Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Bob123

  1. Oh I totally agree Rkiver. It's not mine so I don't care. They are entitled to do whatever they want. It just cracks me up that they specifically state they are protecting themselves from viruses by doing this. It's comforting to know that the people who make more than me are really smart. (Sarcasm)
  2. Question. The company I work for is sooooo scared of getting a virus so they installed bitlocker on my machine. I've had machines with bitlocker in the past and it is what it is. But for some reason this time around they have it set so when I plug in a flash drive it says I need to allow bitlocker to encrypt it or I won't be allowed to write to it. I can only read from the flash drive. Is it just me or is this really stupid??? Just for shits I brought in a flash drive with a pdf manual on it and sure enough I could open it and copy it to the computer. So how are we preventing viruses this way?
  3. Twinduck firmware gives you storage capabilities for the files. Then in your inject.bin have it find the drive letter for the ducky and call the file. Or have it call a bat file which then calls your file.
  4. Glad it's working for you jack.slack.
  5. You can access the console via Ethernet. You could also write a payload for switch position 1 that enables serial as well as Ethernet.
  6. Yay it works. I had a few issues, first being the original payload.sh I renamed to payload.sh.old, yeah it didn't like that. So I removed that. I also had a bunch of install scripts for the python libraries I had to manually load in, don't know for sure if it didn't like them but I also cleaned them out of switch2. I also took the time to program in the button and put it in a loop. So now when the payload loads, I get NAT (which I still want to understand better (see the end of my post)) and then waits till I press the button. Then after a button press my device turns a light on via the python script I wrote. Another press of the button shuts the light back off. And so on. Nothing special, just a proof of concept. Next what I'm after is my original question, besides running the packet squirrel inline with my network and my device, I'd like to see if I can just plop the packet squirrel on my network and have it see the device on my main network rather than the packet squirrel assigning it an IP like it does in NAT.
  7. No I wrote my own python script and then my own payload.sh to call that python script. It has nothing to do with what would normally be on switch 2. I could have picked any switch but I have usable payloads on switches 1 and 3 which is why I chose switch 2. But yes I'm going to look into delaying it and also I want to try to get the button to work as well. And to keep it simple, my python script talks to a device that turns on and off a light. That all works so I'm not concerned about that. I just want to understand what the two Ethernet ports do on a switch position vs arming. Cause again I can manually trigger it in arming mode all day long. Thanks.
  8. Hello. So I have a python script I'd like to have the packet squirrel run. I put the script and a payload.sh that calls the script on switch2. From arming mode I can run that script and it works. But from the switch2 position it doesn't work. The python script has a set IP for a device it's going to communicate with and I can do one of two things, I can put the packet squirrel inline with the device or I can just plop the packet squirrel on the same network as the device. Which is recommended? If I just plop it on the network which port do I use? Which network mode should I have it in? The network is DHCP and the device has a known address. All I need the packet squirrel to do is get an IP and run the python script. Any help would be great. Thanks.
  9. This is why I scratch my head to powershell. Again not sure if this helps or not but this: Get-WmiObject Win32_NetworkAdapterConfiguration | where { $_.MACAddress -notlike $null } | Select-String -InputObject {$_.IPAddress} -Pattern '\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b' -AllMatches |%{$_.Matches}|%{$_.Value} Only displays IPv4 addresses. Yay if nothing else I learned a lot.
  10. Well maybe this will help, maybe it won't. But if you type this into powershell: Get-WmiObject Win32_NetworkAdapterConfiguration | where { $_.MACAddress -notlike $null } | Select-String -InputObject {$_.IPAddress} -Pattern '\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b' It'll grab / display the IPv4 and IPv6 only. I still can't figure out how to cut the IPv6 part and it's really bugging me. Then if you type this: Get-WmiObject Win32_NetworkAdapterConfiguration | where { $_.MACAddress -notlike $null } | Select-String -InputObject {$_.IPAddress} -Pattern '\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b' | Out-File ./test.txt It'll do the same thing but save it to a file. Hope this helps a little. I don't do much with powershell so this is a learning experience for me. Would like to see the whole payload when you have it complete.
  11. I agree with Jtyle6 and have always assumed this was just power. However if you do get this to work please share as that would open up a whole bunch of options. Or Hak5 is there's a firmware update that would unlock that feature...again that would be awesome!
  12. I'd try a different micro SD card and like Jerk mentioned above, try a different micro sd card reader to put the inject.bin on it.
  13. Could you start a new thread and describe what your trying to do when you mean run multiple scripts?
  14. To my knowledge you can't get internet in arming mode. Everything I needed to do on the internet I did through switch 1. I know it's not the answer your looking for but I hope it helps some.
  15. Bob123

