[Mr Robot Hack]

See, that's the thing. I know we are just being a bunch of script kiddies and that is why AV is detecting us, but there needs to be a way to go unnoticed. I mean, that is the purpose of this isn't it?

[Mr Robot Hack]

cool, will check it out this evening. Thanks

[Mr Robot Hack]

What the hell?

[Mr Robot Hack]

Yes, that will be great. Happy Turkey Day

[Mr Robot Hack]

4 hours ago, Enzym3 said:

 

I made a payload to steal Windows credentials as well as stored browser passwords, then save the output txt documents to the ducky. I coded it on a Sunday a few weeks back and haven't had the time to go back and clean it up and add all the additional features that I want to yet, but you can see how it works in a video I posted showcasing it. Instead of explaining it all again, you can see more about it in the description of the video. Oh, and I used the on-screen keyboard in the video just to show that the script is set to fire on an LED toggle (caps lock, num lock, or scroll lock key press). Otherwise, it wouldn't have been obvious that I pressed a button on the keyboard to fire it.

Although I wanted to wait until I was finished editing it how I want it, since I've been busy with work, I'll gladly share my source code if anyone is interested. Just leave a comment on the video and I'll get in contact with you (I see YouTube notifications much easier than PMs on here, although I'll eventually catch either one).

 

 

Would love to get a copy of that payload.

[Mr Robot Hack]

Well I attempted to put the mimikatz.exe on the ducky sd with the inject.bin file, but that didn't work. I turned off AV  and Firewall just to rule out that and still nothing. I am thinking your right. It has to be an I'm.ps1 script.

[Mr Robot Hack]

I can get the code "15secondhack.txt" to run but it doesn't place a txt file on the ducky drive. Am I doing something wrong?