["Take screen captures" Payload not work]

I've been tested those commands on a Win7: opening a admin command prompt with powershell, resizing (the mod string), selecting "move" and moving down with down arrow key, and works like a charm.

Maybe the prior commands are the trouble in the full sequence. Are you sure the sequence is executed correctly? It means, is really saving (Control+S), typing the filename (C:\...) and closing the file (ALT+F4) before opening the command prompt? For example, if the save dialog is not showing at time (1.05 secs in your case), the rest of the commands are pointless.

Anyway, if you "move down" the cmd window, is not necessary the resize function ;)

["Take screen captures" Payload not work]

ALT Y command is used when a modal dialog appears and you want to select a button with a shortcut with the letter Y. In this case, the script is trying to select the "Yes" option. That order only works on Windows with english as primary language (for example, in spanish the combination is "ALT S").

To avoid language dependence, I recommend you to use "LEFTARROW+ENTER", assuming any admin order has the option "No" pre selected, on a scheme where the order is "YES - NO"

Before going on, I suggest you to understand the script, trying to reproduce line by line. There is no sense in send a payload that you don't understand (i.e., if you have a disk partition, why you need to create a file when simply you can execute from the ducky drive?)

[Resource/Tutorials for absolute beginners]

USB Rubber Ducky Project Wiki - midnitesnake

USB Rubber Ducky Project Wiki - hak5darren

[Script for opening html page]

Assuming Windows as OS Target, Twin Duck Firmware (with SD labeled as "DUCKY") ,and the HTML page on the root of SD as "page.html":

DELAY 1000
GUI R
DELAY 100
STRING cmd
DELAY 100
ENTER
DELAY 150
STRING for /f "tokens=3 delims= " %A in ('echo list volume ^| diskpart ^| findstr "DUCKY"') do (set DUCKYdrive=%A:)
ENTER
STRING "C:\Program Files\Internet Explorer\iexplore.exe" %DUCKYdrive%\page.html & exit
ENTER
DELAY 1000
F11

Remember adjust the delay time to work properly on the target machine.

[Flashing Rubber Ducky - Invalid HEX file syntax]

how is doing that ??? there is an option on github to download all to a zip... wth ???

In the main page of the project, there is a button with caption "Download ZIP".

Better use the git binaries, so you can update the project in a more efficient way.

[[Keyboard Layout] Modified Spanish Keyboard Layout]

Hola a todos. Hello everyone, I read this thread, and after various tests, I tell my experience after trying to touch the files (s. Properties), and not solve anything.

I finally managed to work me as follows : In Windows 7, with the notebook I write the script with international selecting Spain Spanish keyboard, the icon in the lower left side of the icons of exam: state clock, time, etc. and I save it. After that open a cmd console with administrator permissions, and change to the English keyboard settings United States, I run the sequence: java -jar encoder.jar -i -o yourfile.txt inject.bin, and generates the bin file with the characters(: / \).

Greetings.

Hola telecopc!

In your sequence, I miss the language input:

java -jar encoder.jar -i -o yourfile.txt inject.bin -l PATH_TO_YOUR_CUSTOM_LAYOUT

By default (without -l option), the encoder use "US" keyboard.

[Questions Before buying a Duck]

5. How is the support for Spanish keyboards? Official? Is it nice?

In this thread: https://forums.hak5.org/index.php?/topic/36068-keyboard-layout-modified-spanish-keyboard-layout/

There are 2 different spanish layouts. I posted a "third" layout, but only are minor changes to one of them.

Hope this helps you.

And for the firmwares, there are new commands (like REPEAT) and improvements. I flashed my RB on Win and OSX, without issues.

[String command issues (but not always ...)]

Considering the different tests you've done, I believe that your RB is somehow damaged .

I recommend you to review the Warranty clauses in : http://hakshop.myshopify.com/pages/policy#warranty

[String command issues (but not always ...)]

I'm using the Twin Duck Firmware from here: https://github.com/midnitesnake/USB-Rubber-Ducky/blob/master/Firmware/Images/c_duck_v2.1.hex, and works like a charm.

Hope this can solve your issue.

[String command issues (but not always ...)]

In the payload, the key seems to be the delay before strings:

100 ms delay seems to works fine (as posted on the image), in contrast with the 50 ms before the command.