    file location

    Thanks guys that's exactly what I needed. I got the install script to work since pip was upset. And my python script works too! Thanks for the help!
  16. I'm sure this has been asked and explained in the past but I just can't find it. When I plug the bunny in in arming mode, the files I see, where are they located when I SSH in through serial or ethernet? I cannot find the switch positions through a terminal. I'm trying to install some python files and pip isn't happy so I want to just drag and drop them somewhere and then see them in the terminal window. I just don't know how to get to say the loot folder or a switch folder. I'm not sure where they are hiding. Any help would be great. Thanks.
  17. It would be nice to sell this all together for $400 plus shipping. All items in perfect condition. Will try to include whatever stickers and documentation I have as well. US only please. Unless you can guarantee the money and take responsibility for the shipping and customs charges. 1x wifi pineapple mark v 2x rubber ducky 1x lan turtle 1x bash bunny 1x packet squirrel All are in perfect condition and only used a few times to answer questions on here and test a few of my own scripts.
  18. Ok I really hope your take away from my helpful hint wasn't to only do what you did above. There are several payloads that you mentioned didn't work. Several of those use ducky script or have many commands tight together which is why I mentioned adding some delays between the commands. You do understand that what you did above will do absolutely nothing right? Did you see the part where I said verify the code works? USB exfiltrator by itself copies only pdfs and works just fine. Do you have pdfs in your documents folder? Did you try doing an xcopy from your bb to see if you could even copy those pdfs to your bb? Comment out or delete the hidden commands in the files and watch what powershell does. Are you getting errors? You could also remove the whole caps lock blinking. I usually do. Makes it a bit more stealthy.
  19. @Xyvir Sorry I just noticed your post. I don't visit here much anymore as the forums are pretty much dead. 😞 But here's the link that SelfTaughtDude was talking about: https://github.com/hak5darren/USB-Rubber-Ducky/blob/master/Encoder/resources/keyboard.properties
  20. You need to modify the delays and add delays. Take a payload you want to run, make it painfully slow, and verify each step. Then when it works, start to speed it up until it no longer works. 99% of these payloads are too aggressive and never work for me out of the box. I always have to slow them down a bit. If you search around in this section of the forums or even the rubber ducky part, you'll see me say that a bunch of times.
  21. Bob123

    red led

    Have y'all tried a different firmware on the duck? Try twin duck and see if that helps at all. Mine are on that firmware and I've never run into this issue.
  22. Dumb question but did you take that notpad file and convert it into an inject.bin file? https://docs.hak5.org/hc/en-us/articles/360010555093-My-USB-Rubber-Ducky-shows-a-solid-red-LED-now-what-
  23. I know I didn't mean to. This one was more directed towards justLooking but then thought others might not see my general question. Let me know if you want me to remove any or all.
  24. Hello everyone. I have an interesting question that I hope someone can answer. Basically what I'm after is, a standard 64bit Kali or Parrot VM that you can download that comes with all the pentesting tools like metasploit...can you actually hack a Win10 64 bit box with it? I'm asking because I went through the cyber mentor's online class, I follow hackersploit's youtube videos, and there seems to be something wrong and I'm just not so sure it's me anymore. I have two Win10 VMs and now the same but physical, on two networks and all I want to do is pivot. I have usernames / passwords. I've dumbed them down to accept msfvenom payloads...They just don't want to work. My findings so far have been: a 64bit payload and listener work, but then meterpreter, getsystem, and other commands don't seem to work. A 64bit payload and 32bit listener don't work. A 32bit payload and listener work, commands work, but I don't get anywhere. The commands don't error out or stall...but they just don't give me proper info and I think they are trying to tell me that I need 64bit payloads and listeners. I'm assuming Armatige is only 32bit since I can't get anything 64bit to work. Psexec doesn't want to work even though the usernames / passwords are mine since I created them. I'm just stuck. And what makes it very interesting is I never had this issue with WinXP back in the day. So I get that Win10 could be a road block because it's different...but are Kali and Parrot with their version of metasploit also a potential road block? Am I missing something? Will this only work with the paid version of metasploit pro??? It just bugs me cause the cyber mentor never had an issue. Hackersploit did a video on pivoting. He didn't show what was behind the scenes but I followed his commands to the T and it still wouldn't work. I've followed several Medium posts and it hasn't helped... Any help would be great. Thanks.
  25. So I'm going to ask a question here and maybe even make my own topic on it cause this ones a bit interesting... So the issues I'm running into seem to really stem from the architecture. The win10 VMs from cyber mentor and now my physical win10 boxes that I'm practicing on are all 64bit. The vanilla style (if you will) metasploit that comes with both Kali and Parrot can do both 32bit and 64bit...but can it really do 64bit? Or is this really something that is more tailored for metasploit pro which is paid for? I'm about to start testing on win10 32bit just to see if any of these issues go away. Cause with my kali and parrot VMs, I'm to the point where I can't even get psexec to work. Which makes no sense since I know the username/password...since I created them for the box. Anytime I'd create a 64bit payload through msfvenom my listener would crash very quickly. And that was due to using a 32bit listener. A 64bit listener would work but then none of the commands or options seem to work. A 32bit payload and listener work best...but then it seems like "getsystem" and trying to get the hash don't seem to work. And I had zero problems back in the day when I had a winxp setup...
  • Create New...