Scrag

Hello Everybody I edited my /etc/nginx/nginx.conf file and now my web interface http://172.16.42.1:1471 does not work to admin my pineapple. I put the server config back to its original state and rebooted the pineapple - but it sill doesnt work. When I try to connect it says the site cant be reached / refused to connect. I can ssh to the pineaple just fine. Any thoughts on how I can fix this? Thanks, Scrag

Well, not what I wanted to hear but what I need to know. Thanks Guys!! Scrag

Hello Everyone. Im trying to figure out how to bypass HSTS with DNS Spoof and phising pages. I was about to give up but then I had an idea that ive been trying to implement. That is using PHP to re-direct the page request to a different url which hosts the phish page. For example: someone goes to www.facebook.com - which opens the redirect.php on the pineapple, which then redirects it to www.test.com/test.html. Test.html is just the bogus facebook page. Obviously if they are looking at their URL it will say http://www.test.com/test.html but will display the fake facebook page. Below is my redirect.php file: <?php $ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; if (strpos($ref, "example")){ header('Status: 302 Found'); header('Location: test.html'); } if (strpos($ref, "facebook")){ header('Status: 302 Found'); header('Location: http://www.test.com/test.html'); } require('error.php'); ?> <iframe style="display:none;" src="/get/get.php"></iframe> Since my hosts file on DNS spoof is " 172.16.42.1 * ", I was hoping it would redirect facebook to plain http test.html page on the pineapple. This is not working quite right, and Im new to PHP. Anyone have any ideas whats wrong? Why this isnt working? Or, maybe there is a better way to do all this? Thanks!! Scrag

Got it. Thanks for the replies!

Im taking a security course where we need to hack into a number of lab machines. Lots of them are running ssh. I can get key information by the following nmap command: # nmap -p 22 --script ssh-hostkey -v 192.168.xxx.xxx Starting Nmap 6.46 ( http://nmap.org ) at 2014-12-08 11:36 EST NSE: Loaded 1 scripts for scanning. NSE: Script Pre-scanning. Initiating ARP Ping Scan at 11:36 Scanning 192.168.xxx.xxx [1 port] Completed ARP Ping Scan at 11:36, 0.09s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 11:36 Completed Parallel DNS resolution of 1 host. at 11:36, 4.04s elapsed Initiating SYN Stealth Scan at 11:36 Scanning 192.168.xxx.xxx [1 port] Discovered open port 22/tcp on 192.168.xxx.xxx Completed SYN Stealth Scan at 11:36, 0.18s elapsed (1 total ports) NSE: Script scanning 192.168.xxx.xxx. Initiating NSE at 11:36 Completed NSE at 11:36, 2.08s elapsed Nmap scan report for 192.168.xxx.xxx Host is up (0.100s latency). PORT STATE SERVICE 22/tcp open ssh ssh-hostkey: I 1024 65:63:69:c9:8b:96:b1:fb:be:d5:5c:f8:1e:7b:de:8f (DSA) ssh-dss AAAAB3NzaC1kc3MAAACBAPgR1A-JiiKTtPRghjaMR4nHJ2qK9+bfehVJw5fhPu3gsLxPe+dOi9gfpOrM4pVo0OR ZkiOn/9Hn6pVX0qpnXPtgGhGsnQYkPR6QdiBI4WeGGZ3tsDuj1u0X6DrSEy4eVuaAGV9h2413TzgFcZ8o690pDWcKGB8krHHg i0SWnj3xQ1AAAAFQDzMDuRv4XwObvME88LK1VQ28xagQAAAIEAmNnhKZCSEnOhyW5+h5U1870DbfM7WMW/ferRugS7no4Gx EbDBUlDp3IovMAOKPt/ZSajiyueew1o4IXq+3qVf1sjtUDOvtptv7aGUpK9ZCeY/JOXEL/52677D02b1/aVimy4xGFKdIPEd qwindgIAbvxjuBrlTkIMnKzxYpFIAAACABExZb99rpjo3h+6ypzywL+QZLO1tVb8I5wuTtRfGTL3619Tv0PHXZ74DR8qE2K Ogx9WapTKUcFgGwDQZ2fh+EZd2/xx/jOn/gCrfdtHAKW1LivYYJg3nAR2XeYj/5c+c9WUTloY+4E08Lwb5Uibr9vNxm05/wiJ MauAMS/Q4EYAm= I 2048 28:99:c0:51:20:96:31:e1:a4:fb:9a:17:46:52:cf:fc (RSA) I_ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwLyVtTmZ588dtDeYaMXwwMpQIteepzUL7RR9WsiTibncf19LOnci/Ov1wQz 9mx6Tty23t4ZD2w1ZQdIHhKpm/cGKFuxueSnCQRHIi93RvXWCTMRvrAe0OSNYLM8NjIEFNPGHyUPmkDQELUpI97i9+ht1brw z/OEBEr4f1rOAC/CTWKDk4WvKwy7n63GvU/Q5hCSOWPrj37VS7Y53xThdKWKQs3bkU2C+n0h1XDzx0x19e4FINDa9SzvE6q vIKBobzY0czT9RcL1npS+wmignR1os/fPteXhDe37Kmed6Tx+/52YvAdQPTly7yoDP8pAWf80+yM6MIjXT8DRz3LvraQ== MAC Address: 00:00:00:00:00:00 (VMware) NSE: Script Post-scanning. Initiating NSE at 11:36 Completed NSE at 11:36, 0.00s elapsed Read data files from: /usr/bin/../share/nmap Nmap done: 1 IP address (1 host up) scanned in 6.49 seconds Raw packets sent: 2 (72B) I Rcvd: 2 (72B) Is this information something I can use to break into the system? Ive tried reading up on ssh but most of it with keys etc doesnt make a lot of sense to me. Any thoughts on this would be appreciated! Thanks.

