foringer Posted December 26, 2012 Share Posted December 26, 2012 Hello, there! Just recived my new Rubber Duck (it took about 1 month to travel me) and have some trouble with it. First I had problems with sd-card. It was formatted with fat16 and duck didn't see it. Formatting with fat32 solved the problem. Next what I have now - the payload does not start automaticly. It loads only when I press button on the duck. Why can that be? Another question - is there any possibility to partition sd card in two parts, so that one partition will be visible in the target OS? What I want is to save some files from target OS on the partition on the sd card with the payload which runs from another partition. I think you got idea, sorry for bad english.... At the end, thank you for great device!!! Quote Link to comment Share on other sites More sharing options...
no42 Posted December 26, 2012 Share Posted December 26, 2012 (edited) Auto-run:stock firmware: the HID payload should execute relatively straight away community firmware: you need an initial delay eg DELAY 5000 (may need to be tweaked)composite firmware: not possible, as the drive initally mounts as mass storage, you need to push the button to trigger hid mode.Partitioning:Short answer no, the card can be partitioned but your limited to 1x access control (either ducky reads both partitions, or OS reads both)Look into c_duck_v2.hex (Twin Duck/composite) firmware that can use hid injection, to load a pre-defined script/binary on the sdcard partition. Edited February 6, 2013 by midnitesnake Quote Link to comment Share on other sites More sharing options...
foringer Posted December 26, 2012 Author Share Posted December 26, 2012 Thanks, I resolve the problem with payload autostart using this firmware - https://github.com/downloads/hak5darren/USB-Rubber-Ducky/Duck%20Firmware.hex Partitioning - it's a pity. So in this case, is there any possibility withing payload create fake USB-flash drive letter which will be accessible to the user? What I want - user plugs in rubber duck -> fake usb-flash appears (for example drive e:) -> user writes some files to it (I don't need these files, the main idea is to remove suspissions) -> user ejects duck -> fake drive dissapears.... Quote Link to comment Share on other sites More sharing options...
Pwnd2Pwnr Posted December 26, 2012 Share Posted December 26, 2012 Hypothetically, on the lower levels, it would seem you would need to implement some kind of auto-delete system that runs through the EEPROM. I would fear that it would be dangerous because how do you propose writing anything new to the duckey? If you implement hidden folders that auto.ini, then I think that would be better. Make a folder for the victim; but make everything else stay hidden... But hell... I am hung over from too much Balvene 21 year old Scotch from Christmas; so I may just be incoherently explaining things... :D ... inebriated = this guy Quote Link to comment Share on other sites More sharing options...
foringer Posted December 28, 2012 Author Share Posted December 28, 2012 Ok, thx! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.