overwraith Posted March 7, 2013 Share Posted March 7, 2013 I tried making a duckscript that would take a base 64 encoded and compressed executable and would type it out and decode it. When the ducky runs it flashes red 5 or 6 times, and doesn't run the script. Can anyone see any problems that would prevent this from running as described? Is there any size limit to duck scripts? REM Target: WINDOWS VISTA/7 REM Encoder V2.4 REM Using the run command for a broader OS base. DELAY 3000 GUI R DELAY 1000 STRING cmd /Q /D /T:7F /F:OFF /V:ON /K DELAY 500 ENTER DELAY 750 ALT SPACE STRING M DOWNARROW REPEAT 100 ENTER REM ENTER THE BASE 64 ENCODED TEXT STRING copy con HelloWorldBase64.txt ENTER STRING TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAA2AAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1v STRING ZGUuDQ0KJAAAAAAAAAD/KMSbu0mqyLtJqsi7SarIoNQAyKlJqsig1DbIvkmqyLIxOci5SarIu0mr STRING yPBJqsig1AHIs0mqyKDUMMi6SarIoNQ3yLpJqshSaWNou0mqyAAAAAAAAAAAUEUAAEwBAwDjzzdR STRING AAAAAAAAAADgAAIBCwEKAAAwAAAAEAAAALABAKDhAQAAwAEAAPABAAAAQAAAEAAAAAIAAAUAAQAA STRING AAAABQABAAAAAAAAAAIAABAAAAAAAAADAECBAAAQAAAQAAAAABAAABAAAAAAAAAQAAAAAAAAAAAA STRING AAD08QEAJAEAAADwAQD0AQAAAAAAAAAAAAAAAAAAAAAAABjzAQAMAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAABVUFgwAAAAAACwAQAAEAAAAAAAAAAEAAAAAAAAAAAAAAAAAACAAADgVVBYMQAAAAAA STRING MAAAAMABAAAkAAAABAAAAAAAAAAAAAAAAAAAQAAA4C5yc3JjAAAAABAAAADwAQAABAAAACgAAAAA STRING AAAAAAAAAAAAAEAAAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAMy4wOQBVUFghDQkCCGzXH8/Zo89GVcsBAJYhAAAAlAAAAAAAcaEA STRING KpAARgFUIIwCqEAZBVCBMgqgAmQUQAWfo4IizOm2ZrPZ/SMAAOlRJAQ4ENcgshLu9z3daTIYeFkJ STRING 7h15ISKn2f2epCET4g8O9yMkD/l0n7vWDTuf3CX2Jp/naXYYgymMgxCJIJ+n+zSEuTFoDgWACn3f STRING 93QEy65UEXd4Ip/3fd/3Sl4TFyw0OxWuaBP3aX7fbwSCCdUxPMUeGGw+zWbAEQsnsIExtiJ8ke7T STRING Z1IbgYVjY3u63/dYCZmBNAwOxzqu7D7d75Xv8BUTp9YDT/Ef6X7n07z3DRjdDpqo0/2+77O9Lh1X STRING GMIwn1/ve7rP2pkkLOALSs4d3/M0v9Escg6JOBUEgL7v6X4OkygJlO93CLPPut/TffIQDhdKVHkl STRING BIZi39N8fzDIB9FSCfu+5/snSGghHjGHGLTb6T7d7xMTehtAP1AMHQ/2Pc3v1iLDJw5XgQ4TENjy STRING MALfB8wA8i//EFWL7IHswABTVleNvUD//5+NxrlnXrjzq4v0oQABkyBQ//bdt2gFaDiLDQsMUehu STRING /CSDxAiLyP8V2NfcdxAkO/ToohEqJDAT399028weBBaLM8BfXluBxGE7bd777+zoeSjlXcP/JVZ/ STRING av+Q267dOUJYZGoAUFGOUAH/bklzoP5UjIAAM8VQjUX0v//732SjLYll8MdF6AmLRQxQ6Cr7mQQz STRING 7bfW/smJRdiJTdwTpAFVCANRBJ1277rfi8qakvyX8yaJhbD+BZW0+2z/bIO9AHx5fwkKsHZuO25k STRING 5Ai3qKwF2n//z4uFO0XcfDt/C4uNGDtN2HYuOjOZWd4/AotNSD15NyPbWyubG1XcQ6Ck6xTHLcj2 STRING