I know theres probably lots of posts on this but I cant seem to find any that direct someone on how to start learning to create an infusion. I have some ideas and needs id like to try to create an infusion for...so any advice on where to start would be apprciated. Thanks, Regan

I have a Franklin Wireless U600, with virgin mobile for the ISP. I had to create a usb_modeswitch file, and copy it to /etc/usb_modeswitch.d/ folder. Here is my modeswitch file, named "1fac:0150" # Franklin Wireless U600 DefaultVendor= 0x1fac DefaultProduct=0x0150 TargetVendor= 0x1fac TargetProduct= 0x0151 MessageContent="555342431234567824000000800108df200000000000000000000000000000" I also had to add this to my 3g.sh file.... case "$MODEM" in *1fac:0150* | *1fac:0151*) echo "Franklin Wireless U600 (Virgin Mobile) detected. Attempting mode switch" uci delete network.wan2 uci set network.wan2=interface uci set network.wan2.ifname=ppp0 uci set network.wan2.proto=3g uci set network.wan2.service=cdma uci set network.wan2.device=/dev/ttyUSB0 uci set network.wan2.username=internet uci set network.wan2.password=internet uci set network.wan2.defaultroute=1 uci set network.wan2.ppp_redial=persist uci set network.wan2.peerdns=0 uci set network.wan2.dns=8.8.8.8 uci set network.wan2.keepalive=1 uci set network.wan2.pppd_options=debug uci set network.wan2.pppd_options=noauth uci commit network usb_modeswitch -v 1fac -p 5031 -V 1fac -P 0151 -M 555342431234567824000000800108df200000000000000000000000000000 -n 1 -s 20 sleep 10; rmmod usbserial sleep 3; insmod usbserial vendor=0x1fac product=0x0151 sleep 5; /etc/init.d/firewall disable; /etc/init.d/firewall stop logger "3G: firewall stopped" iptables -t nat -A POSTROUTING -s 172.16.42.0/24 -o 3g-wan2 -j MASQUERADE iptables -A FORWARD -s 172.16.42.0/24 -o 3g-wan2 -j ACCEPT iptables -A FORWARD -d 172.16.42.0/24 -m state --state ESTABLISHED,RELATED -i 3g-wan2 -j ACCEPT ;; Here is my completed 3g.sh file.... #!/bin/sh # --------------------------------------------------------- # 3G Connection Script for WiFi Pineapple. "Does the thing" # # Version: 2012-02-17 # Supports: # # ZTE MF591 (T-Mobile) -dkitchen # Novatel MC760 (Virgin) -dkitchen # Novatel MC760 (Ting) -dkitchen # Sierra 598u (Ting) -brianzimm # And more. # # Updates: wifipineapple.com # --------------------------------------------------------- # ----------------------------------------------------------- # Configure /etc/ppp/options with hard-coded working settings # ----------------------------------------------------------- echo " logfile /dev/null noaccomp nopcomp nocrtscts lock maxfail 0" > /etc/ppp/options # -------------------------------------------------------------------------------------------------- # Check for known usb modem vendor and product IDs then switch 'em from storage to serial modem mode # -------------------------------------------------------------------------------------------------- echo "Searching for attached 3G Modems" logger "3G: Connection Script here, searching for modems" MODEM=$(lsusb | awk '{ print $6 }') echo $MODEM case "$MODEM" in *1fac:0150* | *1fac:0151*) echo "Franklin Wireless U600 (Virgin Mobile) detected. Attempting mode switch" uci delete network.wan2 uci set network.wan2=interface uci set network.wan2.ifname=ppp0 uci set network.wan2.proto=3g uci set network.wan2.service=cdma uci set