angelburnt Posted April 24, 2013 Share Posted April 24, 2013 Hi guys, im really interested in buy some units of rubber ducky, but i really need to know one thing first: if i code some stealler payloads and deliver the ducky to the victim and he inserts it on his computer will the ducky have a normal behavior like an ordinary usb drive, to avoid suspicion? Or the ducky really needs the SD card to store information (visible information). I ask this because i want to code some payloads, so the ducky send me all the gathered information (like wifi/browsers/smtp passwords) to a ftp, while the victim use it like a normal usb storage. If the gathered information are visible in the SD card its worthless... the code must run in the background while the victim watch some movie from SD Card. Thanks. Quote Link to comment Share on other sites More sharing options...
Solution skysploit Posted April 24, 2013 Solution Share Posted April 24, 2013 (edited) The Ducky registers as a HID device... The SD card just stores key strokes. With that said, the user will definitely see the commands given to open a command prompted. Check out episode 1408.1 & 1408.2 for a good demonstration of how the Ducky works. Side note: You can run a simple Powershell, Download, and Execute payload and it will take just a couple of seconds to complete. Edited April 24, 2013 by skysploit Quote Link to comment Share on other sites More sharing options...
angelburnt Posted April 25, 2013 Author Share Posted April 25, 2013 The Ducky registers as a HID device... The SD card just stores key strokes. With that said, the user will definitely see the commands given to open a command prompted. Check out episode 1408.1 & 1408.2 for a good demonstration of how the Ducky works. Side note: You can run a simple Powershell, Download, and Execute payload and it will take just a couple of seconds to complete. Hi skysploit, thanks for your reply! I watched the videos you said. well i thought that rubber ducky rans without showing the cmd prompt... there is no way to run the commands without popup the cmd window? in this way its impossible to deliver the ducky itself to the victim, because if the victim see any cmd windows after the insertion, he will fastly remove the usb drive thinking that the usb its infected with some kind of virus... It will be very very interesting if the ducky was able to act or emulate a usb drive so we could deliver the ducky to the victim. lets assume that was possible, in that way we could insert a big SD Card (8GB) and reserve a partition (4GB) to be used by the victim as a normal usb drive. the others 4GB have to be hidden from the victim so he/she couldnt see the ducky payloads. Sorry for my lammer question but, is this a dream? its impossible to do it? the ducky its already a fun tool, but it will be a great tool if we could do a usb emulation and no cmd prompt popups, imagine the potential with this kind of super stealth mode if the victms starts to transfer files to other computers and run payloads in each computer without any suspicions... that was the first thing i imagine when i first saw the rubber ducky... so i think i will hold on my big purchase of ducky´s... big hug Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.