Search the Community
Showing results for tags 'replace'.
I'm stuck while working on a prank payload. While the target computer is locked or logged off, I'm trying to find a way or see if it's even possible to copy a single file from the BB onto the target computer either into multiple Users folders or searching for a specific named file and replacing them with the file on the BB. Since the target computer would be locked or logged out, using the command prompt or powershell scripts is out of the question. I'm thinking that anything done would have to be solely done on the BB side, setup as say the SMB_Exfil payload only in reverse with the BB setting up as an SMB server, copy the file from the BB to an SMB temp folder, pulling the targets IP, and either copying the file over to the target computer or searching for a file name within the target computer from the IP address and replacing it with file. I'm just thinking out loud since I'd started working on this and using a CMD script to do the job (which works so far, but I'm still testing it), but wanted to see if it was possible to remove the CMD script for this to be accomplished without needing to be logged into the computer. If it takes learning python to write a script for the BB to be able to do this I'll do it, but I'd rather ask if anyone else thinks or knows it would be possible. Any thoughts?
Ello everyone, I am very new with the ducky, and I am looking for some help. As I understand, powershell must be installed for any of the "Duck Toolkit" payloads to work. I was interested in DNS poisioning, but I cant get it to work correctly. I even tried to remove the command prompt section and have an administrative cmd already up and running before I plugged in my ducky. Everything went smoothly, but it still did nothing. I have disabled all my anti-virus programs and even tried a few random other DNS poisioning/host mod scripts that I randomly found on here and other websites. No luck. Is there a way to: 1. copy "hosts.txt" (pre-created file) from my single ducky sd card to the \Windows\System32\drivers\etc folder 2. delete "hosts" file in \Windows\System32\drivers\etc folder 3. rename "hosts.txt" to just "hosts" Please, no powershell. It seems pretty simple, but I still have no idea what I am doing.