411Hall

No sorry, only Windows systems with admin priveledges that have PowerShell installed. What OS are you interested in running it against? 411.

Yeah adding System file shouldn't be an issue. I will try a few things later on and roll it out with the next update if it works. The 'ALT y' is used as a way to answer yes on the User Account Control dialogue which appears when you try to run programs with admin privileges. I found it more reliable than the 'LEFT ENTER' method i was using before. The start of my scripts is taken directly from Darren's UAC bypass script posted here: https://forums.hak5.org/index.php?/topic/30100-payload-faster-uac-bypass/ 411.

All fixed mate. Was a stupid mistake on my end. Sorry about that, 411.

Sorry for the delay in my reply. I promise it will get there! Did it error for you out of curiosity or just out right fail? Ah sorry about that its probably a coding error on my end. Would you mind messaging me a few more details on here or emailing me at ducktoolkit@outlook.com Specifically I want to know where your asking the file to save and what the text file is displaying instead. 411.

Just a heads up. I have made a few minor adjustments to the toolkit based on feedback i got from users. - The payloads will no longer fail if a Ducky folder already exists in the user home directory - The network scan will no longer fail if the user is using a VPN - The encoders error messages have been tweaked so they display the correct line (sometimes the messages were +10 lines off) Most importantly i have switched to using the Duck Encoder v2.6.2. Which means now thanks to midnitesnake i can include keyboard language selections for Spanish, Canadian and Swiss keyboards. 411.

Try my site, the encoder isnt anywhere near as good but it works. http://www.ducktoolkit.com/Encoder.jsp 411.

So sorry about the delay in my reply. I have started a new job recently so things have been manic. Yeah that script is poorly written, i will make a modification this weekend that adds a number and increments by one each time or possibly a timestamp. Anyway should be fixed by Sunday, thanks for bringing that to my attention :) Definately see where your coming from, its very similar to when i-ducke disappeared and seems to be lost forever. The Duck Toolkit is hosted on a free hosting site with no 'time limit' so there is no reason that it should disappear overnight. That being said i have been planning to get it on github for several months but work commitments have just taken all my time. I will get this moving over the coming weeks, there are still changes that need to be made to the code as there are a few issues that will prevent in running elsewhere. Its also such a big project i will need to comment the code as i doubt my code will make much sense. I will let you know when this is all done. I think you may be a little confused. The Duck is capable of stealing usernames and passwords from a target computer this is however one of its MANY uses. The aim of this project was to introduce a tool which would allow users to select from multiple pre compiled scripts (25+) in order to build a payload which suited their needs. Some of these scripts already existed however I created many of the scripts myself for my own uses. The secondary aim of the project was to introduce a reporting functionality to the Ducky which would allow users to extract reconnaissance information from a target machine, an example of this can be seen here: http://www.ducktoolkit.com/SampleReport.html You rightly point out that the Duck Toolkit doesn’t include twin duck functionality at this time which would allow you to insert a USB & Ducky and steal the password file but it is still in its early stages. I have a lot of the code in place which would allow the twin duck approach to work but it isn’t easy to merge this with my current approach, major code revisions are needed. The Toolkit does contain the username/password stealing functionality btw, but you have to email, ftp or save to the local machine. Anyway, hope that answer your question. 411.

My Copy FireFox profile script does copy the cookies.sqlite file which i believe contains the users cookie and can be viewed using something like this: http://www.webdevbros.net/2008/07/31/query-your-firefox-cookies-with-sql/ I haven't actually tried rebuilding any of the cookies though. Not sure if that's any help. 411.

Just a heads up that i have added 2 new scripts to the Toolkit and have also fixed some bugs that were reported with the Online Encoder. New Scripts Copy SAM File (Creates a shadow copy of the SAM file so it can be accessed) Remove Windows Update (Allows the user to specify a Windows Update to be removed from the target system) Other New Features Line numbers have been added to the online encoder. The error handling on the online encoder has been improved Support for French Mac keyboards has been added Swedish keyboard mapping has been updated to allow support for ^ I am still working on Twin Duck reporting and exploitation functionality but its proving hard. 411.

Yer i would like to see it back up and updated with the new encoders tbh. If you looking for a quick way to encoder things online you can use my site: http://www.ducktoolkit.com/IDE.jsp Its nowhere near as good though. 411.

Err it definately shouldnt be doing that. You don't need to flash the duck or anything, aslong as you are using Windows 7, 8 or Server 2008 and have selected the right keyboard layout it should work fine. Would you mind messaging me one of the .txt files so i can try it and see whats happening? 411.

If your still having issues you could try my online encoder http://www.ducktoolkit.com/IDE.jsp Just stick the contents of your .txt file in the text box, select a language and encode. Its not perfect but it works. 411.

I have added a multi-language encoder to the Duck Toolkit. Its very much in the early stages and needs more work to make it anywhere near as good as iDucke. But it is working, so i thought why not release it now and just keep working on it. Check it out at http://www.ducktoolkit.com 411.

Awesome script dude, I also had no idea about the encodedCommand cmdlet. Think I have some changes to make to the DuckToolkit!

Good stuff! I have replaced the Toolkits method with this one.

I have updated the Duck Toolkit. New Features 1 x Reconnaissance Script (Copy FireFox Profile) 3 x Exploitation Scripts (Enable Reverse Desktop, Create a Reverse Shell, DNS Poisoning) 1 x Reporting Script (Email Reporting via Gmail) You are now able to download both .bin file and the .txt file. This will allow you create the scripts and encode them later offline. Existing recon scripts have been modified to include more data. An MD5 hash value is now generated for each payload A sample reconnaissance report has been added I am planning on adding some scripts from the simple-ducky over the next few weeks and I am also trying to find a way to implement twin duck support. 411.

The first version of the site is now online! :D http://ducktoolkit-411.rhcloud.com/Home.jsp I had to remove a few features from the orginial specification but i plan to reintroduce these in the future. What i need is people to test the site/scripts and let me know if everything is working properly. If you have any issues with either the scripts or the site please let me know in this thread so i can fix asap. 411.

Thanks for the feedback guys, glad you like the looks of it! :D You will have to give me a couple of days to get the scripts sorted so they can run induvidually, they way the website is designed is to add a standard header to the beginning of each script which opens CMD etc. and then if a recon script has been added the html required to make the reports is also included. I have alot more scripts and features which i had intended to add but just never got the chance, so i will try to get working on a few of them over the next couple of weeks. Also added some new images showing the net scan and port scan. 411.

I am happy to announce that the DuckToolkit NG is now available! This is an entirely new version of the previous site which has been rewritten in Python/Django by myself and KevtheHermit. Current Features: Online Encoder 30+ Recon/Exploit/Reporting PowerShell scripts Online Decoder UK/US Language Support Standalone Python Encoder/Decoder We are working to add new languages and to implement Linux/OSX scripts in the coming weeks, however since this in an open source project please feel free to help us! If you want a certain language added then help us by writing it! You can access the online DuckToolkit NG here: https://www.ducktoolkit.com You can access the standalone DuckToolkit here: https://github.com/kevthehermit/DuckToolkit Any issues, comments or suggestions then either post on the Disqus thread on the website or respond in this thread, 411.