Jump to content

[Question] Can i automatically swich payloads depending the system?

eschafir

By eschafir
in Classic USB Rubber Ducky

 Share

Recommended Posts

eschafir Newbie

eschafir

Posted
Posted

Hi everyone! :)

I have some questions about the functionallity of the ducky. I was thinking if there is any method to:

1) Identify the system's OS (architecture, lenguage, etc)

2) Based on what we know on 1) use a payload that was preloaded.

The real question is that if i can do a payload that can do 1 and 2 at the same time.

Please let me know if the question is clear, because I need to know that.

Thanks guys!! :)

Link to comment
Share on other sites
no42 Newbie

no42

Posted
Posted (edited)

Automatic - not at the moment .

Im not sure if theres any hint within the HID protocol?

I suppose it would be there, you would need a C-routine to fingerprint the HID responses/requests from the Host OS, then call an appropriate inject-win.bin or inject-lin.bin based on the fingerprint analysis.

Let me know how you get on.

Edited by midnitesnake
Link to comment
Share on other sites
overwraith Newbie

overwraith

Posted
Posted

The last time I asked a question similar to this the answer was to use multiple small yield SD cards. You can make a payload for Windows, Mac, and Linux, and have an SD card for each. You can also add multiple payloads to each depending on what you want the payload to do.

Link to comment
Share on other sites
no42 Newbie

no42

Posted
Posted (edited)

with cm_duck.hex you can choose between two key presses (NUM & CAPS Lock) two trigger different payloads (inject.bin / inject2.bin) and still have composite support (but your payload size is reduced to 2KB worth of instructions)

or use detour duck (m_duck.hex) (CAPS/NUM/Scroll Lock) for three different HID payloads inject.bin/inject2.bin/inject3.bin

Edited by midnitesnake
Link to comment
Share on other sites
  • 1 month later...
bitSS Newbie

bitSS

Posted
Posted

with cm_duck.hex you can choose between two key presses (NUM & CAPS Lock) two trigger different payloads (inject.bin / inject2.bin) and still have composite support (but your payload size is reduced to 2KB worth of instructions)

or use detour duck (m_duck.hex) (CAPS/NUM/Scroll Lock) for three different HID payloads inject.bin/inject2.bin/inject3.bin

i have the m_duck.hex and am tying to use the inject2.bin or even the inject3.bin using Mac OSX and the CAPS Lock for the trigger but nothing is happening. The only thing i get is the inject.bin when i press the button... Is this working for you? and if so can you pls explane your process?

I have tyed to press the button too but

Link to comment
Share on other sites
no42 Newbie

no42

Posted
Posted

You must only have one of the keyboard LEDs lit, if you have more than 1x it defaults to inject.bin only.

inject.bin triggers first by default, then either inject2/3/4 depending on the keyboard LEDs triggers next.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...