network.wan2.device=/dev/ttyUSB0 uci set network.wan2.username=internet uci set network.wan2.password=internet uci set network.wan2.defaultroute=1 uci set network.wan2.ppp_redial=persist uci set network.wan2.peerdns=0 uci set network.wan2.dns=8.8.8.8 uci set network.wan2.keepalive=1 uci set network.wan2.pppd_options=debug uci set network.wan2.pppd_options=noauth uci commit network usb_modeswitch -v 1fac -p 5031 -V 1fac -P 0151 -M 555342431234567824000000800108df200000000000000000000000000000 -n 1 -s 20 sleep 10; rmmod usbserial sleep 3; insmod usbserial vendor=0x1fac product=0x0151 sleep 5; /etc/init.d/firewall disable; /etc/init.d/firewall stop logger "3G: firewall stopped" iptables -t nat -A POSTROUTING -s 172.16.42.0/24 -o 3g-wan2 -j MASQUERADE iptables -A FORWARD -s 172.16.42.0/24 -o 3g-wan2 -j ACCEPT iptables -A FORWARD -d 172.16.42.0/24 -m state --state ESTABLISHED,RELATED -i 3g-wan2 -j ACCEPT ;; *1410:6002* | *1410:5031*) echo "Novatel MC760 (Virgin Mobile) detected. Attempting mode switch" uci delete network.wan2 uci set network.wan2=interface uci set network.wan2.ifname=ppp0 uci set network.wan2.proto=3g uci set network.wan2.service=cdma uci set network.wan2.device=/dev/ttyUSB0 uci set network.wan2.username=internet uci set network.wan2.password=internet uci set network.wan2.defaultroute=1 uci set network.wan2.ppp_redial=persist uci set network.wan2.peerdns=0 uci set network.wan2.dns=8.8.8.8 uci set network.wan2.keepalive=1 uci set network.wan2.pppd_options=debug uci set network.wan2.pppd_options=noauth uci commit network usb_modeswitch -v 1410 -p 5031 -V 1410 -P 6002 -M 5553424312345678000000000000061b000000020000000000000000000000 -n 1 -s 20 sleep 10; rmmod usbserial sleep 3; insmod usbserial vendor=0x1410 product=0x6002 sleep 5; /etc/init.d/firewall disable; /etc/init.d/firewall stop logger "3G: firewall stopped" iptables -t nat -A POSTROUTING -s 172.16.42.0/24 -o 3g-wan2 -j MASQUERADE iptables -A FORWARD -s 172.16.42.0/24 -o 3g-wan2 -j ACCEPT iptables -A FORWARD -d 172.16.42.0/24 -m state --state ESTABLISHED,RELATED -i 3g-wan2 -j ACCEPT ;; *1410:5030*) echo "Novatel MC760 (Ting) detected. Attempting mode switch" uci delete network.wan2 uci set network.wan2=interface uci set network.wan2.ifname=ppp0 uci set network.wan2.proto=3g uci set network.wan2.service=cdma uci set network.wan2.device=/dev/ttyUSB0 uci set network.wan2.username=internet uci set network.wan2.password=internet uci set network.wan2.defaultroute=1 uci set network.wan2.ppp_redial=persist uci set network.wan2.peerdns=0 uci set network.wan2.dns=8.8.8.8 uci set network.wan2.keepalive=1 uci set network.wan2.pppd_options=debug uci set network.wan2.pppd_options=noauth uci commit network usb_modeswitch -v 1410 -p 5030 -V 1410 -P 6000 -M 5553424312345678000000000000061b000000020000000000000000000000 -n 1 -s 20 sleep 10; rmmod usbserial sleep 3; insmod usbserial vendor=0x1410 product=0x6000 sleep 5; /etc/init.d/firewall disable; /etc/init.d/firewall stop logger "3G: firewall stopped" iptables -t nat -A POSTROUTING -s 172.16.42.0/24 -o 3g-wan2 -j MASQUERADE iptables -A FORWARD -s 172.16.42.0/24 -o 3g-wan2 -j ACCEPT iptables -A FORWARD -d 172.16.42.0/24 -m state --state ESTABLISHED,RELATED -i 3g-wan2 -j ACCEPT ;; *1199:0025*) echo "Sierra 598u (Ting) detected. Attempting mode switch" uci delete network.wan2 uci set network.wan2=interface