Broti

I use the included 128MB card. Size would only matter if you use one of the custom firmwares. But it all depends on your planned usage.

Not exactly a bank, but still interesting: https://www.youtube.com/watch?v=pL9q2lOZ1Fw

Sometimes I can understand why we still use pen and paper instead of insecure voting machines :D

The encoder (online & offline) has an option to compile the payload for a specific keyboard layout.

You mean the "Disc Label" of the ISO? There's no need for that, if you're writing the file to USB.

I read an article about this project on Hackaday this morning. Always fun to see those DIY projects emerge ?

I have a similar setup here - just vice versa: German OS, UK keyboard. And the Ducky works fine. Is there a certain part that won't work or the whole script? Maybe post it here so we can check it

What exactly do you mean? Are the installed Operating systems in English? Was genau meinst du? Sind die Betriebssysteme auf englisch?

And there's always the possibility the cryptor itself gets flagged by AV

What about a Port Scanner? It's fairly easy to code.

Aren't library PCs state property?

I never had problems with given spoken consent since I personally knew the "client" or a person I know knew and introduced me, but yes it only counts in written form. Especially in business

Did you try to contact them directly? https://hakshop.zendesk.com/hc/en-us/requests/new

Like a school network? I think I can answer that best with a movie quote: "Don't tempt me, Frodo." Stay local (as @GarrukApex said too). If you have the possibility (free space, equipment and/or financial resources) to set up a second isolated LAN at home just for pentesting/hacking. Perhaps the cheapest way is using virtual machines.

Amen, brother

"Unauthorized" can be simulated of course. Same do pentester at presentations. If you hack around your own devices/local network, you don't have to worry. Even breaking into systems of friends (with their consents) is acceptable. As long as the target owner knows and approves there's nothing to worry about.

Remember to have an inject.bin on your card. And the slot can be a bit bitchy (at least on my ducky,) so I have to fiddle around with the card while duccky plugged in. worked fine here. But when in doubt (and still have warranty): contact hak5

It generates the text-file android_brute-force_0000-9999.txt which you have to encode. The script you posted has to be executed in a shell

The Ducky Script 101 can answer that question: https://www.hak5.org/gear/duck/ducky-script-usb-rubber-ducky-101 GUI/WINDOWS simulates a hold key. So CONTROL ESCAPE is the right choice for start menu.

That's kinda strange. What version of Windows do you have and could you test the attached inject.bin? DELAY 3000 GUI r DELAY 500 STRING notepad.exe ENTER DELAY 500 STRING Hello World ENTER REPEAT 2 inject.bin

Try GUI r instead if you want to get the "Run" dialog ;) CONTROL ESCAPE only opens the start menu.

To clean up I'd recommend the following steps: Check for firmware updates (if possible: download it at your friends house/at work) Factory reset modem Connect it to LAN only Update firmware (if no update: Skip 4.) Configure modem Connect to the internet again Have you scanned your PC for any malicous software, yet?

Hi, the FAQ might be helpful for you. Try the following steps under "My ducky is flashing red, what now?"

@Rayvn well there is payload I know of to directly help you in this matter. If anyone else know: Please enlighten me. As for resetting admin passwords there are tons of tutorials online. One thing you could check though is boot 'em in safe mode. Some machines then reveal an admin account (with no password/master password ion manial) but it really depends on the vendor/re-seller. But that's nothing that can't solely be handled with a Ducky.

I know It's only for the android-based access code option.