)
Successful Pineapples have stickers slapped on their panels, are boxed and ready to ship.