Jump to content

[Encoder] Duck Encoder V1.2 Released 10/4


Recommended Posts

Duck encoder V1.2 is out. Enjoy!

http://www.hak5.org/duckencode.jar

V 1.2

-CRLF fix

***********

V 1.1

-Minor bug fixes

***********

V 1.0

-Release

Email Jason@Hak5.org with the subject Duck Bug to report bugs.

Duck Script Commands :

ALT [END | (ESCAPE | ESC) | F1...F12 | Single Charters | SPACE | TAB]

BREAK | PAUSE

CAPSLOCK

CONTROL | CTRL [(BREAK | PAUSE) | F1...F12 | (ESCAPE | ESC) | Single Charters]

DEFAULT_DELAY | DEFAULTDELAY [Time in millisecond * 10]

DELAY [Time in millisecond * 10]

DELETE

DOWNARROW | DOWN

END

ESCAPE | ESC

F1...F12

HOME

INSERT

LEFTARROW | LEFT

MENU | APP

NUMLOCK

PAGEDOWN

PAGEUP

PRINTSCREEN

REM

RIGHTARROW | RIGHT

SCROLLLOCK

SHIFT [ DELETE | HOME | INSERT | PAGEUP | PAGEDOWN | (WINDOWS | GUI)

| (UPARROW | DOWNARROW |LEFTARROW | RIGHTARROW) | TAB]

SPACE

STRING [a...z A...Z 0..9 !...) `~ += _- "' :; <, >. ?/ \|]

TAB

UPARROW | UP

WINDOWS | GUI

Link to comment
Share on other sites

DEFAULT_DELAY doesn't work correctly in v1.2. The defaultDelay variable gets decremented until it hits 0, but is never reset back to it's original value for the next iteration of commands. I worked around this by creating a temp variable each time the default delay was added to the commands. Also, the if statement preceding the default delay loop seemed awfully complex, so I simplified it slightly:

if (!delayOverride &amp;&amp; defaultDelay &gt; 0){
    //copy the defaultDelay into a new integer so we can use it more than once
    int temp = new Integer(defaultDelay);
    while (temp &gt; 0) {
        file.add(Byte.valueOf((byte)0));
        if (temp &gt; 255) {
            file.add(Byte.valueOf((byte)-1));
            temp -= 255;
        } else {
            file.add(Byte.valueOf((byte)temp));
            temp = 0;
        }
    }
}

Link to comment
Share on other sites

One thing that I think would be useful in the 1.3 firmware release would be nesting of keypresses.

I'm not sure if anyone else has run into this issue yet, but being able to allow for multiple simultaneous keypresses would be beneficial in a lot of situations.

I started thinking about this when attempting to find a workaround for seanuk in the following thread post.

http://forums.hak5.org/index.php?showtopic=21118

I tested the use of ALT 93 to return the \ character to no avail. After further testing, it seems that when ALT is used, it is implied to be held down until the next keypress and is then released.

I know that other macro recording software will use bracketing for syntax to emulate multiple simultaneous keypresses.

An example would be:

[ALT] 93 [/ALT]

or... [CTRL] [ALT] DELETE [/ALT] [/CTRL]

Has anyone else run into a situation where this would be useful? Do you have other possible solutions? Did I completely miss the obvious?

Overall, I'm loving my USB Ducky. I have written quite a few payloads, but unfortunately they are for my corporate environment so they are not able to be shared. I will however try to neuter them to a point that they can be posted because I think the community could have some fun with them.

Hak5, awesome as usual, and I look forward to the evolution of this project!

- c0ncealed

Whitehat infosec apprentice... Red team menace...

Link to comment
Share on other sites

  • 1 month later...

I just ordered one, wish I knew about these problems before I did =( the main reason I bought this rather than a blank teensy board was because I thought it would be less hassle. Has the firmware been updated yet? (I'm from UK)

not that i know of! hopefully soon.. i cant wait for mass storage on sd card! it was scheduled to be out this month!!

Link to comment
Share on other sites

  • 9 months later...
  • 5 weeks later...

Can you help to post software to encode exe file into ducky script? example like below, so I dont have to find the problems of why teensy base64 encoder does not work for me.

STRING aksjdhik219837293842934822389482934

ENTER

STRING 10928930192309123019380ksjdjksdfkhsjf

ENTER

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...