Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


About skysploit

  • Rank
    Hak5 Fan ++

Recent Profile Visitors

4,351 profile views
  1. S3V3N, Yes, I am still around. Not as much as I would like, but still here. Simple-Ducky v2 is well underway, hopefully it will be available soon. v/r ~skysploit
  2. Casual, Thanks for your support. I only do it because of the effort that Hak5 has put forth in developing such an awesome tool. Some people over look the Dusky because of its simplicity. I say you have to look at who is using these devices. Most agencies/companies dont have the time/money to train and reproduce expert programmers. They need simple devices with a simple programming lanuage to conduct security audits. The USB Rubber Ducky and the simple-ducky meet those needs. From the novice to the expert, this device can do everything from boosting the confidence to the operator to performin
  3. ITHKS, Yes, there are some payloads that will work on guest accounts. Just use the payloads that do not require User Access Control (UAC). The powershell, download, and execute payloads are perfect for that. Granted you will have to do some privilege escalation. Take a look at the payload builder and DBD w/o UAC, let me know if you have any issues. v/r ~skysploit
  4. DrDinosaur, Yes I'm working on v1.1.2 at the moment. I have been back logged with work, so its been slow. Hopefully, I'll have it ready by the end of the month. ~skysploit
  5. Try modifying the payload and use dbd. DBD uses an SSL connection and is pretty darn good at bypassing AV without having to obfuscate at all. Not only that the size of the payload itself is tiny... I am currently working on a new version of the simple-ducky and it should be ready in the next couple of weeks. Great job TeCHemically! ~skysploit
  6. jjd, What version of the simple-ducky are you running? In your terminal run: simple-ducky-update and see if that fixes the problem. It appears that dbd is not getting forked over properly.
  7. zuma01, The simple-ducky has the ncat.exe binary built in. You can get the simple-ducky here; https://code.google.com/p/simple-ducky-payload-generator/ . If you would like to be a little more stealthy try using dbd instead (also included in the simple-ducky). ~skysploit
  8. Guys, I was messing around with my Pineapple today and for the life of me I couldn't get the "WPS Button Script" to work. I looked into the script itself to see if there was something strange going go. I noticed that when I initiated the "Update Script" button in the control panel that it was appending a "^M" to the end of every line in the script (see below). My work around was to just ssh into pineapple and alter the script using nano. Hope this helps anyone that is having the same problem. ~skysploit "Update Script" bug #!/bin/sh^M #Script is executed when WPS button^M #is pressed for
  9. green, What distro are you installing the simple-ducky on? If the installer fails to pull burpsuite from the repository it will take another approach to installing it. Only a few distros have burpsuite in the their repos. For that purpose I have an alternative installer that will take over when you see that error... Check your machine to see if it is installed. ~skysploit
  10. Phobic81, To encode the payload.txt file that you have created just place it in the "/usr/share/simple-ducky" directory and open a terminal window and "cd" to the same directory. Run this command: java -jar encoder.jar -i payload.txt As far as importing the wallpaper prank into the simple-ducky, i would perfer not to. The simple-ducky is designed for professional penetration testers and the payloads in the are geared specifically for that purpose. However, I am in the process of completely revamping the simple-ducky. I am going to make it 100% modular, that way plugins can be added by each
  11. 411, This looks great! Thanks for putting in the work... ~skysploit
  12. If you can't find the script, that's probably because you are using v1.1.0 or prior. With version's prior to 1.1.1 the simple-ducky resides in a different directory. If you are unsure of the version use the install instruction below. It will remove the old ducky install as well install the new version. Sorry for the delay... ~skysploit
  13. I was playing with Nishang when i came across this post... I cant wait to get this integrated with the simple-ducky.
  14. DrDinosaur, Great job on the video! I'm glad to see that people are still using the simple-ducky. Hak5 does a great job with the show and the products that they offer. Hopefully, these videos of the simple-ducky entice folks to go out and buy the USB Rubber Ducky.... I'm slowing working on gathering all the payloads within the forums and github. The hard part is vetting all of the payloads. Some are broken or have delay's that not realistic with what a corporate computer would be able to handle. So it takes time to make sure that all of these payloads will work the best can. With that said
  15. What version did you install? If you are on version 1.1.1 (current version), then issue these commands.... sudo ln -sf /usr/share/simple-ducky/simple-ducky.sh /usr/bin/simple-ducky sudo ln -sf /usr/share/simple-ducky/update.sh /usr/bin/simple-ducky-update Also inside /usr/share/simple-ducky/ there's a file called "install.sh" run that by using... sudo bash /usr/share/simple-ducky/install.sh Let me know if this works... ~skysploit
  • Create New...