rubberduckyuser

Ok another step forward: de.properties shows me this: ASCII_5E = KEY_TILDE // 94 ^ in fact my keyboardlayout looks like this: http://en.wikipedia.org/wiki/German_keyboard_layout i need to press the upper left key right under the esc key and hit space to get this key. ihow do i set this in the properties file? best ruberduckyuser

Hello there, i just downloaded the latest duck-encoder from here (v2.6). then i just downloaded the runexe_from_Sd payload from here: https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payload---runexe-from-sd ok here comes the problem: when using the language-switch -l de it fails with error ASCII_5E character not found root@kali:~/work/rubberducky/encoder# java -jar encoder.jar -l de -i exe_from_sd_master.txt -o inject.bin Hak5 Duck Encoder 2.6 Loading File ..... [ OK ] Loading Keyboard File ..... [ OK ] Loading Language File ..... [ OK ] Loading DuckyScript ..... [ OK ] Char not found:ASCII_5E Char not found:ASCII_5E DuckyScript Complete..... [ OK ] if i use us keyboard, it works fine. java -jar encoder.jar -l us -i exe_from_sd_master.txt -o inject.bin Hak5 Duck Encoder 2.6 Loading File ..... [ OK ] Loading Keyboard File ..... [ OK ] Loading Language File ..... [ OK ] Loading DuckyScript ..... [ OK ] DuckyScript Complete..... [ OK ] but: z / y are switched on german keyboard (and a lot of other things, therefore, us keyboard is not an option for me). any ideas how to solve it? for now i simply exchanged the copy entries to copz but this is not funny regards rubberduckyuser

hi, most of the kautila things using external services to store the hashes for example. therefore, my way for now to handle it using the sd card on the rubberducky. exact diagram follows, but for now it works like this: first, running a payload to check user permissions and escalate it if it is not admin user if that is done, disable common anti-virus-solutions like symantec/mcaffee/trendmicro/kaspersky if that is done, mount the sd card with the toolset, for now, some pwdumper are in there (in a wrapper to hide from antiviruses) dump the hashes to the sd card and name the files %hostname%_%date%_%time%.txt then, the way backwards: unmount the sdcard, enable antivirus, stop admin-shell. i havent make use of external services like tinypaste or something until now. i have some issues with the language keyboard (works on us keyboard, but not on german). i will try to solve it and post the source if it is working . of course, the rubber needs a LOT of time to complete.... for me it is ok, i dont need to hurry to do that. regards rubberduckyuser

Hi skysploit , thanks for ure work. i really enjoyed it to follow. some question: what about combining the payloads, means including more than one payload to the ducky, example, first, dump hashes, then dump wlankeys and so on? and another question: what about using the payloads without using external services like ftp and so on? regards

Hello, just an idea, is it possible to run powershellscripts/rubyscripts/vbs or something from the sd-card? i think exe is working, found this: https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payload---runexe-from-sd so it should be possible right? thx rubberduckyuser

ok got it

hello, i am just starting with the mark4 and updated to the latest release. what i want to do is the following, i want to capture all the logins and write them to a file on the mark4. But, i dont want to clone each site manually. it works, i've done it allready with the mark4. my question is, if there is an easier way for handling it, an more automated way. so i'm thinking what about using set do do this and put the files to the mark4. like described here: http://cyruslab.net/2012/03/20/social-engineering-toolkit-and-metasploit-web-cloning-attack-and-uploading-a-backdoor/ ok, what do you think? and: how do you handle this problem? regards

Hello Forums, i've thinking a lot on how to get windows hashes with the rubberducky (or teensy) really easy by simply plugging in the ducky (or teensy). i've came around this blog: http://labofapenetrationtester.blogspot.de/2012/05/teensy-usb-hid-for-penetration-testers.html but, here is the issue: it does not work with german os'es or french os'es or something. i have the following issues in my head which i want to discuss: first, i would like to convert the ps script to the rubber-ducky language, i assume rubber duck cannot handle ps. second, i would like to build a complete offline-version, without using gmail, tinypost or something. in fact, i just want to plug in the rubberducky and store the hashes, but, where? without using a online-connection to somewhere. other question is, is there something around to do this? i've seen the poll for the password-stealer, but i'm not sure if there is any work on this project right now. ok, here is the final question: how would you do hash-dumping with rubber-ducky? haven fun

hi all, using dos2unix works for me, i was able to install the script. so i will play around a bit with the scripts