Yg3HCaRMN/fYYyFNyIskiVXMk/pNuLvf2dzonEX2/A7u+cL4/63r7dt1Dh/og8gE++jp5CbGIXc2 STRING B7ABxZMA8fr17pvh2IsFJcByQ0APhOtUCgvb2+sSN8iD6D1NyNlj2Xa/2wuJCH3MAA+MzR1/CgvI STRING aQawd4bBo18EkTQD2LmIhbeBCG+vjf2MsPQPtipQ8Q/3jDRjIhBMrI0FFIZw84mNvOjM+YEYt3B2 STRING J4fIHI2FHo0MZrbIjaMl+YOnXwIn4d+VBoXSdAsi6wXDEXajuWvKPXVupFqhJeHK+SYW4qAcst0W STRING 2VEmDFKotBQD8jHZo/kTsNiX7JGOdRGw3HQJenMlLwDhD4VoKPmRnEoeBvnj+Bk5ks/UY/jg1FuA STRING HDngvPd8M2cJe2oAasaiGGg2V3L36y0hAWoEHEH4F+xtMvG4EglewwxV9lkyuGmYbRFKBDPFbs5M STRING DU3B7P48hVj31IT/LpGxixTH2m3btc3HLgnMpfYOWFpBkWN9t1eJDVhZtWAB1u26ycP3DQAt1LhJ STRING CAuBwVh/4F9PawDNJH8Ci2RB1QcGkcsIgfVHMalkZZP2Tw++wQvjDIsQlTsRD5SaxiBsZUVP4pkM STRING Qtn/Q9+Iz3ayBU3MUU4oM+GVwSVZ4E3sA4Mk3dq08931A5z5u+YA8BoiD7bAhcB0TenK5gD09/Qf STRING LYx05gjXEMj49oaw08ZvqhuaI6mb9IhBBF8o7EMwOvKE2LF/9MIEuZFMQihfuM0IyRpKRujTxjp3 STRING kPN1FO7SCBrsuYdkbbjzS5NyDoXNOITwjvOizzaSA1vBNLDaFm/b+JH4nUAE90bAA8YSGQ49gU/Q STRING QEqeSTA0C+7A2zqJCAdGBulKjXEyMEPC8jRA4D14hSGg8itdgcG610IFJPQJQpIZw5lu0CF+OBPQ STRING AluFPGvyz6PkBRbH+vFzI1fI2PEItiHEIBHCA6bx50ZGxsYrHAUYFBD8RkZGCAQAKZL8z+fz+ZL4 STRING kvSS8JLskjZPCJHoInUBw4PsKLEZlghSIeEEICHbPBdBjvEIWlir/7913Yv/LlEqM8Xyi9mJffw5 STRING Pn5I6wiNsb/wx6Qk0pCLRh4MOIF8Gfxdrgvf/w+LVDgEA9GBPBoOdB1MOBj7pVn9BFFS6BzwFRxA STRING g8cMiQbHVgl8OwZ8wmB/Vou2/7v48YX2dCE3HVOLXQiF23QUV7Aa/uPb7bdq86qLA4mCiVZRM19b STRING XivftWQrv73B2Tv3dFL9zt5nw0uNm8C/uio5VNu/a6jEkUTAwTkUGHQZi04bVGKRC7sPsgRSI1zv STRING KXvWYsLEvcEUdQhh61pqrsaorn1HHfgLl7dfuEo5FhQ5VhR1CgQYdQUcdPJd6KUTTQRXVhoi8FEM STRING gUx2e0YMfjD8GwaVwOH2dgRPSXW2LCHQRjdOgD0RgTjTH3N/O9duAQMBxgUSAegz4ee5EcJznO4Y STRING kzQxJt+DNugD7ykUaWv/A5fIOw1CdQLzw+nL7R8ZUJgQDsSP6HSJkVq3eaN1SExarL/uRqCApkWk STRING F4Vooe9+wPcECXhVsIsahUCJEXfr1wFutBKFPJDoWasNLDt36MTshtWAJA7pAsNKmbEDUrh5G3XA STRING s8Ig/9lgk7wBwN7FRiCQr1UAI+jJ7P2+9kw7mki8UGgEjIw933dEUQtABEQ8aaS3b+8zHShMggUA STRING fQpqs+btmDDCYkV/H6XM0TVT2BGeJsG32eAf0f59cJaHY+DYgtZS5OS/MRjkCVq2A/DohMPBfB6F STRING fLe/aftswWBA2Qbc6Kx0dbYNh7nV4BHkVoj9NjtN4NmFZDByKf2lW6tyLHQe0tw7VeB1Cc82/sgo STRING 9OsNaA0AVTjrE1r8schuVAF1DGofTzTuvbfZ60sUgzjHBQg2WRoY4d1mGARjDOgvFQh8Fh7Z4tyV STRING 1P8x/tTpU3fY+e0s6wo3gVhfHEB2FvlmYghgAOh361wCJO7WBU8CdCJ2yMpo3Dq2zQh/C1BqAp2I STRING g/hFAZO5WwFS7nUNIuk06WsVYj1KbxOAqncaulnFngxAAhczhhmMvYymkKyM8c6BBhqBFPkYW2A8 STRING AaGiDBFU2NhvG0h1DClUUEaUFDgIY8tYBg6YAetSrgUduElnArQJ4dm2AWDYS6Xuw4vctjdhbYsW STRING Ug12U1EitkBGoHWrFwHZmPCLoo0YAQj/86iDN6QYGw/OCG3/jkZ08Pn8D7cIgflNWh90cOwWNubr STRING SS78FANCvG0Z7LvG+IE5UEUaLvgsvu8G+UIYPQsBHCCDeXQOdx4PhD/iZgaDuj4PlcAg0YjYAo9s STRING