Jerico_Tyler Posted April 16, 2010 Share Posted April 16, 2010 We're seeing plenty of ways in which the ducky can be used for bad so I figured I'd start a topic to collect all the good uses for the ducky command sets and such that would help sysadmins and other such users to help fix what their users and friends have messed up. Quote Link to comment Share on other sites More sharing options...
Guest Deleted_Account Posted April 16, 2010 Share Posted April 16, 2010 We're seeing plenty of ways in which the ducky can be used for bad so I figured I'd start a topic to collect all the good uses for the ducky command sets and such that would help sysadmins and other such users to help fix what their users and friends have messed up. Well one obvious way would be a macro to reset firewall/AV/control panel/Account/etc. settings. Another could be to use it to auto boot safe mode launch administrator account open run ---> Controluserpasswords2 --> create new user or reset password to "lamepassword" :P Not sure about the auto F8 it would have to hit f8 then wait for a delay 30+ seconds then sign in not sure if that would work or not. Quote Link to comment Share on other sites More sharing options...
Netshroud Posted April 16, 2010 Share Posted April 16, 2010 Release/Renew IP address Quote Link to comment Share on other sites More sharing options...
Jerico_Tyler Posted April 16, 2010 Author Share Posted April 16, 2010 Sorry I had to post this lol Quote Link to comment Share on other sites More sharing options...
Netshroud Posted April 16, 2010 Share Posted April 16, 2010 (edited) I LOL'ed. I still think the Ninja Ducky posted in another thread was the best so far, though. Edited April 16, 2010 by Psychosis Quote Link to comment Share on other sites More sharing options...
shadowpwner Posted April 16, 2010 Share Posted April 16, 2010 (edited) Funny you should mention that. I was discussing the possibilities of Mr. Rubber Ducky with a few of my friends fix computer issues at a local elementary school when we have free time (hi noopy!). This tool would be extremely useful to fix common problems - installing software, reconfiguring them, etc. Can anyone think of a use for this that could not have been done with the switchblade? Edited April 16, 2010 by shadowpwner Quote Link to comment Share on other sites More sharing options...
Netshroud Posted April 16, 2010 Share Posted April 16, 2010 This just does it faster than a switchblade, as Autorun has now been disabled in Windows 7 AFAIK. Quote Link to comment Share on other sites More sharing options...
will-wtf Posted April 16, 2010 Share Posted April 16, 2010 It could be used to automatically add email account's in outlook, and probably to make certain programs startup with windows (like company vpn's and other crap). It could be used to automatically install go to assist express!! :) Quote Link to comment Share on other sites More sharing options...
moocow1452 Posted April 16, 2010 Share Posted April 16, 2010 Run Process Explore from a flash drive before malware can take full control of a PC on bootup, suspend it's operation, then follow it back from whence it came and do your regedits without having to crack open safe mode, and know for sure that the malware is gone by killing the process and seeing if it comes back up. Quote Link to comment Share on other sites More sharing options...
DjMaddius Posted April 16, 2010 Share Posted April 16, 2010 You could possibly modify it enough for a really simple Linux-based mini-os. Quote Link to comment Share on other sites More sharing options...
jdogherman Posted April 16, 2010 Share Posted April 16, 2010 I think the key thing it can do is preform any set macro, so doing a task in a lab / mass workstation environment doesn't really require you to type or interact with the system if the code is setup properly. Quote Link to comment Share on other sites More sharing options...
wheeee Posted April 16, 2010 Share Posted April 16, 2010 (edited) I was thinking it'd be interesting to use them as a key... Plug in the USB and have it auto enter your user name and pass... Extremely simple, but would be nice for an IT department. Need the admin pass? Plug this in. It'd be easy to figure out what the pass was, but it may help cut down on the number of people who know it. EDIT: I understand there are other projects for this, but ... using an HID device? That's just cool :) Edited April 16, 2010 by wheeee Quote Link to comment Share on other sites More sharing options...
