Bountyhunter50 Posted March 30, 2013 Share Posted March 30, 2013 hey gang! Ok so I'm trying to automate a script for my mother so I can get her work laptop MAC filtered into her home network. She so conveniently keeps forgetting it at work. Bring in the Duck!! Here's my goal: I want to create a payload to where it opens up cmd, does "ipconfig /all", saves what the terminal session spits out to a .txt in the c:\ drive, then copy that newly created .txt to the duck. Here's what I got, that doesn't work: delay 800 gui x (I'm testing this on my windows 8 machine, she still runs XP SP3) up up enter string CMD string ipconfig /all >c:\ipdata.txt ; copy /A ipdata.txt f:\ /A /V delay 300 When I test this on my win8 box, it does open cmd, but after it does a bunch of other crazy things. However if I take the code down to just: delay 800 gui x up up enter string cmd I get the cmd window normally. any ideas? Quote Link to comment Share on other sites More sharing options...
overwraith Posted March 30, 2013 Share Posted March 30, 2013 (edited) I'm betting there are not enough delays added to the code. It usually takes around 500 ms or so to open the command prompt after running the command to open it. The ducky is probably starting typing before the window is open. There are some good examples of where to add delays on the ducky payloads page. Also, use the "&" character to concatenate commands. I think the ";" character only works on linux systems. Also, make sure that all the duck script commands are all capitalized. There needs to be an enter somewhere after the ipconfig command. This line of code can be used to determine which drive the ducky is dynamically, provided it is labeled "ducky": for /f %%d in ('wmic volume get driveletter^, label ^| findstr "DUCKY"') do set myd=%%d which means that "F:\" can be replaced with: "%myd%\" Edited March 30, 2013 by overwraith Quote Link to comment Share on other sites More sharing options...
Bountyhunter50 Posted March 30, 2013 Author Share Posted March 30, 2013 I'm betting there are not enough delays added to the code. It usually takes around 500 ms or so to open the command prompt after running the command to open it. The ducky is probably starting typing before the window is open. There are some good examples of where to add delays on the ducky payloads page. Also, use the "&" character to concatenate commands. I think the ";" character only works on linux systems. Also, make sure that all the duck script commands are all capitalized. There needs to be an enter somewhere after the ipconfig command. That makes sense. Yeah , trying to whack my brain from Linux to DOS. As you can tell it's going quite well. hahaa. Cool, thanks much, I'll give it a go and I'll report back! Quote Link to comment Share on other sites More sharing options...
Solution Bountyhunter50 Posted March 30, 2013 Author Solution Share Posted March 30, 2013 (edited) Just on initial immediate (re)testing, here is my code updated: REM this is an updated versionDELAY 2000GUI rENTERSTRING cmdDELAY 500STRING ipconfig /all > c:\ipdata.txtDELAY 1000STRING copy /A ipdata.txt f:\ /A /VDELAY 1000 But it just occured to me I made an error in my first post. Her work laptop is running Win7, and to do the copy, I need to run cmd with admin access. Any insite? I'm gonna look around too in the mean time. Got it! We're good, asked too soon before a bit of looking around! :) Edited March 30, 2013 by Bountyhunter50 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.