DUwbvFkEdyRZhZBAqsG3uhQGbAX5/3QPSW0/FmgsUWZEosQQUrrd43O/GmkoUrgFDxq54B8kX6yy STRING IW/xQHQtGJUOvOfwENjiDk4n9H0UU67IRzJ3v7S9wAXHhcTttedBLLYY0h3Q9Jp+wb6kU+i06RIk STRING izUHTKNp07Ew/1cb6f3g1k0rl2BTW3Mm3tTxGszvTQMcDo2V1GuVzNf99pqxhQdGbbBoAhBy8NtC STRING 7Elvi72NSyWLICVvsX/DvR5kUFNRV+h9AvYcD4Ui79gvdC0yhgKwAYO9tYu1qpFc9611JPYPhAQc STRING hHCtwe29vkgu8lAWg/T9c4uNLbuN2FASrez7qsXgdoPD++RD6N9E3Z+h5+OnyChSV2ioYHhtw2s1 STRING PIgMUUc0afjiVq/Z6Y4oPQ9EWKTB9WgK6wD1Ju7uBiEGu0RI/9fcBo2dOnNL9iEwWeD4MI0GaQb7 STRING YlEwvjC1hh3O9iGUwLSaLQpvI1JQndDIjcnW4VL/lQy7HLGQWv2l/LwzzVvozOVPwzJgECCvkC+t STRING kBPsJHaIRef/V45L0cwBNXpN0I1V54lVfGHhjtTajU3MOgYOiBNtQOvA6SP8UOsJuDMK3ZHVWgX9 STRING PdypkAEbr7CyOUOSArKvuxD8LdvI2NwLFODBVcxSJ7AGhR8IBCNGaCASEP1ByeEY+L3uUh9bAXbE STRING gDg3CpbvyC3w/+2NcQE9ihFBhNJ1+SvOg8EtVgBuvdvYRnd72fw0M8mNZKWKkfb/3pu7fIiUDRIq STRING 7ovQighAhMkzdf9XiA8UK8JPik8BRxH43bdLvVPB6QKI86UIg+EDuDmYqcHe2/OkC4oQQGMuwey1 STRING BVtYMC4pX6/0bSppX240yBAbufBcaolTjFAt9/oQgPRSySUNC+jB4goGchBWP0QBEqW6BVwdCxjn STRING v3XQgoFiRL1bgwjPYqGOOe/Wb7DZ2EG20lzWEsukUBM+9/XEWKxkw7IYIKr3a9UebU3QwyaYUQXa STRING Pf/9ZIPqJFIIWI1+IFdIBG7w3BKf2zzAagrU4NAyhSW68CdoRbT46Ahf0xuDzjU4HzK0QW7s5CvQ STRING zI0APMBRhiu0831UjZQFDVKPTcLnwufWo8D+BFNTo/n3TR7CKF9UbOFJaCFWhEYBqw51gRIBQk5K STRING 4d8zaOgYolNvCN2YnrgBjSvG0P9WBk3wS1cQcgW5EG75mkZYMvGKHDDyQMtHzCqBi8HfgwLON0zx STRING G36IHkdG68nl/Y0UGoF0+3nGBAcAAxcAYmm6kkFPBBRGCCE9vGC2e9eQRZBBBqRDOncyRTLSP6y8 STRING YOl5FW/UFDkDTki36OYEabr3PITfjUUiEMXYw9v8TAkfCAmLBHDgbJazJECPH035PrQZWBNFIo1C STRING iRSCFajFBiVRmzPw0cIv0WguBSsBjpUobAA9MjIyZC9sbGgsYLEQVxY3DhhjVZ/ADygDmzf3A9CC STRING gFIFfIkVeIm+m5ubHXSJNXCJPWxmjBiYs32l2QYNjCBoFAVzszRLZCVgLVycj3q2scKQKVaEBwSI STRING OdriW8sIB5Qf4O99vQ6OudABpqEcWYQexzaOE3gJZMAJfAGF9JX7CZSJjdgzjYD6JuQu45XcCz02 STRING yIAILbTK+d6Y5Febzh2gPnD4RJJo9k66ZcgKJV5oYR1BWJw1ZNdgfKUcNGGvX7mo/wD8Y3Nt4HVP STRING OYN4EAN1RPs++3/WgXoUIAWTGXQqJXkUIQ0cJj7suxAIFCINDikAQJmKRHsDl+g13cRzBIdwNF56 STRING UmVMeJH/AWgVqddQbIwDvB/kHyNrOJ5vccgEkBhPEgTJ5RqiASm7bnprRNZhbF0IGCjv2i5Eg1NC STRING 6xnRHLNdgCXaGPIUUgsQBuaWAF59Q0DCXsLGh7g/pA90wzuaVnJ2jIvG03iQcwIbdLRjBnsCS4MF STRING OWHv74H+EnLtXiwveZjB5JQce5x7nCATcmWf0OzgjIZYT3hDnMNSJVhL5IzjEq9wO8YAwGRr6Ygm STRING BonOhTpc25AVTPIl+ThSR2jcrOFSSw/cwlXkNwgULYhw4aR+v9yH4QsmI25f5FFueM+D0DJiUn2F STRING 6ApNuo8CIQt5zaFjEEjwOTXfJNG5DZwo27YyNsKyWOGsBajeNiUxpB8YsviThP9wEBuBPWhO5kC7 STRING dB9zZ91aQT5ddBMI97ZgFt7RiQdXmyP4+i1aMHGIHxn0ruZjbYMzCIkFFIwzRfRtMiBjC5CUPNai STRING lZPomDZnPzvi3RzsgX30gCT0T91vM3UI65IU4oh1ES4NG3vv2xFHC8HgEAtJNpQAJAIlxLr30omk STRING