Sitwon Posted April 16, 2010 Share Posted April 16, 2010 Can anyone think of a use for this that could not have been done with the switchblade? Configure the BIOS. The Switchblade requires the OS to be loaded so it can execute software. The Ducky is just emulating a keyboard so it can send arbitrary key presses even w/o the OS being loaded. Imagine a computer lab environment. You can easily replicate the OS and apps across all the machines by just cloning the drive, but until now you had to setup all the BIOS settings (eg, setting the admin password and disabling removable boot media) by hand. Now you can use the Ducky to do it super fast. Quote Link to comment Share on other sites More sharing options...
jakeup13 Posted April 17, 2010 Share Posted April 17, 2010 you could use it to install an OS and software... like if you have to install windows and office and security software and a bunch of other stuff on 30 laptops for a school... oh wait thats what i have to do for a school project getting laptops for a school... lol :P thats what im gonna try to do... something to help the community get going fast for simpler things is to basically make a keylogger/macro to run on the ducky that records your keystrokes and mouse positions and clicks to the ducky which then if you had a button and a rgb led on the teensy to indicate what it was doing eg. recording(blinking green when you press when light is red), pause(blinking orange when you press while light is blinking green) , saving( blinking red when you hold button while lit green) and ready to record (green after it is done saving) .... i think this would make development easy for even the biggest n00bz... well at least the basic development... anyone else think this would help? possible? Quote Link to comment Share on other sites More sharing options...
1n5aN1aC Posted April 17, 2010 Share Posted April 17, 2010 .......anyone else think this would help? possible? well, I think the "key-logging" will be kinda dificult w/o running software ont he host machine. The only thing shared between keyboards is Caps-lock/numlock/scroll-lock status, Right? Quote Link to comment Share on other sites More sharing options...
jakeup13 Posted April 17, 2010 Share Posted April 17, 2010 i dont know for sure but arnt there usb keyloggers? so couldnt it do what thoses do? Quote Link to comment Share on other sites More sharing options...
1n5aN1aC Posted April 17, 2010 Share Posted April 17, 2010 i dont know for sure but arnt there usb keyloggers? so couldnt it do what thoses do? not really, they are just a pass-through w/ recording abilities: Quote Link to comment Share on other sites More sharing options...
jakeup13 Posted April 17, 2010 Share Posted April 17, 2010 oh 0_o.... well maybe incroperate one of those... jk... looks like no easy way out... Now code fellow devs code like never before! Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted April 17, 2010 Share Posted April 17, 2010 I used it all year to connect to network printers and shared network drives. I left two USB keys at the office. One labeled "Add Xerox Workstation to your computer" and one labeled "Add Logistics Shared Folder to your computer" Very handy since I was working from home at the time and rather than have to do a remote support session I'd just tell 'em to grab the USB key from the supply closet. Maybe that's why I got laid off..... I replaced myself with a tiny shell script. :( Quote Link to comment Share on other sites More sharing options...
Netshroud Posted April 17, 2010 Share Posted April 17, 2010 Did you take the USBs when you got laid off? Quote Link to comment Share on other sites More sharing options...
Charles Posted April 17, 2010 Share Posted April 17, 2010 I used it all year to connect to network printers and shared network drives. I left two USB keys at the office. One labeled "Add Xerox Workstation to your computer" and one labeled "Add Logistics Shared Folder to your computer" Very handy since I was working from home at the time and rather than have to do a remote support session I'd just tell 'em to grab the USB key from the supply closet. Maybe that's why I got laid off..... I replaced myself with a tiny shell script. :( Nice way to go about it! Making your life easier. Man, it would be so nice to distribute some like that to the stores we support at work.. but then we'd be out of a job too. Did you take the USBs when you got laid off? I hope so, it is definitely a good tool. Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted April 18, 2010 Share Posted April 18, 2010 Did you take the USBs when you got laid off? Nope. :( Quote Link to comment Share on other sites More sharing options...
requiem Posted April 18, 2010 Share Posted April 18, 2010 Darren I had an idea for a "payload" for your ducky! Typing in your gmail password :D Quote Link to comment Share on other sites More sharing options...
Nescire Posted April 18, 2010 Share Posted April 18, 2010 (edited) Need the admin pass? Plug this in. It'd be easy to figure out what the pass was, but it may help cut down on the number of people who know it. Yeah sure so you give the usb key which is just performing the admin login via keystrokes to everybody and why would that cut down the number of people knowing the password? ...So Maybe i just open a texteditor and look what this nice admin usb key is typing, oh great that the login... Not the best idea to use the rubber ducky Edited April 18, 2010 by Nescire Quote Link to comment Share on other sites More sharing options...
wheeee Posted April 18, 2010 Share Posted April 18, 2010 Yeah sure so you give the usb key which is just performing the admin login via keystrokes to everybody and why would that cut down the number of people knowing the password? It wouldn't really, but think of an IT department and how many people still write the passes on postit notes... I don't see it as cutting down on the number of semi-smart people getting access to it, just the people that would install limewire or some crap. It's a slightly less visible means of storing the password. IT WAS JUST THE FIRST THOUGHT I HAD!!!... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.