uci set network.wan2.ifname=ppp0 uci set network.wan2.proto=3g uci set network.wan2.service=cdma uci set network.wan2.device=/dev/ttyUSB0 uci set network.wan2.username=internet uci set network.wan2.password=internet uci set network.wan2.defaultroute=1 uci set network.wan2.ppp_redial=persist uci set network.wan2.peerdns=0 uci set network.wan2.dns=8.8.8.8 uci set network.wan2.keepalive=1 uci set network.wan2.pppd_options=debug uci set network.wan2.pppd_options=noauth uci commit network usb_modeswitch -v 1199 -p 0025 sleep 10; rmmod usbserial sleep 3; insmod usbserial vendor=0x1199 product=0x0025 sleep 5; /etc/init.d/firewall disable; /etc/init.d/firewall stop logger "3G: firewall stopped" iptables -t nat -A POSTROUTING -s 172.16.42.0/24 -o 3g-wan2 -j MASQUERADE iptables -A FORWARD -s 172.16.42.0/24 -o 3g-wan2 -j ACCEPT iptables -A FORWARD -d 172.16.42.0/24 -m state --state ESTABLISHED,RELATED -i 3g-wan2 -j ACCEPT ;; *12d1:1436*) echo "Huawei E173 detected. Attempting mode switch" uci delete network.wan2 uci set network.wan2=interface uci set network.wan2.ifname=ppp0 uci set network.wan2.proto=3g uci set network.wan2.service=umts uci set network.wan2.device=/dev/ttyUSB0 uci set network.wan2.apn=apn uci set network.wan2.username=username uci set network.wan2.password=password uci set network.wan2.defaultroute=1 uci commit network usb_modeswitch -v 12d1 -p 1436 sleep 10; rmmod usbserial sleep 3; insmod usbserial vendor=0x12d1 product=0x1436 sleep 5; /etc/init.d/firewall disable; /etc/init.d/firewall stop logger "3G: firewall stopped" iptables -t nat -A POSTROUTING -s 172.16.42.0/24 -o 3g-wan2 -j MASQUERADE iptables -A FORWARD -s 172.16.42.0/24 -o 3g-wan2 -j ACCEPT iptables -A FORWARD -d 172.16.42.0/24 -m state --state ESTABLISHED,RELATED -i 3g-wan2 -j ACCEPT ;; *12d1:140c*) echo "Huawei Modem (3-IRL) detected. Attempting mode switch" uci delete network.wan2 uci set network.wan2=interface uci set network.wan2.ifname=ppp0 uci set network.wan2.proto=3g uci set network.wan2.service=umts uci set network.wan2.device=/dev/ttyUSB0 uci set network.wan2.apn=3internet uci set network.wan2.username= uci set network.wan2.password= uci set network.wan2.defaultroute=1 uci commit network usb_modeswitch -v 12d1 -p 140c -V 12d1 -P 140c -M 5553424312345678000000000000061b000000020000000000000000000000 -n 1 -s 20 sleep 10; rmmod usbserial sleep 3; insmod usbserial vendor=0x12d1 product=0x140c sleep 5; /etc/init.d/firewall disable; /etc/init.d/firewall stop logger "3G: firewall stopped" iptables -t nat -A POSTROUTING -s 172.16.42.0/24 -o 3g-wan2 -j MASQUERADE iptables -A FORWARD -s 172.16.42.0/24 -o 3g-wan2 -j ACCEPT iptables -A FORWARD -d 172.16.42.0/24 -m state --state ESTABLISHED,RELATED -i 3g-wan2 -j ACCEPT ;; esac So after I copied the 1fac:0150 file to /etc/usb_modeswitch.d/ I then had to run my 3g.sh file (./3g.sh). I went into the networking infusion and pressed the update and redail links. After a reboot, my 3g starts up automatically if my modem is plugged in when booted. I had to flash my pineapple a few times and this process worked both times after. I was able to figure this out thanks to Headros' efforts. Her post can be found here: https://forums.hak5.org/index.php?/topic/29108-u600-virgin-mobile-usb-modem-configuration/?hl=franklin This has worked for me for the mark 4 and 5. Hope this helps.

