slyd0g Posted June 30, 2013 Share Posted June 30, 2013 (edited) Hey guys, I would like to go about creating a payload for the Rubber Ducky that pretty much does the same thing as the *RunEXE from SD* payload but on OSX using a .JAR file. How would I do this? The payload for EXE files on windows uses a batch file that waits for the SD card to be mounted but OSX doesn't use batch files? Sorry for my inexperience, I am both a Windows and a Kali user but need this payload for penetration testing on Macs. I think the only alternative would be to open a OSX backdoor and download and run the file in terminal. I would rather not resort to this though because if I was trying to install on multiple machines I would have to change the listening port every time to download the file. A little more time consuming and inefficient compared to a straight SD card transfer and run. Edited June 30, 2013 by slyd0g Quote Link to comment Share on other sites More sharing options...
DrDinosaur Posted June 30, 2013 Share Posted June 30, 2013 I think there's a firmware that allows you to have two different payloads. That way you could have one for Windows and one for OSX. Quote Link to comment Share on other sites More sharing options...
overwraith Posted June 30, 2013 Share Posted June 30, 2013 Well, you need some kind of scripting language or something that can actually wait for the ducky drive to mount. I don't have an OSX machine, so I have no idea where to start either. Every OS has some kind of command prompt and scripting language though. All you have to do is discover what your platform uses. You can follow the general outline of the script I wrote. REM Hide the shell prompt below the screen. REM Change directories. REM Make a script file that waits for SD card to mount. REM Delete the script file if it already exists. REM while(true){ REM poll for ducky drive REM if(drive exists){ REM break; REM }//end if REM }//end while REM Start EXE on ducky. REM Figure out a way to run it silently, your system probably already supports it. REM The only option for my system was to run it through a visual basic file. The actual polling for the drive will probably be the hardest part, you may wish to post a plea for help on a couple of OSX scripting forums, let them do the hard work. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.