Dnucna

Hi, in France we have ^ with a deadkey like you to type ô ê î â. But we have a direct acces with alt_gr + 9. Can you try that? ASCII_5E = KEY_RIGHT_BRACE, MODIFIERKEY_SHIFT Then in the payload something like that: STRING ^a ^ ^o Dnu

What about using the composite firmware and adding a final command to erase the script with random data ?

Hmm, I'm not sure to have programmed the ^ character because in french it's a dead key (^ then space) so I haven't tested this case. Have you an error or warning message during the encoding ? Dnu

Wouhou /o/ Finally the source code is pinned !

Have you try ALT LEFT_SHIFT to switch to US layout ? With the encoder 2.2.

That's an interesting summary of the hard time you passed! It was so easy to dump the ducky with its limitations but you have done so good! Thank you Snake.

Then type 3 or 5 wrong passwords and log the account with that wallpaper

:D I do the same... then I coded an international encoder. It's now easy to create a foreign keyboard layout. Take a look at the properties files here: http://code.google.com/p/ducky-decode/source/browse/#svn%2Ftrunk%2FEncoder%2Fv2%2Fresources Wikipedia has a great page with layouts: http://en.wikipedia.org/wiki/Keyboard_layout You just have to map your ascii hexadecimal code on the qwerty layout. http://www.asciitable.com/ for the ascii codes. For example in french: a -> ASCII_61 = KEY_Q z -> ASCII_7A = KEY_W e -> ASCII_65 = KEY_E r -> ASCII_72 = KEY_R t -> ASCII_74 = KEY_T y -> ASCII_79 = KEY_Y If a character is missing a warning is prompted: Char not found:ASCII_72 Char not found:ASCII_70 Char not found:ASCII_6F Dnucna

Hi jeffz and virus-84, I'm very happy that it works for you ! I was sure belgian works because it's very close to french, but for swedish it's a good surprise :) Thanks for the reply. Dnu

That's weird... In the code if the modifier is alone it types the key. You can try "LEFT_GUI" or "RIGHT_GUI" to use directly the key. In fact WINDOWS and GUI have the same code (It's to be compatible with the encoder v1). if (instruction[0].equals("WINDOWS") || instruction[0].equals("GUI")) Perhaps GUI GUI can do the trick. I found a bug in strInstrToByte if(instruction.equals("WINDOWS")) return strInstrToByte("GUI"); Should be if(instruction.equals("WINDOWS")) return strInstrToByte("LEFT_GUI"); It's only activated when the instruction is CTRL WINDOWS for example. Not sure that it ever happens.

Hi tellerman5, You are welcome ! I'm happy to see a usefull application of ctrl-shift :) Dnu

It seems to be for a Teensy. First version of the Ducky. http://www.pjrc.com/teensy/ You code the firmware in arduino. Take a look at irongeek's website: http://www.irongeek.com/i.php?page=security/programmable-hid-usb-keystroke-dongle For each modification you need to flash the teensy. That's why the new ducky has a SD card reader.

Hi, we don't have a payload list yet. You should take a look at kautilya or peensy. They have many useful scripts easily adaptable for ducky. Dnu

Hi, you can try this encoder to use CTRL-SHIFT ENTER. You can use CTRL-ALT DEL too. Dnu

You're welcome !

Hi, can you try with the encoder here ? I'm not sure but I think that I have fixed a bug in the ALT combination. It was typing the key and not the modifier or something like that. Dnu

Nice done Snake! I hope that all foreigners will find their happiness here. Dnu

There is a new location for the source code and jar file. http://code.google.com/p/ducky-decode/

You can take a look at this article : http://www.offensive-security.com/metasploit-unleashed/Teensy_USB_HID_Attack It's with a teensy instead of a Ducky. You should be comfortable with metasploit before trying to do the same with a Ducky. If you want a GUI take a look at Armitage but it won't help technically.

Hi, can you try this version ? For UK use: java -jar encode.jar -l uk -i payload.txt[/CODE] Bye

ctrl-shift enter are only 2 modifiers plus one key. I added this combo in my version of the encoder: You can do ctrl-shit escape or ctrl-alt delete for example. And more is possible if needed.

I have the red Ducky. I had to wait one week that my nails grow a little bit Then I shake from left to right many many times to make out the SD card.

Hi, I'm sure midnitesnake is working on it. You can follow the progress here: I don't know if it will work one day. I suppose that it's necessary to emulate a USB hub to have a keyboard and a mass storage. In fact with the Ducky we simulate an attack but we don't... So you can use an USB HUB and an USB key. A small hub like this one can be used. Then take a look at Irongeek phukd example: http://www.irongeek.com/i.php?page=security/programmable-hid-usb-keystroke-dongle#Programming_examples_and_my_PHUKD_library Adrian used wmi to find his USB key and execute some code. "cmd /c for /F %i in ('WMIC logicaldisk where \"DriveType=2\" list brief ^| find \"MYTHUMB\"') do %i\\myscript.bat" [/CODE] If you want really attack you can watch theTrojaned Mouse: Dnucna

Hi c0nfus3d1, if your screenshot is white, it's probably more a problem of "printscreen" key or "ctrl v" than "gui d". Sorry I didn't have such problem for the moment. Have you tried to add delay between each command ? Dnucna

In fact, the Ducky is a keyboard that you plug in addition of your laptop keyboard so it doesn't have fn key. I think the fn key is hardware specific. But I am not 100% sure.