-
Posts
237 -
Joined
-
Last visited
-
Days Won
4
Everything posted by Oli
-
Duck devices are typically just seen as keyboards... You aren't trying to save files to a keyboard right? You will need a secondary usb device. Please post relevant payload section for more meaningful help :)
-
[Question] about the rubber ducky shippment
Oli replied to dvir1994's topic in Classic USB Rubber Ducky
Build one would me my advice, lots of info around. -
Rubber Ducky Mouse Jiggler alternative?
Oli replied to majestik42's topic in Classic USB Rubber Ducky
I'd use a teensy for this kind of thing as it is trivial to do. -
Looks pretty good. Although not too wise as we could probably mess it up and/or bring your site down :)
-
Just get an Arduino Leonardo (or clone) / Teensy as these can do the same thing and are more readily available.
-
Not really a ducky related problem so I doubt you will get much help here... The ducky is essentially just a keyboard and executes commands, not a magical escalation tool. The magic is in the payload and your question is too vague to provide much meaningful help.
-
That shouldn't really happen though... Sounds like a fire / electrocution hazard and potentially cheap Chinese electronics. If you can be bothered, please crack open the PSU / battery case and post some photos of the PCB so we can try and see the quality and what failed.
-
[Firmware request] Detecting drivers using screenlock?
Oli replied to thefloatgoat's topic in Classic USB Rubber Ducky
I'd use a 'peensy' for this kind of thing until the duck firmware is given the attention it needs: https://www.offensive-security.com/offsec/advanced-teensy-penetration-testing-payloads/ -
My advice would be not to run code that you don't understand from a proprietary site! :) Debug by using your own script that does what you require and the port that to the duck. If you do want to debug: The duck is just a "dumb" keyboard that executes keystrokes. You have the generated script, so run it line by line manually and then work out what instruction causes it to fail.
-
Make sure you are running the latest drivers: https://www.silabs.com/products/mcu/Pages/USBtoUARTBridgeVCPDrivers.aspx
-
I'm sure it has just been overlooked - I've personally had no problems. In fact, I had great service when my launch day Pineapple was missing an SD card. Just try again or call the number?
-
Maybe try a really simple payload that you know should work? I'm not 100% convinced that the script you are using isn't dodgy. The "my first payload" thing should be ok. You are using the right firmware / actually encoding your script with the java app to get the bin file right?
-
The approach will be roughly analogous so it should be pretty trivial to port.
-
Go for it. The duck firmware is starting to get more and more dated - we need such things as "waitForDrivers" methods and better approaches for delays.
-
Probably need an initial delay and other delays as appropriate,
-
I have no experience with the device in question. I'd guess you will be able to do some of the deployment, but probably some manual steps and some stuff that needs touch. An arduino/teensy would be a better place to start as you can then have multiple "payloads" that can be executed along with anything manual to speed up the deployment process.
-
Could be many potential reasons.... Have you tried manually typing that stuff (i.e. with keyboard and not a duck) to see if it actually works as expected?
-
[REQUEST] Online Pineapple UI emulator.
Oli replied to UnKn0wnBooof's topic in WiFi Pineapple Mark V
Not too easily. You could maybe hack the source? Oh wait, source not updated for 8 months https://github.com/WiFiPineapple/MK5_Interface Maybe sweet talk somebody to set up port forwarded access to a real pineapple? -
If you can do all the above manually with a just a physical keyboard attached the answer is yes, otherwise no :) The ducky is essentially just a keyboard that can type faster and more reliably than you can, not a magic hacker / deployment tool.
-
It is not a bug in the sense of “not working as designed” but more a UX problem in as much as it is “not designed as it should work”
- 12 replies
-
- Infusion
- 2.2.0 firmeware
-
(and 4 more)
Tagged with:
-
dynamic typing injection using webservice
Oli replied to fourchette's topic in Classic USB Rubber Ducky
This is the kind of thing: https://www.offensive-security.com/offsec/advanced-teensy-penetration-testing-payloads/ -
dynamic typing injection using webservice
Oli replied to fourchette's topic in Classic USB Rubber Ducky
I prefer a low tech approach of just swapping out SD cards or using a "duck-like" arduino device that can have configurable (via dip switch) payloads or have more logic built into the code. -
Is there a way to do "if/else" command on the rubberducky?
Oli replied to Alleckz's topic in Classic USB Rubber Ducky
I use a Peensy based approach using a Teensy: https://www.offensive-security.com/offsec/advanced-teensy-penetration-testing-payloads/ I don't have a duck anymore so no point in me customizing the firmware or augmenting its sub-optimal ducky scripting language :) -
Just use a Teensy or, worst case an Arduino Leonardo or Adafruit Trinket or any Arduino compatible microcontroller with a, say, Atmel ATMEGA 32U4 chip. You should be able to find something locally in India - Arduino, PJRC and Adafruit have a ton of resellers.
-
Is there a way to do "if/else" command on the rubberducky?
Oli replied to Alleckz's topic in Classic USB Rubber Ducky
There is a way, but ducky doesn't support it out of the box - I suppose it could with modified firmware but not really with the effort. You can use keyboard lights to set and then check the results of any "questions" that you ask via the script. The script turns off all caps/num/scroll lock lights and then sets them to appropriate values - the duck can then read back those values. This method can be used for (very slowly!) exfiltrating data too.