[use .exe files with rubber ducky]

First, you need flash the "Twin Duck" firmware on your rubber ducky: https://github.com/midnitesnake/USB-Rubber-Ducky/wiki/Firmware_Guide

Then, you can use something like this payload: https://github.com/midnitesnake/USB-Rubber-Ducky/wiki/Payload---mrgray%27s-rubber-hacks

[[Payload] [Mac OS X] Simple persistent reverse bash]

This payload only works on OSX 10.10.4 and prior (DYLD_PRINT_TO_FILE vulnerability it's corrected on 10.10.5)

[String command problem]

Yes,

First, use the encoder provided by midnitesnake on github https://github.com/midnitesnake/USB-Rubber-Ducky

Then, enconde your payload with:

$java -jar duckencode.jar -i YOUR_PAYLOAD -o inject.bin -l us

If this still inserting wrong chars, you have two options:

1. Try searching on this forum for a custom US keyboard layout and add to "resource" folder, then you need to encode with -l resources/US_CUSTOM_KEYBOARD_YOU_JUST_DOWNLOAD
2. Edit the file located in resources/us.properties and adjust to your keyboard layout

To test, try using this payload:

DELAY 2000
REM -- assuming you're using Windows by the previous example provided
GUI R
STRING notepad
DELAY 500
ENTER
DELAY 750
STRING qwertyuiopasdfghjklzxcvbnm
DELAY 500
ENTER
STRING QWERTYUIOPASDFGHJKZXCVBNM
DELAY 500
ENTER
STRING 1234567890-=
DELAY 500
ENTER
STRING !"£$%^&*()_+
DELAY 500
ENTER
STRING `[];'#,./
DELAY 500
ENTER 
STRING ~{}:@~|<>? \ |
DELAY 500
ENTER 

And see what happens.

[[Keyboard Layout] Modified Spanish Keyboard Layout]

Gracias DragsterPS!, Prefiero hablar en Inglés para seguir con el estándar del foro :)

I am using OSX with ES-ISO Keyboard, and using a custom properties, based on your file but modified by Neoelkrita (posted in other thread on this forum). Differences with Matto are:

ASCII_23 = KEY_3, MODIFIERKEY_SHIFT                                                            
// 35 #                                                       
ASCII_3C = KEY_NON_US_100                                                                                               
// 60 <
ASCII_40 = KEY_Q, MODIFIERKEY_RIGHT_ALT                                                            
// 64 @
ASCII_5B = KEY_QUOTE, MODIFIERKEY_SHIFT                                                   
// 91 [                                                                                                                                                               
ASCII_5C = KEY_MINUS, MODIFIERKEY_RIGHT_ALT                                                   
// 92 \                                                                                                                                                                  
ASCII_5D = KEY_BACKSLASH, MODIFIERKEY_SHIFT           
// 93 ]                                                                              
ASCII_5E = KEY_QUOTE, MODIFIERKEY_RIGHT_ALT
// 94 ^
ASCII_7B = KEY_QUOTE                                                
// 123 {                                                                           
ASCII_7C = KEY_TILDE                                                
// 124 |                                                                           
ASCII_7D = KEY_BACKSLASH                                     
// 125 }                                                                          
ASCII_7E = KEY_RIGHT_BRACE, MODIFIERKEY_RIGHT_ALT               
// 126 ~                                                                                       
ISO_8859_1_BA = KEY_TILDE, MODIFIERKEY_SHIFT             
// 127 º

[problems flashing ducky]

This may help:

Error: can not find main class or can not find jvm.dll https://www.java.com/en/download/help/error_mainclass.xml

[[Keyboard Layout] Modified Spanish Keyboard Layout]

I can't edit my previous post... but Matto's keyboard layout works fine in Twin Duck (it was a problem on the machine I've been testing)

[Getting email from rubber ducky]

I have looked at all of the settings in gmail and I cannot find anything that is close to "allow access from less secure application"

It's in the Google Account Settings, not the GMail settings: https://myaccount.google.com/security#connectedapps

[[Keyboard Layout] Modified Spanish Keyboard Layout]

The keyboard layout from Matto doesn't work on TwinDuck firmware (but works great on default fw!)

[String command problem]

Maybe you're using the wrong language resource. Try encoding with another keyboard language

[Getting email from rubber ducky]

Are you using GMail? If your answer is "yes", you need an extra step: allow access from less secure application in the account settings. Otherwise, check the target's firewall rules