Broti
-
Posts
233 -
Joined
-
Last visited
-
Days Won
6
Posts posted by Broti
-
-
I don't know if I have the script anymore, but creating a new admin is easy:
net user NewAdmin Password /ADD net localgroup Administrators NewAdmin /ADD
The "utilman hack" was mostly done by hand, since not everyone installed Windows to C:\Windows which would render an automatic typed script useless at that point.
-
I often used a short script to create a new admin account via console (in combination with utilman.exe image hijacking) to gain access for some people on different occasions, like forgotten passwords or on a recently deceased person's PC (who never shared the password)
-
Ah, finally caught up with the last 10 episodes.
Superb as always.
-
cool haircut Free advertising
-
There's still a lot of old stuff out there in the industry
-
Turtle could imply, that it has some kind of ddos stress test ability.
Or it finds bottlenecks on your network, like that old SUN server with the 10MBit-NIC
Or it's a ninja
-
When I ordered the ducky, no extra taxes or problems with German customs.
The same with lan tap pro.
-
Was fun to watch.
I really liked the small hidden things like the turtle head over the chimney. xD
-
Some people also recommend http://dirtypcbs.com/
-
For the first start: https://forums.hak5.org/index.php?/topic/28824-faq-frequently-asked-questions/
To use a payload you have to compile it with Ducky Encoder.
To access your micro sd, use the bundled sd reader or hold down the button on the ducky while inserting.
Swap the inject.bin with your compiled and there you go.
-
Add DELAY 3000 at the beginning of your script.
Recompile to inject.bin
-
Could you be more specific what firmware you flashed on the ducky.
And what do mean by "sees it"? Do you like a drive in explorer?
Normally your ducky gets recognized as a HID (human interface device) aka. keyboard
-
Yep, "Hacking" is to know how a system works and where its quirks are.
*sharing white hats*
-
Okay, I watched the whole segment again.
Darren's using the "Twin Duck" firmware for this.
-
-
if you wanna access the storage keep the button pushed while inserting or use the included micro sd reader.
-
Happy Bday, Darren!
Hope the weather was good at Tempelhof airfield.
-
If you wantto access the storage of ducky, you'll have to push the button down while inserting.
Or use the included sd card reader.
-
-
Berlin is too far
-
-
'Well, not exactly EDC but my PC toolkit is an old ammo box containing:
- CD pack (Operating systems, software)
- 32GB bootable USB stick (Windows 8.1 PE, Clonezilla, Memtest86)
- 16GB USB stick (PortableApps, Sysinternals)
- 500GB 2,5" USB HDD (empty)
- Notebook (Kali, Wireshark, DuckyEncoder)
- LAN tap
- USB rubber ducky
- Micro USB OTG "Cos" cable
- 3m cat5e twisted pair cable
- 50cm cat5e loopback cable
- Screwdrivers
- Guitar pick
-
Have you chosen the correct keyboard language for compiling?
Try that. Maybe it'll work...
-
A possible way that popped up in my brain would be via the prrinter's web-interface.
If malware is planted there, it could infect the admin pc when he's setting up the system. And from there it could
spread through the whole network... in theory.
cool haircut 
How would you defend against GCHQ's apparently 'legal' attacks?
in Everything Else
Posted
Encrypt personal files and/or have them stored on an offline access only computer.
You can prevend software keyloggers by using liveDVD/CD operating systems.