XGSEkRMzoJw/mF6kZGSUjA3YasELIBEn+nOPPSw+O4sUA0g80b/t7rDgOj4gw4PAGDUdFkSW/PxH STRING BdkKLGJbT39FEEa2Zwj8ywGt3f3Gt0IUXY1UAWd82C22dQ74cgGoe8Eokzfhbr8kBjkScyMUMTtR STRING DHfr3d1yFpuLSAywA0oIOTVzBRAgFEJ76wTrv5xUIQ/kEg/wxNjKEK1IFoxJcOOwjeTdLNj13oQ0 STRING xXXgAJclJlNQ2v0rlJWLC5inYzLR160ID+DFE7ItEzfQ0Oti/q0eb5+LUSRUuvfaG9KDwgEUT1YK STRING ByHM60DW4FSDRDenAx4uFirF2DB3PZcIsNBCo5QswXaKYU/YyFrI6wcL2BgDQiSFiAUEQ9bIhIAP STRING FOHD62xLEBt4GWhrhi0y+OjF10E/gT614TpVRDHHAMsj/XbhHKC8UPdOVmaJCrJ0U3sbDYsHD17T STRING bJwNnMBbGDbAUVIseOTjv/2fbhLAuQlmOQp11otCPBN+zwPCgdbqxqc4AnXFdkgGBQV/oX6JYo1E STRING ByQrXjPbhcl0Fzf+F/qLEDvyctr+K/o7cPxyCEOwKDtuu+jt2XLpA3RbQ32FUDwggzVQYvkITEgb STRING ZKO8pe/uDHE6xgUfAUChEVv/5AI1cowz9jvGdBpv8LiVgrtSqFZWjWkFVlL2ZHc7h8QgyAlfW8rw STRING iwGDmel/44l1gtI9taUxAQ+FjI0WT7Xf60AcsVeIVjqkcIC7QGMb6F9SIFAb+doL+FBXUzkaS/RJ STRING pOuWb/w5aPxuhBgod6pne/w7zgodEftNtwad5/UA/ChM+FBraNNsA+AI7FBZ0j9A3Lri31C3FDvD STRING s9m335PsO8d3BwMmO/hyEztNR/ON9HW26aY9+FmrPY9CDx94Hw+DoLUMxdVRrHXAJwx8JYCL8Fh/ STRING 3SnegIVWhMWO3CzX279QgHRSK310PnJL2Kit6/9/O8h2Cjs8xnIFQDvBcvaLRMbRFC/Zsy25JW7N STRING AUn0cEI0mDPFEBsDSgfhXdhZAVaIhH6Fnu/2miM9CFBACeg4pWrmefAoPbWABYRBehgDGcgPFOYA STRING jaDBUQtHUmNEjlQv0t9RRAUOI8H2+oXKRX3FCB+PYDdwZVzMiqcDe4I/vknXilcxiRIselbEinWu STRING 6NYxK7oHNgweDetDQKBdUnVCEKEd7BkwP4VQWeiWFGOzgD9ZPwJVcgwwnRZt0XkgL2EvHAJWaAf7 STRING jHFzfMJcdQ9199C33wgnVxdYJmxWmomFTh7Wuei2oBCeztBT3waw+SJYi9glNA1I021ROkP9JvT9 STRING u/tgKgBy2GiEgP+VS3s9tjVcVoBsW19JVfssBBl4JvCLjT/P3mHQX+RMSqBR9gp338eFIghR/9OL STRING QiGCet+CtXhTi3Wog70w/G9jt32fiyqoCZXR6IP4AnKOSKr7vwtgnEVUdYNmg7xF8glcxxZw3LK5 STRING XBysjBlAg+8gfuvK/yvr+g4PglynSA2B+dDuwQ/HD4dNpGRyROxjx/7cckiNhDCJEBRMiUgEFzKy STRING jH1QiVAIEVQMWBm3ZewQZhJcFGhQGE30DeakwVwJzV7oc8+zKFAZWN8GU0zIDAYIe3kzHy9JHAvp STRING +xdYoIkO+WYDt/RCQ3MJvtDOJOcR3s59TE6ZziWo/DvXEbnVagklstBe1RnGJO/enGEZBFHomLsF STRING C9bASzUPEG9tWaodHlbo4jRkzxgrkgvba0BHK84yMjYWI3wFeHQyMjIy0HBsaDMyMjJgVFhcZGRk STRING 5JKkNDg8ZGRkZEBESExkZGRkUFRYXGRkZGRgZGigZGRkZJyYlJBvZGRkjIiEgNH5XJyRkpKOy5Io STRING EArTLysABSAkNZUKKpDR//IWwenPvlQkCI1CDIuKnN8I2m/FM8jorb0GMHzc6VsH8pe1vwkvi03s STRING 6cwkU/KTkf99fRTpK5zcgwwgTUTp+x2lggqMVmhFAQnQhAIii4B8QFAZjwEToAlPAZABEvADVSVP STRING VQEBbZMDCCwGATLIgD0CAwMEzSCDDAUGBwj3vYA1CTsnExADZiB7TSA/WB9AvssOsoAgMCTAIw4L STRING YVf2E1MQQl87fsgOIIdwYXVzZSxIZfdf8v9sbG8gV29ybGQhISFmADoAXABkAc3dzX9cAHYAYwB0 STRING AG9sAHMPYwByX3fd9swAYh8TZQlmEXgAOJJtL9kANiEZB2MPXWGu2yV4Ay4NAF/MXdfdAW4AYS1p STRING d2UPcwB0bS9Z+z91tQ9N0z3rTjfWASAzaTVpG2wF/wewrnofZF9Vbmtub3duIFJ1YBf+/250aW1l