parkour86

sslstrip was great on the Wifi Pineapple and it's going to be great on the Lan Turtle. Looking forward to playing around with it when it's released.

How do I go about changing the UUID/GUID on a USB drive? I have tried cloning one USB to another but that didn't work. Googling it just found GUID generators but that's about it. Any help would be great.

I'm pretty sure the REPEAT command only repeats the last command issued. It looks like that script will only repeat the F5 key and not the delay. Maybe this will work but I could be wrong. The DEFAULTDELAY command will delay 10 seconds between every command that's issued. Not sure if it applies to the REPEAT command. You can give this a shot. DEFAULTDELAY 10000 F5 REPEAT 43200

You could use the repeat command to make your code much smaller. STRING s REPEAT 9 But something like this I would use autohotkey so that I can bind a key on the keyboard to execute it rather than having to plug and unplug the ducky.

The only way I found for adding a delay to the STRING command is by having it enter one letter at a time. This way it gives the computer a 100ms delay between each key. Is there a better way of doing this? I will have to do this to my whole payload and future payloads if this is the only way to fix it. Which is going to be a pain. Do you know if there's a DEFAULTSPEED command that I can put at the top of the payload to limit the speed of how fast the ducky executes the typing speed? DEFAULTDELAY 100 DELAY 2000 ESCAPE ESCAPE REM *** Add tech Account *** RIGHT RIGHT ENTER STRING t STRING e STRING c STRING h TAB STRING t STRING e STRING c STRING h TAB STRING t STRING e STRING c STRING h STRING 1 STRING 2 STRING 3 TAB STRING t STRING e STRING c STRING h STRING 1 STRING 2 STRING 3 F10 ENTER REM If user account exists then just cancel ESCAPE TAB TAB TAB TAB TAB TAB ENTER DELAY 500

When the ducky runs the script below for adding a user account to ILO it seems like the duck is typing faster than the computer can recognize the keys that are being pressed. The only problems i'm having is the STRING and REPEAT commands. When it types any of the words using the STRING command it skips every other letter. So tech will come out to be tc. For the REPEAT command, instead of it repeating 6 times it only repeats 3 times. Is there a way to slow down the speed of the ducky? DEFAULTDELAY 100 DELAY 2000 ESCAPE ESCAPE REM *** Add tech Account *** RIGHT RIGHT ENTER STRING tech TAB STRING tech TAB STRING tech123 TAB STRING tech123 F10 ENTER REM If user account exists then just cancel ESCAPE TAB REPEAT 6 ENTER DELAY 500

I figured out why it wasn't working. After changing the PID/VID it started working.

Check out this site. This is how I remove the password for excel sheets. http://www.straxx.com

Yeah, I tried that firmware. Still no luck.

I'm trying to have the ducky enter the IP configuration for ILO but it seems like it's not being detected by the computer. I also tried running a payload in the BIOS to change some settings but it's not working either. I've tried the m_duck.hex.and the original duck.hex firmware. Does anyone know why the ducky is not being detected before the OS is booted? It should work since the computer see's the ducky as a keyboard, right? Maybe the PID/VID needs to be changed?

Your awesome, thanks so much. This is going to make it so much easier to write scripts.

How do I go about using the new REPEAT syntax? An example would be perfect. Thanks.

https://code.google.com/p/bully/source/browse/trunk/src/bully.c https://github.com/bdpurcell/bully

I was reading the articles on lifehacker and came across one that recommended this memory card holder. It's $7.35 + free shipping which is something that would work great for storing multiple payloads. http://www.amazon.com/DiMeCard-micro8-microSD-Memory-writable/dp/B005SPQ8XK?tag=lifehackeramzn-20&ascsubtag=[type|link[postId|1394392986[asin|B005SPQ8XK[authorId|5760613250696714512

I was thinking of getting something like this also but didn't know if it would work since I would need the usb drivers to install before the ducky. What delay are you using to ensure that the usb used for storage is registered with the computer before running the ducky payloads? Here's one on amazon that looks just like the one above and it also has an LED light. http://www.amazon.com/HDE-High-Speed-Mini-Port/dp/B006C2BQ6M/ref=sr_1_4?ie=UTF8&qid=1379652145&sr=8-4&keywords=2+port+usb+hub

Thanks for sharing this payload it works perfectly. Is this payload permanent or can I just delete the sethc.exe folder in the registry without messing anything up?

I think I read somewhere that it's because it doesn't work on 64bit systems but I could be wrong.

Does the REM command count as byte size or does the encoder remove those lines before compiling? Also under properties is it the "Size" or "Size on DIsk"? I'm assuming "Size" since it's smaller.

Anyone know how the lsass.exe file works? I was able to get mine and one of my friends passwords using the payload on a server we all use but was unable to get my other friends. Does the lsass some how erase the password cache after some time? Using powershell I was able to tell that the lsass.exe has been running since the beginning of August which is when the server was last rebooted. Thanks.

If it's the one from the hakshop then it's 4GB

I can't get mimikatz to read the passwords from the dmp file I created from my second computer. It keeps showing the password for the computer I'm on. Here's the steps I did: mimikatz.exe sekurlsa::minidump lsass.dmp privilege::debug sekurlsa::logonPasswords full Any help would be great. Thanks Edit: I found the problem. I'm suppose to use the x64 version under the Alpha directory and not under the root directory. Plus it's in English which helps a lot.

That's very interesting, thanks for the information.

I don't have a Ducky yet so I don't know if there's maybe a restriction but what's the purpose of having the standard flash drive? Couldn't we just backup the files to the sdcard on the Ducky?

Hi coolgeek, what would be the command to check where the drive is being mounted? My fstab config is setup exactly like the instructions say. Thanks.

I'm also having a problem with my 16GB SanDisk Cruzer flash drive. I'm running version 2.7.0 and the pineapple can see the flash drive but not the swap. I tried using Darrens instructions and gparted but still having no luck. I even tried reflashing the pineapple. I read some where on the forums that 16GB's isn't supported because it requires more power but I can't find that thread. Correct me if i'm wrong.