innosia Posted September 21, 2012 Share Posted September 21, 2012 I am new here and plan to buy rubber ducky, here are several questions before i buy 1. How to encrypt a binary (exe) to base64 2. Is there any exe currently that can create a connection to my pc connected and using a GUI I can see how many people connected to my pc and I can remote desktop to their pc or shell it. (I understand that my pc have to be reachable from outside, which is my case and client pc can be hidden behind firewall). My target is to plugin this USB to pc and their pc will keep connecting to my server and my server can see all connected pc and start remoting or shell them. I prefer that the exe is not detected as virus. And the exe should be small enough to be encrypted as base64. Anyone can help? Quote Link to comment Share on other sites More sharing options...
Dnucna Posted September 24, 2012 Share Posted September 24, 2012 You can take a look at this article : http://www.offensive-security.com/metasploit-unleashed/Teensy_USB_HID_Attack It's with a teensy instead of a Ducky. You should be comfortable with metasploit before trying to do the same with a Ducky. If you want a GUI take a look at Armitage but it won't help technically. Quote Link to comment Share on other sites More sharing options...
innosia Posted September 25, 2012 Author Share Posted September 25, 2012 Can you help to answer how to convert exe file to base64 used by rubber ducky? I need it so that ducky can copy con a base 64 file and convert to exe and run it. Quote Link to comment Share on other sites More sharing options...
anode Posted September 30, 2012 Share Posted September 30, 2012 Can you help to answer how to convert exe file to base64 used by rubber ducky? I need it so that ducky can copy con a base 64 file and convert to exe and run it. Google a UUencoder for the base64 part (Which I believe is Unix to Unix. Back in the day ASCI was only 7 bits, so to xfer an executable, it had to be encoded to 7 bit 'bytes' for transmission) Quote Link to comment Share on other sites More sharing options...
HoodooTheGreat Posted December 1, 2012 Share Posted December 1, 2012 That's easy. Simply run a download and execute payload with your crypted rat. oh i dunno maybe use DC Quote Link to comment Share on other sites More sharing options...
Xcellerator Posted December 11, 2012 Share Posted December 11, 2012 Learning how to use metasploit would serve you better than a GUI like armitage. Armitage is great, but I'd only suggest it after you understand what's actually going on underneath. As far as a solution goes, you could make a executable through metasploit and pass it through your own encryptions and techniques to make it bypass an AV. As far as how to do this is really up to you, as anyone who finds working techniques generally keep them to themselves because revealing them means they get patched by the AV companies... Don't forget, dropping binaries can be messy and difficult to clear up afterwards. When possible, it's better to use working exploits, perhaps an RTF exploit typed out and opened by the Ducky, which then opens a meterpreter session back to you...? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.