charliechar_

I don't know what else you are expecting me to tell you but go on, i guess.

This most certainly is the answer of why your code is not being executed on the go. Another workaround is leaving it as-is and pressing the I/O button on the Rubber Ducky to execute it (don't know if it is meant for it, more given the fact that you have to have the rubber ducky "naked" to press it) If it doesnt work with 100 (1 tenth of second delay) try with 500 (half a second) and 1000 (full second) There might be other problems within your code that prevent the payload from running, such as misspellings or missplaced DELAY blocks, so check for those erros too Within a factory-configured PC (meaning you didn't do any strange stuff on registry or similars) you cannot by any means call a commamd prompt in the logon screen, as that would be a major security flaw. But that's not the Rubber Ducky's duty, but rather the OS one. There are certain options, like changing the registry entry that links the log on ease of acces button with the ease of acces executable and change it with cmd.exe, so it opens a fully elevated command prompt. But that certainly needs you/someone changing the target's computer registry beforehand. You could also have a windows 10 recovery image, in which I recall you can acess an elevated commamd prompt -I don't remember if with limited capabilities- but that is rather time comsuming, having to boot up from a preconfigurated usb first -or even from rhe rubber ducky itself with the correct configuration- TL;DR: No, you can't. I don't rember much from CMD/powershell syntax but I'm rather sure you can with any of them. But again, you can't call a CMD/powershell shell on log on in normal conditions I don't think ou can do it without changing somthing on the RD firmware (or even hardware) first. Look arround, but the Bash Bunny (also from Hak5) is more of an appropiate tool for multi-vectorial attack. I'm on the same boat as you here. I suggest you to understand duckyscript syntax and Windows CMD and powershell syntax first before trying to do some "L33t H4ck3r" stuff. As for the bypass, i am myself still figuring out how it works. So can't help you on this Not sure on this one either, but to imteract with the own's rubber ducky memory you need to flash tHe hybrid HID-USB storage firmware on the rubber ducky, as with the retail firmware -as I explained above- it only works as HID. I recommend you to try and mske a paylod that downlosds the file from the internet into the target computer first rather than execute it from the RD itself, as you don't need to change the firmware at all.

Clarification: it will launch the payload, but the PC won't detect it

I'm new here, so I don't know if my answers will be accurate, but: 1: If you didn't flash anything onto the RD, more if It's a newer version, it SHOULD NOT be detected as a normal USB drive when plugged in, meaning it should not appear in the explorer, but rather detcted as a keyboard. So it's actually more normal that you don't detect a thing in the explorer when connecting the rubber ducky. 2: This also happened to me at the beggining. Did you added a delay just at the beggining of the code? If you didn't, the rubber ducky will probably start to throw keystrokes faster than the PC can recognize something was plugged in, so it won't launch the payload DELAY 100 should do the trick. Again, if you didn't flash anything different than the retails firmware, it should strat to execute the payload as soon as it is plugged. 3: You can, but it'll probably just start to write on the password text field, since you can't do much else on the logon screen without touching registry keys. If the user has no password, adding two ENTER at the beggining of the script should be sufficient to enter the desired user (Windows 10) 4: Don't know much about apple products, can't answer this one 5: Someone else should answer this, but i think you can without, again, modyfying the software inners of the rubber ducky: Why would you want tho? You can do pretty much anything with just the keyboard. (And what is the advantage of the rubber ducky being detcted as a printer? imo, useless)

So, I recently bought a USB Rubber Ducky and have been testing payloads with my own computer... but, since I got UAC enabled to the maximum level, each time something is executed through the run window, since is supposedly executed with elevated privileges, the UAC pops up and disturbs the payload. That brought me to the payload generator, which has 4 options, two offline and two online, with and without the bypass. What are those for? How does it work? Do I need to put it onto the payloads to not have problems when a UAC window pops up?