Hello guys, i am new to the rubber-ducky community and doing my first steps with the quack. so at first, my envoironment: root@kali:~# cat kali PRETTY_NAME="Kali GNU/Linux 1.0" NAME="Kali GNU/Linux" ID=kali VERSION="1.0" VERSION_ID="1.0" ID_LIKE=debian ANSI_COLOR="1;31" HOME_URL="http://www.kali.org/" SUPPORT_URL="http://forums.kali.org/" BUG_REPORT_URL="http://bugs.kali.org/" Distributor ID: Debian Description: Debian GNU/Linux Kali Linux 1.0 Release: Kali Linux 1.0 Codename: n/a Linux kali 3.7-trunk-686-pae #1 SMP Debian 3.7.2-0+kali6 i686 GNU/Linux Linux version 3.7-trunk-686-pae (debian-kernel@lists.debian.org) (gcc version 4.7.2 (Debian 4.7.2-5) ) #1 SMP Debian 3.7.2-0+kali6 i just updated the ducky to the firmware duck_v2.1.hex which works fine. ok, here we go with the issues: i tried to do the firmware update with windows 7 using the doc here: http://code.google.com/p/ducky-decode/downloads/detail?name=The%20USB%20Rubber%20Ducky%20Draft.doc&can=2&q= i tried to download the file http://code.google.com/p/ducky-decode/source/browse/trunk/Flash/Duck%20Programming.zip which should be around 20 Megs, in fact it isnt and i was unable to unpack it. therefore i switched to my kali which works fine for flashing. by the way, why i am here right now is the following: i downloaded the simple ducky payload script from here: https://code.google.com/p/simple-ducky-payload-generator/downloads/detail?name=install_v1.0.9.sh&can=2&q= chmod +x it and have this result, which looks fine for me: -rwxr-xr-x 1 root root 700 May 2 09:34 install_v1.0.9.sh now, the problem: after running ./install_v1.0.9.sh the following message comes up: bash: ./install_v1.0.9.sh: /bin/bash^M: bad interpreter: No such file or directory so, i tried with the sh before so my command looks like this: sh ./bash: ./install_v1.0.9.sh and the following errors are shown: root@kali:~/work/rubberducky# sh ./install_v1.0.9.sh -e \e[1;34mPlease wait while I download and install the Simple-Ducky Payload Generator\e[0m --2013-05-02 10:04:15-- http://simple-ducky-payload-generator.googlecode.com/files/simple-ducky-v1.0.9-kali-edition.tar.gz%0D Resolving simple-ducky-payload-generator.googlecode.com (simple-ducky-payload-generator.googlecode.com)... 173.194.70.82, 2a00:1450:4001:c02::52 Connecting to simple-ducky-payload-generator.googlecode.com (simple-ducky-payload-generator.googlecode.com)|173.194.70.82|:80... connected. HTTP request sent, awaiting response... 404 Not Found 2013-05-02 10:04:15 ERROR 404: Not Found. tar: /usr/share\r: Cannot open: No such file or directory tar: Error is not recoverable: exiting now ln: failed to create symbolic link `/usr/bin/simple-ducky\r': File exists rm: cannot remove `simple-ducky-v1.0.9-kali-edition.tar.gz\r': No such file or directory : not found1.0.9.sh: 7: ./install_v1.0.9.sh: clear -e \e[1;34mDone! Be sure to setup your Pure-FTPD server (option 6) and update JDK to v1.7.0 (option 7) prior to generating any payloads.\e[0m -e \e[1;34mType: simple-ducky in the terminal to launch...\e[0m so also looks very strange. after that, i downloaded the file simple-ducky-v1.0.9-kali-edition.tar.gz and placed it in the same directory as the install-script and tried again, with no luck. i have no idea what the problem is.... regards