Jump to content

Archived

This topic is now archived and is closed to further replies.

AndrewFaulds

[Version 1] Uploading Executables?

Recommended Posts

Dyndns normally should work, but surprisingly i noticed that metasploit will generate a payload that seems to resolve the dns name and use the ip adress to create the payload..

Meaning that its still not going to update the ip.. I might be wrong, but thats what I noticed when i did my experimentations..

But reverse TCP is always better than using a bind, who now doesnt own a router that blocks all the standard ports..?

Seb

Share this post


Link to post
Share on other sites

As far as the storage issue goes: you could always add a simple I2C memory chip onto the teensy that can allow for like 16mbit for a $3 chip.

Share this post


Link to post
Share on other sites
USB hub with your ducky and a flashdrive maybe?

I'm looking for more 'creative' solutions, basically I'd like everything done as Keyboard input (if I have a choice :)

What I've just thought of would be using "copy con" to construct a script, e.g.

[WinKey+R]
cmd
[Enter]
copy con quack.vbs[Enter]
object = someobject[Enter]
object.dosomething[Enter]
end[CTRL+Z]
quack.vbs[Enter]

Also one more idea: Make the ducky disconnect after delivering a payload, making it harder to detect.

Share this post


Link to post
Share on other sites

In regards of disconnecting the ducky, great idea, good that you thought of that!

I dont think copy con will work if the antivirus running (if not killed as discussed in another thread) has an instant scanning feature scanning contents of currently modified files..

Seb

Share this post


Link to post
Share on other sites
In regards of disconnecting the ducky, great idea, good that you thought of that!

I dont think copy con will work if the antivirus running (if not killed as discussed in another thread) has an instant scanning feature scanning contents of currently modified files..

Seb

Well, yes, but bear in mind most virus scanners won't know the exploit (assuming a new one), plus Ducky can create a different version every time with some crafty code.

Share this post


Link to post
Share on other sites
okay how would i get this on the teensy?

Well, you get a proto board, solder it in, attach wires, connect them to teensy and program it to use it.

Share this post


Link to post
Share on other sites
Well, you get a proto board, solder it in, attach wires, connect them to teensy and program it to use it.

well damn, im a noob. but can someone give me a design layout!

Share this post


Link to post
Share on other sites
well damn, im a noob. but can someone give me a design layout!

You need something like "Beginner's guide to embedded electronics"...

Share this post


Link to post
Share on other sites
You need something like "Beginner's guide to embedded electronics"...

well yeah.. that probably would help. lol but i like doing things the easiest way

Share this post


Link to post
Share on other sites
well yeah.. that probably would help. lol but i like doing things the easiest way

Then you're a script-kiddie and not a hacker?!

Share this post


Link to post
Share on other sites
Then you're a script-kiddie and not a hacker?!

I AM NOT A SCRIPT KIDDIE!! im just new to electronics like this!! and no the "handle" hacker07 doesn't make me a hacker

Share this post


Link to post
Share on other sites
I AM NOT A SCRIPT KIDDIE!!

Your showing signs:

CAPS LOCK

Multiple exclamation points

"hacker" in your handle

So i herd u liek mudkipz?

Share this post


Link to post
Share on other sites
I AM NOT A SCRIPT KIDDIE!! im just new to electronics like this!! and no the "handle" hacker07 doesn't make me a hacker

Read the datasheets, connect appropriate pins, program teensy to use new chip, etc. It's fairly straightforward logically, even if you're new to electronics.

Share this post


Link to post
Share on other sites
Read the datasheets, connect appropriate pins, program teensy to use new chip, etc. It's fairly straightforward logically, even if you're new to electronics.

Yes I know, I was just looking for input about how I would go about doing that. I guess here is not the easiest place to get the answer! I must find the answer myself. Thanks

Share this post


Link to post
Share on other sites
Yes I know, I was just looking for input about how I would go about doing that. I guess here is not the easiest place to get the answer! I must find the answer myself. Thanks

1) Read PDFs

2) Solder appropriate wires.

3) Program Teensy

4) ???

5) PROFIT!

Sorry to be rude, but seriously now...

Share this post


Link to post
Share on other sites
1) Read PDFs

2) Solder appropriate wires.

3) Program Teensy

4) ???

5) PROFIT!

Sorry to be rude, but seriously now...

lol we all ask a stupid question once in a while. lol ive been already working on my teensy i dont really need help its easier than i thought. i just didn't try lol

Share this post


Link to post
Share on other sites
You're right space could potentially be a problem but I know that Poison Ivy Rat server executables are only about 20KB depending on what you put in them. The Teensy documentation is woefully inaccurate on how much flash memory you get, it doesn't tell you whether the flash memory it contains is bits or bytes. My guess is it's bytes in which case you'll get approx 32 bytes. This should be more than enough for a Poison Ivy Rat installation, or a TCP backdoor, or any other small application.

A 20KB binary will be substantially larger than 20KB when you encode it as hex or even base64. I don't think this is the right way to go. What we really want is to present the Teensy as a MSD and let the PC read the file off an microSD card.

Share this post


Link to post
Share on other sites
A 20KB binary will be substantially larger than 20KB when you encode it as hex or even base64. I don't think this is the right way to go. What we really want is to present the Teensy as a MSD and let the PC read the file off an microSD card.

20KB in Hex ~40KB

20KB in Base64 ~26.6KB

Of course, you don't actually have to store them in this format. You can actually store them in binary and do the conversion on the fly.

I've actually been playing with the concept of executable uploading with base64 in the thread Fun With Base64, with a functional example.

I'm thinking about paring this up with RawHID. IE, you transfer over a small background app that uses RawHID which will enable you to silently transfer binary in the background at a much faster transfer rate.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...