Jump to content
Hak5 Forums

KCSEC

Active Members
  • Content Count

    9
  • Joined

  • Last visited

About KCSEC

  • Rank
    Hackling

Contact Methods

  • Website URL
    https://www.ivoidwarranties.tech/
  1. KCSEC

    Sdcard

    The twin duck firmware adds the feature for the memory card to be used as mass storage. flash that firmware and should be good to go.
  2. KCSEC

    Scripts not auto-starting

    What firmware are you using?
  3. Added updated and easier to read readme.txt - Added categories KCSEC Ducky-Payloads KCSEC Ducky-Payloads To Host-Payloads Packages
  4. Added new and working with the latest windows 10 Fodhelper UAC bypass to execute Empire Launcher. https://github.com/KCSEC/USB-Rubber-Ducky/tree/master/KCSEC-Payloads ** FOR BOTH TWIN DUCK/SPECIAL 2 ** Fodhelper bypass to Empire Launcher ** Key info ** * Twin Duck Special 2 required (See Ducky Flasher OR Firmware list) * This version has a delay added to allow the USB Storage to mount * Drive must be called KCSEC to work (Can be changed in ducky code) * Empire-launcher.ps1 Must be changed to have the right IP/Port * Ducky_code.txt shows inject.bin decoded (Not needed for setup) ** Explaination ** Ducky commands runs a hidden powershell calling the fod.ps1 This bypasses UAC and runs the Empire Launcher with admin rights without a UAC prompt More info on fodhelper UAC bypass here https://pentestlab.blog/tag/fodhelper/
  5. Added new and working with the latest windows 10 Fodhelper UAC bypass to execute meterpreter reverse shell. This Rubber ducky module for TwinDuck original https://github.com/KCSEC/USB-Rubber-Ducky/tree/master/KCSEC-Payloads/fodhelper-UAC-Metashell--TwinDuck-Orginal Fodhelper bypass to Metasploit reverse shell ** Key info ** * Twin Duck orginal required (See Ducky Flasher OR Firmware list) * This version has a delay added to allow the USB Storage to mount * Drive must be called KCSEC to work (Can be changed in ducky code) * meterpreter-32.ps1 Must be changed to have the right IP/Port * Ducky_code.txt shows inject.bin decoded (Not needed for setup) ** Explaination ** Ducky commands runs a hidden powershell calling the fod.ps1 This bypasses UAC and runs the metasploit shell with admin rights without a UAC prompt
  6. Added new and working with the latest windows 10 Fodhelper UAC bypass to execute meterpreter reverse shell. This Rubber ducky module for TwinDuck Special 2 .... Will released a standard twinDuck version 2 soon. https://github.com/KCSEC/USB-Rubber-Ducky/tree/master/KCSEC-Payloads/fodhelper-UAC-Metashell--TwinDuck-special2 ** Key info ** * Twin Duck Special 2 required (See Ducky Flasher OR Firmware list) * Drive must be called KCSEC to work (Can be changed in ducky code) * meterpreter-32.ps1 Must be changed to have the right IP/Port * Ducky_code.txt shows inject.bin decoded (Not needed for setup) ** Explaination ** Ducky commands runs a hidden powershell calling the fod.ps1 This bypasses UAC and runs the metasploit shell with admin rights without a UAC prompt
  7. KCSEC

    UAC Bypass windows 10

    I've got it running on a VM at the moment but yeah LEFTARROW ENTER does not seem to work anymore on windows 10. Could be the VM, will try a local machine just to be sure.
  8. Hello Everyone, Were creating an updated fork of the Rubber Ducky repo on github https://github.com/KCSEC/USB-Rubber-Ducky Toolkit changes so far * Updated Ducky-Flasher * Firmware version list & Infomation * KCSEC fodhelper UAC bypass to Meterpreter payloads (TwinDuck+TwinDuck Special 2) * KCSEC fodhelper UAC Bypass to Empire Launchers (TwinDuck+TwinDuck Special 2) In Development *Twin Ducky Specific Payloads for local exfiltration * 2018 working payload list for windows 10 - MimiKatz - KeyLogger * 2018 working payload list for windows 7 Want to request a payload idea ? Feel free to comment or post for any payload ideas
  9. KCSEC

    UAC Bypass windows 10

    Hello, So trying to create a script for windows 10, Here is the example code DELAY 1000 GUI r DELAY 200 REM Prompt UAC for PSH STRING powershell Start-Process powershell -Verb runAs ENTER Now the UAC prompt starts in the back ground, so need something like ALT+TAB ALT LEFT LEFT ALT Y However Can't get it to work correctly any ideas ? ALT TAB brings up the menu and then need to keep holding ALT then nav left twice to be on the UAC prompt
×