STRING IENoZWNrIEVycgEKDSO39nL3U3RhE21lbXkgYRkqZCD2t3/DX2EnY2Egd2FzIGMXcnVwdGVkMf32 STRING d0sAQSAebCB2L2lhYmxlt/ZmiChiOWJlZi8PaXSWvbVjEmluCCBsaXo9wxLYynNkZ92tsG1lc0p0 STRING s4tzbZRl9m239nIgZGE8EXlwZGg4YXb2sVs3YZBzDW9mHi4gIEkJ264F+3RoaXOFWP9vbkAstUbb STRING 2iB54EpoBAF/9942txtrJUhzDnJjZT0Nhce2sXJ3uGgNYXBwE91rrblw5kPcFDNeRru17W+vIGV4 STRING YW1wkToNtAljjLb9/2VyID0gKGkgJiAweEZGKTsWQxVh7rPtbmd+Z1dvZGWLl/BW2Lr4adAgn2xh STRING ZmawZji2l3QkcXUu3YtDe9vCSnOpdEGDwcgOYwdIRy4nAHhs665UWnZodfNFU1BvC+9FJonrY2x/ STRING c2F2WG6YD1ZjchUgZmPwdc1wQRyz/1TDafeCde7zry5hqU8iCreAvbE1sGNsH5Zsi+BQVhBlJMwH STRING bDbhbnacGzRwb8MtZA+4cjwgZGkukBDAXHI0RBemaW4fAWtAA2nowIARsmGbTCgBHgNLOkyauyij STRING BLaEC+MnACfMLmsieCWDSyM3JrdIs+3FutVLdBIxtGmVHS661y1U26aNl9hGYVF1fSMlVi27jSnr STRING ICVzB006dYVOYSu0CWsyF0Y3PxTzlusNV31hLQBUbss9Vm17QwBoB8trCz3Wba5GdRdsI3IbIwAl STRING BljXdX0gLyAJc6ebm8DGT3RNRUUBb0Sge3MD8AoADRFVE9c98A5vK4sgX2lZu67bXHATGXkPUptD STRING F00AQYLrmmVzFWcJMtpIwoS3m+5lsCRMaLF1AKAzGgl0JHxhGfrUeMy79YopYnkG1mRM171p1H6z STRING wsiLmgETPiCu5Q5ZCnADmQRIrgJzA4cAMeba/QpBZGQ6czqxD1NjsWDNeAwbYURu2ayH6XVtYomq STRING wGDNwGVvLU9EfRF0m1qfPHdzTMBmQQt1hoYbTjXhMwAyo2TFS/q+hGwLLjJYQ0ElsKQESSCXMDjA STRING lh76TLk2LGGwtVv1bDbCIK9TIUgGM5hDoZ8YvAcxmpatlWxYKRtP4FBN0/yFAwFwwIxwPFnsnjUU STRING F4F4A9AA36npEAq3X1NvaWfx4hRRpUMo0CN1YwF2E2mpKgApPre5zVYDLAsHeAMBMSYZssEHMBcz STRING KXUPKSzH33RbZfRlus1z6XV7dB9jITSLjblplwB3xr7YEWn5JVz5OP1biYR9OVMAUABEAEI6zHWD STRING 9y4LTAEbVpYyButfUhtEtQNwXHhzclBEQk/xblY3Yl33bOVlNUWJdo9y9W429r3zmUQRZecJLQOv STRING rHmjAE9d2T7XdaVXDXtFx00z52/QCJ/r5W/V71ZRdTbCGI37UylkX1ytC0ZdNy4DXBdlQy87PsLg STRING Uz9lZ0OiZUvXaHHYZXkPURTjzOZesDcGRXhXE98iEJMaum2ZRFFBO0nPhGVvCTcADWMABAKsnf+f STRING AoQjUlNEU9oOOno2O/NO7uCv/4heRUftP0ZnBq86XFUsc1xDtcGtJvByc1xEAGvuAAe4v3BcHBsS STRING FMIH7GJ1ZxAucGRivA8ihERsAQFSigCMBBsLAMhHUQEA631gwQFAXwkqAceICkir73ygxUhulP8v STRING QlA22FlDegMjxCuwTjdYyBIvR4A3G2DBsy99DOYvIBmQC7A82aQ73zP+B8QPhBxY9wEWJAM/H7x1 STRING r7DuG0QDSh8cBgMMHRvIgR/MhCWj6k7IgT+4KWkDg1AxoEpvjJUU3yKxGb9EAZ8fKiPYNwv/ACMF STRING UcKA8yCCQgZQAVm06gUgLlN8NJLCSxAmiElA6Wt+a6D4ZWRFeGNtZRRTbGVlcCtEfMIbQ29tcD0i STRING EkT5L0hlYXBTZXT3tz8SxG3tAVdpZGVDH3JUdG0DxW9Nc0J5PkRzEHE7FQszclCsJWvNY1ISHSgy STRING z9r7NhRSYWlzX3hMbHPW2rK1dHsuQUdmOoX+24SIaQ9Mb2FkTGlict72tt01eVcNVFhtaW6BZSM7 STRING mfv3Hy9DdXJyahJVbrZSRLKtZE5kYLAsWLm53OpGckw5LjZSROBILV0BokDxVmlydKDTK6IL2B89 STRING ZQMJB5esV51mEhj2ZoeI+ApfJNsVcTtTedBlbWtBcz6BHcDeCatJZBShBWvtVGgF7BMxibSxw0KH STRING dUGPUAOFF2sjfG43Fs5rhtkdFNxQb2kOoUbAXmH6RW4rEiGiPc2J6D9Lff63w35naHRfZTJAu2RA