Jump to content

Payload Wallpaper Prank

HarryT

By HarryT
in Questions

 Share

Recommended Posts

digip Newbie

digip

Posted
Posted

Have to show us the code and what you did, but if its the one from like season 1, which I believe used a bat script in the start up folder, just remove the bat script. Need more info on what you did and used though. Also, if this was code you got somewhere else, be careful what you mess with. Might be more than just a wallpaper prank in the code!

Link to comment
Share on other sites
HarryT Newbie

HarryT

Posted
  • Author
Posted

Hi - Thanks for replying.

The payload is right off the hak5 forum (payload 1 in the list) -

GUI d

DELAY 500

PRINTSCREEN

DELAY 100

MENU

DELAY 300

STRING V

DELAY 40

STRING D

DELAY 300

GUI r

DELAY 700

STRING mspaint

ENTER

DELAY 1200

CTRL v

DELAY 500

CTRL s

DELAY 1000

STRING %userprofile%\a.bmp

ENTER

DELAY 500

ALT f

DELAY 400

STRING K

DELAY 100

STRING F

DELAY 1000

ALT F4

DELAY 300

GUI d

Appreciate the reply !

Harry

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted (edited)

That links not working but I'd say remove the script that loads the prank, and reboot, you should be fine after that,but can't be sure since what you pasted, not sure whats running that code. Is that from the USB Rubber Ducky or some other script? Looking at what you pasted, looks like the ducky, and unless you have one, the code won't be of any use to you. If you DO have a ducky, unplug it, reboot, change your wallpaper to whatever you want next boot, reshow the icons and you're good to go.

Edited by digip
Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

Yeah. All the ducky does, is type out commands, so unless you sent a payload that compiled code for a shell script or such, and set it to run as a service or on startup, your all good. Looking at that, all it does is take a screenshot, set it as wallapper. I;m assuming there is more code to it than that though, which would need to be to set the desktop icons to hidden, or even hiding the taskbar too or moving the taskbar to the top and hidden for hover over. That looks to be only part of the code for setting he wallpaper from a screenshot.

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted (edited)

You should be able to change it back in the registry under HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders.

Not saying you can't change the wallpaper via the registry(which won't take effect until next login) but form the sounds of it, he shouldn't be messing with the registry if he doesn't even understand the code hes working with.

All this script does, is show the desktop, screen print, open mspaint, paste, and save and set as wallpaper from the users profile folder.

GUI d, shows the desktop (hit windows key plus d key to toggle for example GUI is the ducky command for the windows key), then its doing a printscreen button click, menu key v(for right clickign desktop and selecting "view") and d is hides desktop icons. Then it does windows key + r, which opens a run prompt, then types mspaint, pastes, and saves to the users profile folder, then also alt+f (file) then k (set as wallpaper). I had to relook at it but make sense now. I haven't played with mine in a while and not even sure where I have the thing put away now.

All he has to do, is change back the icons to be shown, and choose a new wallpaper. Changing it in the registry is fine, but won't bring back the icons, nor should he mess with regedit if this script is too complex. He has more a chance of nuking the system in the registry, than he would just turning the icons back on and changing the wallpaper.

Edited by digip
Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

Even noobs have to think for themselves kid, let the OP decide what they should or shouldn't do.

You should maybe explain how to change it back to the original state then, instead of just telling him to edit a registry key he may know nothing about? Does the op know what the registry is(or regedit for that matter)? Not saying he doesn't(and Idon't want to assume he does or doesn't know how to use regedit, just saying), but if hes going to muck around the registry to change the wallpaper seems a bit drastic vs right clicking the desktop and picking a new wallpaper.

1 - explain to him how to do it then instead of just referencing a reg key, he may not even know what it is or where to change it, and 2 - even if he manages to change the wallpaper "manually" via the registry, the icons would still be hidden, so he needs to know how to change that back as well if he wasn't sure how that was done, and 3 - I'm not a kid, although I like to kid around at times...I'm nearly 40, married and have 2 kids of my own.

Link to comment
Share on other sites
bobbyb1980 Newbie

bobbyb1980

Posted
Posted
1 - explain to him how to do it then instead of just referencing a reg key, he may not even know what it is or where to change it

He can google it.

2 - even if he manages to change the wallpaper "manually" via the registry, the icons would still be hidden, so he needs to know how to change that back as well if he wasn't sure how that was done,

He can un-hide files via the registry also.

3 - I'm not a kid, although I like to kid around at times...I'm nearly 40, married and have 2 kids of my own.

Congrats.

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted
He can google it.

True

He can un-hide files via the registry also.

No doubt

Congrats.

:P

Link to comment
Share on other sites
HarryT Newbie

HarryT

Posted
  • Author
Posted

Thanks for all the comments (I think :-p)

Say, Im having trouble running CMD as Administrator in Win 7.

I tried

GUI

DELAY 50

STRING cmd

MENU

STRING a

ENTER

LEFT

ENTER

DELAY 200

All I get is the left menu, no run or cmd prompt..

Has anybody experimented with code that does the trick?

Appreciate any help available!

HarryT

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted (edited)

try 

GUI r

Everywhere you see GUI, its the Windows key, so "Windows Key + R" opens a run prompt, then string types cmd into it, then you need to enter, then type whatever oyou want into the command prompt, etc.

Edited by digip
Link to comment
Share on other sites
HarryT Newbie

HarryT

Posted
  • Author
Posted

Got it - Thats working, only thing is that it is not running as Administrator.

If I click Start and mouse over command and right click and select "Run as Administrator" - this brings up the User Access Control check that the latter part of my code is designed to take care of (LEFT, ENTER accepts the file running as Admin).

is there something Im missing for Windows 7?

Thanks

HarryT

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted (edited)

GUI

string cmd

menu (meny key on keyboard, not the flag, next to right control key)

string a (selects run as administrator)

tab

tab

tab

enter

also see > http://forums.hak5.o...b-rubber-ducky/

and try not to make multiple threads for same question.

Edited by digip
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...