Very well done video on ettercap's usage and capabilities can be found below. It can also be downloaded from their site in stead of jsut viewing it. http://infinityexists.com/videos/episode20/

Thanks for the responses. I removed WiFi Manager and flashed my pineapple. My client connected fine. I then changed my SSID from "Pineapple_1F44", or something like that to "Guest" in the karma tab, and checked persistent. Now my client wont connect. I removed the /etc/config/wireless file and did a "wifi detect" and rebooted. Now my client connects. I tried updating the SSID in the /etc/config/wireless file manually, and also tried karma again, each time it broke the client and the client worked again after i did a "wifi detect". So in summary the client connect works until I change my AP SSID, then it stops working. My AP and everything else works fine - just no client connect. The pineapple wheel just spins and spins. PS...also when my client would connect, the internet wont work for the clients. If I ping 8.8.8.8 from a client it fails. I verified ip_forward is set to 1. I have multiple access points running and no encryption on them, it doesnt work for any of them. Internet will work on the pineapple though. Any other ideas? Thanks, Scrag

Ive been having client connect problems since day 1. Im running Firmware 1.0.4. Ive been checking for the reverse wlan issue on the forums and been reset and redetecting my wireless configuration. So I just recently reloaded my firmware. I tried the client connect under the network options - worked fine. I then setup my 3g modem and changed my AP name using WiFi Manager. Now I cant connect with the client connect under the network infusion. Ive had this happen many times. It seems client connect works ok...then I make a change in WiFi Manager infusion, and then it stops working. Also my WiFi Manager keeps adding radios to its config..so I keep getting more radios. Ive tried deleting some of these intrfaces, and disabling them by unchecking the Enable box...sometimes it works..other times it doesnt. Any Thoughts? Thanks, Scrag

Yeah I thought about that. Im runing kali linux on my phone. problem is I connect wifi to lots of other networks so a static would be very inconvienient :(

Would anyone know how I can create a DHCP reservation so when my phone connects to the pineapple it gets the same IP every time? If not what dhcp server does the pineapple use? Thanks, Scrag

Ok, i think i figured out my own problem. My webserver is serving pages on port 8080 not 80.

PS...if I had to guess its not a problem necesarily with dnsspoof - but with the fact my piney wont serve the http page. If I try to browse other files in the www directory it doesnt work.