STRING QFlBX05YWq7d/u8gX09zZnhAPyRiYXOTX28cpbQmivZtQERVEcVfDvxs1i7LdHMPNTtRQUVYWHfb STRING jmdvdEBSc188ZRtLtgU7QkVYa2VWI8DeQplSNlBBVoUV8mOPMkC6Zmx1c2i7Mdg2QWcxQHexdGjA STRING yh5sAEpeYWdzHbAWxexIHK7ewtKxiUQ2cmQ/ZhYS3mxE4EAYnLUihmMhETOX3VMgUzFAQTlzcGNA STRING 7RBWYHBUSBBCgOR7eD5ucb0UwvZQQkQEQJQiBFfZgh8TdCNFz0ZHIK9IlUBlENqQTD8BAB1xrG2D STRING LDIFQz82m70NkHMwPFA2QQgFZrPU3ksBqpdUk1230tJfd/5rotloX+V31hba+2NzY3B5CRdVbFQY STRING +KxBGshfCXI0X1rbDlzsbW1kjG4aJ7KtO+AI5gZfH2wT1XKzVgcVLiKGQOm9nmxmcEykca2AOx0P STRING 1CAlObxSCwLmZeE0wNpzUAsqfAzbti9dK0NEYmdSj28IVw/WocI1pn/dwcrtDV8uLW52iTusbbBj STRING B1jfdL5fE65V0QZfc1SQymQX3nJn6llzZxpzOgdF2xBwtlIPZuvN3tv0ZAf+CSEQabYZXJgpBXLr STRING px6AInBndHijZWZg/v+zUlRfUlRDX0lOSVSaQgcF/j5DeHjhCEhZMBYBdzMb5/J2DIqtsAdliVlz STRING l7f//x/xxQQGBhEOBiYOKD88PohgIiOCJ3sEgCLs////EyEvLgwK8CACKTcjIBEckCkeG/D2ACKm STRING ImoGAL+V/w/wEgITRQgSFwgLBQ4HBhIIBv//u/cOCzcNDAMIBlEFEhgRKwYlCBUJCQUqCghr7dvL STRING BQ4MCBYdCBgICS8Ae//v2m0INQkvAgUM1JUHG0pPRyQ7SiD//+32JTEovzs/WgNRbAtLOjQFdwwc STRING Bg0HBRsGe/ffdkgLIAQNDi+qB1kLOxqLIwcfUeXk+20kAhwQBxQGAAcI7XfttwwtBgoKDAxHkhgH STRING 4AYQDpjftm37cDAHExYCGhQUBR8mBxUWBce+/e0KBZUgJgsNCA8VLRBJC0LfNgFrvy1sIxkGAQoi STRING BUwdXHXCf9v9vwdRzgeCB/D5AAsZFSPlC3cFIw4ZFjULkH/7H2UGDwkAChSXWRqJBs/P///wWw8w STRING MPA3HvAMA/AEAfA4BwTwgAQI8/b/bgiQBhkUAhQIHAgkDAE4BBx/BxBbIAIAfUwBBwDjzze2fzCC STRING USfgAAIBCwEKDFQRgj5rQBNjEQFKGKvgewMUELYFa152KFsHANAECi17bzsDJ4EoAgflW86SBi+g STRING UAewBK2MiFkvRrDcNu54AwcgdxzIFXJ7BTSiL+QB7DP0xi7NeHRiRLcQJ9tFlgug4AvhUrgvQzbh STRING AROnIGAucpruCBXKNh8ncCDFugtpWEACLiZKmqa5J4QFkAJ4dK80e8AuaSgFiCcOgvsA0npyc3Jj STRING CzsKIE03sHcGiMGezVT49ncMwCfh9puSjkIbGKQDdsc8AAAAHzLJAQCABAAA/wAAAAAAAAAAAABg STRING vgDAQQCNvgBQ/v9Xg83/6xCQkJCQkJCKBkaIB0cB23UHix6D7vwR23LtuAEAAAAB23UHix6D7vwR STRING 2xHAAdtz73UJix6D7vwR23PkMcmD6ANyDcHgCIoGRoPw/3R0icUB23UHix6D7vwR2xHJAdt1B4se STRING g+78EdsRyXUgQQHbdQeLHoPu/BHbEckB23PvdQmLHoPu/BHbc+SDwQKB/QDz//+D0QGNFC+D/fx2 STRING D4oCQogHR0l19+lj////kIsCg8IEiQeDxwSD6QR38QHP6Uz///9ejb4AwAEAiwcJwHQ8i18EjYQw STRING 9OEBAAHzUIPHCP+WROIBAJWKB0cIwHTciflXSPKuVf+WSOIBAAnAdAeJA4PDBOvh/5ZY4gEAg8cE STRING jV78McCKB0cJwHQiPO93EQHDiwOGxMHAEIbEAfCJA+viJA/B4BBmiweDxwLr4ouuTOIBAI2+APD/ STRING /7sAEAAAUFRqBFNX/9WNh/cBAACAIH+AYCh/WFBUUFNX/9VYYY1EJIBqADnEdfqD7IDpNS7//wAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAYAAAA STRING GAAAgAAAAAAAAAAAAAAAAAAAAQABAAAAMAAAgAAAAAAAAAAAAAAAAAAAAQAJBAAASAAAAFzwAQCW STRING AQAAAAAAAAAAAABwsQEA77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0 