Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won



About kuyaya

  • Rank
    Hak5 doggo
  • Birthday April 8

Contact Methods

  • Website URL

Profile Information

  • Gender
  • Location
  • Interests
    everything interesting.

Recent Profile Visitors

1,986 profile views
  1. It's literally the first topic in the BashBunny section
  2. Depends on what you want to do If I had to choose, I'd get the croc
  3. A broken harddrive is different from a locked phone, I'd rather compare a locked phone with a locked harddrive (e.g. with bitlocker) The police sure can pull the data from the phone, however they probably won't do this with a rubber ducky/bash bunny. A harddrive, if protected good enough, is not recoverable (imo).
  4. In the your payload.txt, put DUCKY_LANG es
  5. I agree with Bob123. I don't see them as out-of-the-box payloads, but more as templates. You need to adjust them to your own machine/scenario
  6. You cannot do such things with a rubber ducky unless you know the pattern/pin. The best thing you can do is: 1. If you have an android, try using google's phone recovery service. If you logged in with your google account on your android you should be able to recover your files. 2. If you have an apple phone, try using apple's phone recovery service. If you logged in with your appleID/iCloud on your iOS phone you should be able to recover your files.
  7. Yes, from the BashBunny. There is however something called the "twinduck" firmware, which is however not supported or maintained, it's a community project. The BashBunny can act as 1. Mass storage 2. RNDIS_Ethernet, ECM_Ethernet 3. HID (keyboard) 4. Serial The RubberDucky only acts as a 1. HID (keyboard) So I'd go for the bunny
  8. Probably not by default. You'd have to obfuscate it first.
  9. Uhm, the Hak5 shop stopped selling it like 8 weeks ago. It's not "a few days". It's totally possible that their stock got also sold out after 8 weeks, especially when people realise it's not fabricated anymore. I don't think that there are "dangerous hacking features" that they are afraid of "us" finding about. Sounds a bit like a conspiracy theory. I mean, if it had those dangerous features, they could sell more of them, which would make them more money. So I don't think that's the case. Maybe it just wasn't worth it anymore producing it.
  10. Yes it only does output windows passwords. I know that this is not from the browser, but if you have outlook installed (the app) and click on "remember my login", it will get it in plaintext. So you could just download the app, set it up for your fake gmail account and it should work. Or what would also be interesting, is that you could try to then use Pass the Hash (with the hash you got from Mimikatz) and get remote access with that. Does the Mimikatz, which I sent you, work?
  11. Finished with the whole Invoke-Mimikatz payload 🙂 However, it doesn't save it in a file. It just outputs it to the terminal (powershell). It wouldn't be hard to save it to a file, if you want it that way. Update: It does now save it to a file :).
  12. Okay, so the problem is that LaZagne gets removed by Windows Defender (even if you set exclusions) which pretty much screwed up most of my work on the payload. Maybe the same happens to Garfield, idk. So I assume an Invoke-Mimikatz is also fine? If you have a presentation and you could show it type crypto-stuff and then output mimikatz, that'd be even cooler, right? I'm just gonna work ~15min on the Invoke-Mimikatz one and then send it to you. Of course with the SMBBruteBunny included. Another question: are you gonna show it on a fresh Windows 10 VM with just some passwords
  13. Hm okay, so I've tried to think of a way to achieve this without having to install the app. I thought about a captiveportal which uses javascript to vibrate the phone. However, that's only going to work if the user opens the phone and then the captive portal pops up. Does anyone maybe have an idea?
  • Create New...