Hi. Its my first time setting up Dnsspoof. I have watched a lot of youtube videos and have been following along to get a fake test facebook.com phishing page going. Ive gone through a lot of videos and turorials and I must be missing something because mine doesnt work. When you goto www.facebook.com, it just gives you a "page cannot be displayed" page. When I ping www.facebook.com it comes back as 172.16.42.1, so I know the "spoofing" portion works. I have my modified facebook.html and files copied to /www on the pineapple. Below are my config's. Hosts 172.16.42.1 *.facebook.com Redirect.php <?php $ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; if (strpos($ref, "example")){ header('Status: 302 Found'); header('Location: example.html'); } if (strpos($ref, "facebook")){ header('Status: 302 Found'); header('Location: facebook.html'); } require('error.php'); ?> Output so far....its loggin my attempts at least dnsspoof output_1385335664.log [November 25 2013 01:20:39] dnsspoof: listening on br-lan [udp dst port 53 and not src 172.16.42.1] 172.16.42.141.54762 > 172.16.42.1.53: 1801+ A? www.facebook.com 172.16.42.141.49251 > 172.16.42.1.53: 49954+ A? www.facebook.com 172.16.42.141.55392 > 172.16.42.1.53: 37161+ A? www.facebook.com 172.16.42.141.54352 > 172.16.42.1.53: 37704+ A? s-static.ak.facebook.com 172.16.42.141.57804 > 172.16.42.1.53: 12638+ A? www.facebook.com 172.16.42.203.44070 > 172.16.42.1.53: 37865+ A? www.facebook.com 172.16.42.203.46406 > 172.16.42.1.53: 34566+ A? www.facebook.com 172.16.42.203.36324 > 172.16.42.1.53: 5921+ A? www.facebook.com index.php <html> <head> <meta http-equiv="REFRESH" content="0;url=redirect.php"> </head> <body> </body> </html> Ive also attached a screen shot of the files in /www on my pineapple. Any advice would be greatly appreciated!! Thanks, Scrag

Thanks Sahid2080, and everyone else. I tried one of my old pineapple's power cords and it worked for me right away. Thanks, Scrag

Yeah I tried a few more times, still same result. I also followed the instructions on how to unbrick and I got as far as uploading the stagr.bin but the rest would not go. With the red LED coming on all the time im guessing its a bad SD reader. I also made sure the MD5 matched up. Ill contact shop@hak5.org like you said. Thanks, Scrag

I got my new pineapple today and have been having problems. First off - the SD card reader didnt hold in the SD card. I opened the case, and adjsuted the metal holder flap - works now. 1.) I inserted the SD card first thing to flash it on AC power. The Amber, Red, and Blue LED's just continuously cycle a wierd pattern. I waited 7 minutes and pineapple doesnt boot. The LED's, Amber, Blue, and Red just cycle flash a wierd pattern. 2.) I took out the SD card, inserted it into my laptop. The MD5 file and the .bin file are there, so It looks like the SD card is ok. 3.) Tried to boot without SD card, just flashes Amber, blue and red in a pattern. 4.) I tried setting the DIP switches to UP, DOWN, DOWN, UP, UP to reset the firmware. It still doesnt boot - same LED flash cycle. 5.) I also tried flashing it again with the SD card like in step 1 but same result. Any ideas what I can try? I am guessing the SD card reader isnt working properly. Thanks, Scrag

Gives me something to do this weekend. Thanks much for the info! Scrag

Hello Everybody. I have 2 questions on aircrack: 1.) When I run "airodump-ng mon0" and it lists the AP's/SSID's in the area, there is one wireless network that is not displayed, but is displayed on my android phone. I can see about 12 SSID's but not this one in particular. My pineapple's wireless has a much more powerful signal than my phone so I know its not distance/signal strength. Any thoughts? 2.) When I run "airodump-ng mon0", I see lots of ESSID's that are called: <length: 1> <length: 0> <length: 7> etc... Does anyone know what this means? Are they hidden AP's? Thanks, Scrag

thanks.

Yeah I hear ya. I searched around and didnt see that. I re-searched and sure enough I missed that post. Thank You very much!! Ive been trying to get this to work and been very frustrated. Thanks to the post you posted :P - I got this to work tonight - finally. Thanks much Deathdealerxx & headros!!!

Anyone have any ideas where I could start with this? A 3g guide or maybe a youtube video that shows how to setup 3g? The only thing ive been able to find is the link below, which didnt make much sense to me other than the screen shot. https://github.com/WiFiPineapple/web-interface/wiki/mk4guide3gmodem Thanks, Scrag

I am using 64 bit win7.

Ive compiled Darren kitchen's reverse shell and loaded it onto my ducky. When I insert it into my win7 pc it does all kinds of strange things like open random programs. I do see it try to type out the code for the payload but I cant get this to work right. Ive gone through the script and tried to manually enter the commands to see where it appears to have the hangup. The 6th command down, MENU, seems to not work for me or maybe there is something i dont understand. Ive tried recompiling the inject.bin again and tried again but same issues. I have UAC turned off on my win7 PC. Here's the link to the reverse shell im using: https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payload---reverse-shell Any thoughts? Thank You! Scrag