Jump to content
Hak5 Forums

KCSEC

Active Members
  • Content count

    8
  • Joined

  • Last visited

About KCSEC

  • Rank
    Hackling
  1. KCSEC

    Scripts not auto-starting

    What firmware are you using?
  2. Added updated and easier to read readme.txt - Added categories KCSEC Ducky-Payloads KCSEC Ducky-Payloads To Host-Payloads Packages
  3. Added new and working with the latest windows 10 Fodhelper UAC bypass to execute Empire Launcher. https://github.com/KCSEC/USB-Rubber-Ducky/tree/master/KCSEC-Payloads ** FOR BOTH TWIN DUCK/SPECIAL 2 ** Fodhelper bypass to Empire Launcher ** Key info ** * Twin Duck Special 2 required (See Ducky Flasher OR Firmware list) * This version has a delay added to allow the USB Storage to mount * Drive must be called KCSEC to work (Can be changed in ducky code) * Empire-launcher.ps1 Must be changed to have the right IP/Port * Ducky_code.txt shows inject.bin decoded (Not needed for setup) ** Explaination ** Ducky commands runs a hidden powershell calling the fod.ps1 This bypasses UAC and runs the Empire Launcher with admin rights without a UAC prompt More info on fodhelper UAC bypass here https://pentestlab.blog/tag/fodhelper/
  4. Added new and working with the latest windows 10 Fodhelper UAC bypass to execute meterpreter reverse shell. This Rubber ducky module for TwinDuck original https://github.com/KCSEC/USB-Rubber-Ducky/tree/master/KCSEC-Payloads/fodhelper-UAC-Metashell--TwinDuck-Orginal Fodhelper bypass to Metasploit reverse shell ** Key info ** * Twin Duck orginal required (See Ducky Flasher OR Firmware list) * This version has a delay added to allow the USB Storage to mount * Drive must be called KCSEC to work (Can be changed in ducky code) * meterpreter-32.ps1 Must be changed to have the right IP/Port * Ducky_code.txt shows inject.bin decoded (Not needed for setup) ** Explaination ** Ducky commands runs a hidden powershell calling the fod.ps1 This bypasses UAC and runs the metasploit shell with admin rights without a UAC prompt
  5. Added new and working with the latest windows 10 Fodhelper UAC bypass to execute meterpreter reverse shell. This Rubber ducky module for TwinDuck Special 2 .... Will released a standard twinDuck version 2 soon. https://github.com/KCSEC/USB-Rubber-Ducky/tree/master/KCSEC-Payloads/fodhelper-UAC-Metashell--TwinDuck-special2 ** Key info ** * Twin Duck Special 2 required (See Ducky Flasher OR Firmware list) * Drive must be called KCSEC to work (Can be changed in ducky code) * meterpreter-32.ps1 Must be changed to have the right IP/Port * Ducky_code.txt shows inject.bin decoded (Not needed for setup) ** Explaination ** Ducky commands runs a hidden powershell calling the fod.ps1 This bypasses UAC and runs the metasploit shell with admin rights without a UAC prompt
  6. KCSEC

    UAC Bypass windows 10

    I've got it running on a VM at the moment but yeah LEFTARROW ENTER does not seem to work anymore on windows 10. Could be the VM, will try a local machine just to be sure.
  7. Hello Everyone, Were creating an updated fork of the Rubber Ducky repo on github https://github.com/KCSEC/USB-Rubber-Ducky Toolkit changes so far * Updated Ducky-Flasher * Firmware version list & Infomation * KCSEC fodhelper UAC bypass to Meterpreter payloads (TwinDuck+TwinDuck Special 2) * KCSEC fodhelper UAC Bypass to Empire Launchers (TwinDuck+TwinDuck Special 2) In Development *Twin Ducky Specific Payloads for local exfiltration * 2018 working payload list for windows 10 - MimiKatz - KeyLogger * 2018 working payload list for windows 7 Want to request a payload idea ? Feel free to comment or post for any payload ideas
  8. KCSEC

    UAC Bypass windows 10

    Hello, So trying to create a script for windows 10, Here is the example code DELAY 1000 GUI r DELAY 200 REM Prompt UAC for PSH STRING powershell Start-Process powershell -Verb runAs ENTER Now the UAC prompt starts in the back ground, so need something like ALT+TAB ALT LEFT LEFT ALT Y However Can't get it to work correctly any ideas ? ALT TAB brings up the menu and then need to keep holding ALT then nav left twice to be on the UAC prompt
×