Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by jdorrough

  1. I know this was listed as answered but I was having a similar problem and fixed it by editing the openwrt firewall rules. For some reason the device wouldn't let me SSH to it's connected WAN interface if it was connected to just a power adapter on the USB (lan) side. If I connect the turtle to my laptop I could ssh to both the lan (172.x) and the WAN (192.x). To fix that issue, I added the following rule right before the "Allow-DHCP-Renew" rule in /etc/config/firewall. # We need to accept tcp packets on port 22, config rule option name Allow-ssh option src wan option proto tcp option dest_port 22 option target ACCEPT option family ipv4
  2. Hey thanks Mr-Protocol. Instead of fighting with the attachment problems, I've uploaded everything to github. https://github.com/jdorrough/Defcon-23-presentation
  3. Sorry for the weird formatting above. The forum is not allowing me to attach the files used to run the payload. There is also a 3 post per day max, so I'll try to add the files tomorrow.
  4. I gave a presentation last week on two variants of rubber ducky payloads that decrypt wireless ssl traffic. The first variant uses the ducky firmware (keyboard only) The second variant uses the twin duck firmware (keyboard and mass storage) I’ve tried to acknowledge other people’s code I used, but if I missed someone, let me know. Give it a shot and I’ll try to help get it working if you have any questions. ****Payload 1 using Keyboard only “trusted-root.txt”****** Before the attack will work, you will need to setup your MITM listener. There are lots of walkthroughs online. The payload will need to be adjusted to reflect what SSID your AP will be using. After the MITM AP and proxy are setup, you will need to export the signing certificate and convert to base64 encoding.I’ve listed commands to do that in the attached presentation slides. If you are using the “trusted-root” variant, you will need to update the syntax to use your exported certificate instead of the one I used. That should be all you need to make the keyboard only payload work. *Note you may need to adjust timers or acknowledge pops differently than what my test machine needed. This version will work on IE and Chrome but not Firefox. ****Payload 2 using Keyboard and USB Mass Storage “Twin-trust-root.txt”***** Like the pervious payload, you will need to setup a MITM listener and export a certificate. For this payload you will need to add the certificate to your own copy of Firefox. Then you will need to copy your Firefox key3 and cert8 files. I’ve included slides in the presentation to show you where they files are located. *Note you may need to adjust timers or acknowledge pop ups differently than what my test machine needed. This version will work on IE, Chrome and Firefox.
  • Create New...