STRING YW5kYWxvbmU9InllcyI/Pg0KPGFzc2VtYmx5IHhtbG5zPSJ1cm46c2NoZW1hcy1taWNyb3NvZnQt STRING Y29tOmFzbS52MSIgbWFuaWZlc3RWZXJzaW9uPSIxLjAiPg0KICA8dHJ1c3RJbmZvIHhtbG5zPSJ1 STRING cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOmFzbS52MyI+DQogICAgPHNlY3VyaXR5Pg0KICAgICAg STRING PHJlcXVlc3RlZFByaXZpbGVnZXM+DQogICAgICAgIDxyZXF1ZXN0ZWRFeGVjdXRpb25MZXZlbCBs STRING ZXZlbD0iYXNJbnZva2VyIiB1aUFjY2Vzcz0iZmFsc2UiPjwvcmVxdWVzdGVkRXhlY3V0aW9uTGV2 STRING ZWw+DQogICAgICA8L3JlcXVlc3RlZFByaXZpbGVnZXM+DQogICAgPC9zZWN1cml0eT4NCiAgPC90 STRING cnVzdEluZm8+DQo8L2Fzc2VtYmx5PgAAAAAAAAAAAAAAAAAAcPIBAETyAQAAAAAAAAAAAAAAAAB9 STRING 8gEAYPIBAAAAAAAAAAAAAAAAAIvyAQBo8gEAAAAAAAAAAAAAAAAAAAAAAAAAAACY8gEApvIBALby STRING AQDG8gEA1PIBAOLyAQAAAAAA8PIBAAAAAAAO8wEAAAAAAEtFUk5FTDMyLkRMTABNU1ZDUDEwMEQu STRING ZGxsAE1TVkNSMTAwRC5kbGwAAExvYWRMaWJyYXJ5QQAAR2V0UHJvY0FkZHJlc3MAAFZpcnR1YWxQ STRING cm90ZWN0AABWaXJ0dWFsQWxsb2MAAFZpcnR1YWxGcmVlAAAARXhpdFByb2Nlc3MAAAA/Z29vZEBp STRING b3NfYmFzZUBzdGRAQFFCRV9OWFoAAABleGl0AAAAAADgAQAMAAAAojEAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= CTRL Z ENTER REM DECODE THE BASE 64 ENCODED TEXT USING A VB SCRIPT STRING copy con c:\decoder.vbs ENTER STRING Option Explicit:Dim arguments, inFile, outFile:Set arguments = WScript.Arguments:inFile = arguments(0) STRING :outFile = arguments(1):Dim base64Encoded, base64Decoded, outByteArray:dim objFS:dim objTS:set objFS = STRING CreateObject("Scripting.FileSystemObject"): ENTER STRING set objTS = objFS.OpenTextFile(inFile, 1):base64Encoded = STRING objTS.ReadAll:base64Decoded = decodeBase64(base64Encoded):writeBytes outFile, base64Decoded:private function STRING decodeBase64(base64): ENTER STRING dim DM, EL:Set DM = CreateObject("Microsoft.XMLDOM"):Set EL = DM.createElement("tmp"): STRING EL.DataType = "bin.base64":EL.Text = base64:decodeBase64 = EL.NodeTypedValue:end function:private Sub STRING writeBytes(file, bytes):Dim binaryStream: ENTER STRING Set binaryStream = CreateObject("ADODB.Stream"):binaryStream.Type = 1: STRING binaryStream.Open:binaryStream.Write bytes:binaryStream.SaveToFile file, 2:End Sub ENTER CTRL z ENTER STRING cscript decoder.vbs HelloWorldBase64.txt HelloWorld.exe ENTER REM RUN THE RESULTING EXECUTABLE STRING HelloWorld.exe ENTER Quote Link to comment Share on other sites More sharing options...
