Jump to content

kdodge

Active Members
  • Content Count

    149
  • Joined

  • Days Won

    4

2 Followers

About kdodge

  • Rank
    Hak5 Zombie

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. could also be a firewall issue $ sudo iptables-save will display your current firewall rules.
  2. Also buy a yearly subscription to a VPN, it will save you 99% of your headaches. Think of it as buying a piece of mind.
  3. Try here, there's *.hex files listed here https://github.com/hak5darren/USB-Rubber-Ducky/tree/master/Firmware/Images
  4. If you open a powershell.exe prompt manually, and type in the command in the script iwr -Uri [URL]/doom.jpg -OutFile 'c:\windows\temp\doom.jpg'; Set-ItemProperty -path 'HKCU:\Control Panel\Desktop\' -name wallpaper -value 'c:\windows\temp\doom.jpg' ; 1..20|%{RUNDLL32.EXE USER32.DLL,UpdatePerUserSystemParameters ,1 ,True;sleep 1}; exit what does the error say?
  5. in "wallpaper-prank" file, did you replace the phrase "(bracket)URL(bracket)" with your own url? try getting the command to work from a powershell shell first.
  6. what tool are you using to encode your scripts with? I have heard that the online tool is a little bit buggy from time to time. The best way is to use the java encoding tool. https://github.com/hak5darren/USB-Rubber-Ducky/raw/master/Encoder/encoder.jar Then to compile MyDuckScript.txt $ java -jar encode.jar -i MyDuckyScript.txt -o inject.bin in linux. If you have windows it might be something like this: C:\> java.exe -jar encode.jar -i MyDuckyScript.txt -o inject.bin But you have to make sure you have the java runtime engine installed before you can execute the .jar file
  7. If it is a driver problem, then I would expect you will have the same problem after you reinstall it, but it is something you could try. You said that the LiveUSB version of Kali also gives you crackling? Could you try a much older version of Kali LiveUSB (make sure to keep the networking disconnected when testing that, just because it will be a security hazard)? It may not have the same problems with audio that you are having right now. At least it wouldn't be too hard to test. If your audio works on an older kernel, but not on the current on, with some work you might be able to narrow down when (what kernel) audio stopped working for you.
  8. Okay, you probably need to file a bug report at https://bugzilla.kernel.org/ There's a tool that they will probably ask you to run, $ alsa-info I guess it collects a lot more info about your system, and then sends it to www.alsa-project.org automatically. But I would wait to run that until they tell you to.
  9. it might be a driver issue, but you are going to have to find out which driver it is, I'm not sure about that. maybe try a few commands to get some info about your system, (this will hopefully tell you about sound kernel modules that you have loaded): $ lsmod | grep 'snd_' and this will tell you about your sound hardware: $ sudo lshw -C sound
  10. take a look at the tool "heimdall" (apt-get install heimdall). It might start you on the correct track.
  11. kdodge

    Killswitch

    Okay, I'm sorry, I forgot the dang source file before. I just uploaded it so you can compile it yourself. If anyone is having trouble compiling it, I'm be happy to help troubleshoot. The way this works is almost identical to USBkill, it effectively polls the usb devices, and compares it to a running list of devices. if some device is plugged in that's not suppose to be there, it will initiate a shutdown command. With the source now, you can program it to run what ever command you want. I haven't looked into how you can disable a specific usb device, but the libusb library probably has that capability.
  12. So I want to create an exe that will be maybe a counter to the USB rubber ducky, for windows, that will monitor the system for new USB devices inserted into the computer, and when it finds a new device it will shutdown the computer. I didn't see anything out there so I'm working on one of my own, but it has only been tested on Linux so far (that's all that I have). Here is my first attempt if anyone dares troubleshoot it for me: https://github.com/slacker69/killswitch I got the idea from this python program here: https://github.com/hephaest0s/usbkill I will have the source code up soon
  13. Quick analysis of the site https://www.virustotal.com/#/url/45bf060ebed37ce4b2bc2063bbc389d0403f1e24ab230987e904aa96283beef1/details HTTP Response Final URL https://filma247.com/ Serving IP address 104.31.74.181 Status code 200 Body length 36.79 KB Body SHA-256 1b4409f7bc7ab21a1805402ebe764d755cc4ac56aeda187b96e20b8aa4ffce2a Headers cache-control: no-store, no-cache, must-revalidate cf-ray: 4b36fd7ecf259d97-ORD connection: keep-alive content-encoding: br content-type: text/html; charset=UTF-8 date: Wed, 06 Mar 2019 20:13:26 GMT expect-ct: max-age=7776000, enforce expires: Thu, 19 Nov 1981 08:52:00 GMT pragma: no-cache server: cloudflare set-cookie: __cfduid=d4420e706b2102195ff88a484f55edb6f1551903206; expires=Thu, 05-Mar-20 20:13:26 GMT; path=/; domain=.filma247.com; HttpOnly; Secure, ci_session=ffe3ead63af47cb953cdf59d27df027a150385f4; expires=Wed, 06-Mar-2019 22:13:26 GMT; Max-Age=7200; path=/; HttpOnly strict-transport-security: max-age=31536000 transfer-encoding: chunked x-content-type-options: nosniff x-frame-options: sameorigin x-powered-by: PHP/7.3.3 x-xss-protection: 1; mode=block You can block a single IP address with an iptables rule: sudo iptables -C INPUT -s 104.31.74.181 -j DROP 2> /dev/null || sudo iptables -I INPUT 1 -s 104.31.74.181 -j DROP should do it.
  14. Can you post your ducky script? Just a wild guess, but are you quacking "explorer.exe" somewhere in the script?
×
×
  • Create New...