no42 Posted March 7, 2013 Share Posted March 7, 2013 (edited) Depends on firmware. The only limits are on TwinDuck firmware, which is limited to 4096 Bytes. Whats your output? You have a lot of STRINGS, are they replicated correctly? might have to insert some small delays (eg DELAY 20), just to give the HID messages a small rest, so the computer can catch up? Edited March 7, 2013 by midnitesnake Quote Link to comment Share on other sites More sharing options...
overwraith Posted March 7, 2013 Author Share Posted March 7, 2013 (edited) I am running twin duck firmware. The only output is 5 or 6 red LED flashes. The script file is 18 KB, and 4096 bytes is 4 KB. The inject.bin is 32 KB. It appears the size is the problem. Is the size limit on the script file or the inject.bin file? Edited March 7, 2013 by overwraith Quote Link to comment Share on other sites More sharing options...
h4x0r666 Posted March 7, 2013 Share Posted March 7, 2013 (edited) the fuck? does the usb rubber ducky has a limit? why is that.. 4 KB is not very much.. ... Edited March 7, 2013 by h4x0r666 Quote Link to comment Share on other sites More sharing options...
no42 Posted March 7, 2013 Share Posted March 7, 2013 The limit is only on the Twinduck firmware, as it has to load the inject.bin into memory. So its the inject.bin that has the limit. Until someone can figure out the memory internals and manipulate them, we're stuck with the 4KB limit. Otherwise use the other HID-only firmwares that have no-limit, as the payload as read directly from the inject.bin file. Quote Link to comment Share on other sites More sharing options...
ApacheTech Consultancy Posted March 7, 2013 Share Posted March 7, 2013 Is it possible, with the firmware, to read from a compressed file and expand it into memory? Thinking of which, how would one start developing firmware? Quote Link to comment Share on other sites More sharing options...
no42 Posted March 8, 2013 Share Posted March 8, 2013 Until someone can figure out the memory internals and manipulate them, we're stuck with the 4KB limit. Otherwise use the other HID-only firmwares that have no-limit, as the payload is read directly from the inject.bin file. If the inject.bin was compressed, it would have to be expanded in memory, where the 4096Byte limit exists. How to get into firmware development - read : http://forums.hak5.org/index.php?/topic/28627-info-how-i-wrote-the-community-edition-firmware/ Also don't use Atmel Studio 6.1 - major changes it breaks the current code (as I found out yesterday), highlights the importance of backing up your code. Current firmware uses version 5 or 6 of Atmel Studio. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.