overwraith Posted July 7, 2013 Share Posted July 7, 2013 As you all know, the ducky has the ability to swap its VID/PID number to avoid antivirus software. Unfortunately you need a hex editor to change the file which is used to specify the VID/PID. I have created an executable which reads from a text file of possible VID/PID numbers, and writes to the binary file vidpid.bin. The program is written in C++. Here is the code: /*Author: overwraith File: VID_PID_SWAPPER.cpp Purpose: to automatically change the vidpid.bin file on the USB rubber ducky using an executable. Disclaimer: I admit to having a little help from online forums etc. */ #include <iostream> #include <fstream> #include <string> #include <stdlib.h> using namespace std; string getRandLineFromFile(const char* filename); int getNumLines(const char* filename); int main(int argc, char *argv[]) { string ctline = getRandLineFromFile("VIDPID.txt"); cout << ctline << endl; char buffer[9]; strncpy(buffer, ctline.c_str(), sizeof(buffer)); buffer[sizeof(buffer) - 1] = 0; ofstream myFile("vidpid.bin", ios::out | ios::binary); myFile.write (buffer, 8); return EXIT_SUCCESS; } string getRandLineFromFile(const char* filename){ ifstream input(filename); string line; srand(time(NULL)); if(input.is_open()){ for(int i = 0, lines = getNumLines(filename); i < lines && i < rand() % (lines + 1) ; i++){ //get the line getline(input, line); }//end loop input.close(); } else cout << "Unable to open file" << endl; return line; } int getNumLines(const char* filename){ ifstream input(filename); string line; int i = 0; if(input.is_open()){ while(input.good()){ getline(input, line); //cout << line << '\n'; i++; }//end loop input.close(); } else cout << "Unable to open file"; return i; } The following is the text file "VIDPID.txt," which must reside in the same directory as the resulting executable: 03eb2015 03eb201d 03eb2022 03eb2042 03eb2049 03eb204f 03eb6127 03ee5609 03f00024 03f0010c 03f00122 03f0020c 03f00324 03f0050c 03f00924 03f00b0c 03f00f0c 03f01024 03f01524 03f01624 03f90100 03f90101 03f90102 03f98371 04040320 04040321 04040322 04040323 04040324 04040325 0404032a 04090011 04090014 04090019 0409001a 04090025 04090034 0409003f 0409004f 04090094 04090095 0409551e 0409551f 04095521 041e2801 04250101 04300002 04300005 0430000a 0430000b 04300082 04300083 043000a2 0433abab 0443000e 0443002e 04466782 044e1104 04536781 04536783 0453004c 045e000b 045e001c 045e001d 045e002b 045e002d 045e0048 045e005c 045e005f 045e0061 045e0063 045e0065 045e006d 045e0070 045e0071 045e0072 045e0073 045e0080 045e00b0 045e00b4 045e00db 045e00dd 045e0730 045e0750 045e0752 045efff8 04610010 04614d01 046a0001 046a0004 046a0005 046a0023 046a0027 046a0081 046b0001 046b0301 046bff10 046d0203 046dc221 046dc225 046dc226 046dc227 046dc22a 046dc22b 046dc22d 046dc301 046dc302 046dc303 046dc305 046dc307 046dc308 046dc309 046dc30b 046dc30e 046dc30f 046dc311 046dc312 046dc313 046dc315 046dc316 046dc317 046dc318 046dc31b 046dc31c 046dc31d 046e0100 046e5250 046e5273 046e5308 046e5408 046e5500 04720065 047b0001 047b0011 047b00f9 047b050e 049c0002 049f000e 049f0051 04a50001 04b33003 04b33004 04b3300a 04b33016 04b33018 04b3301b 04b3301c 04b33020 04b33025 04b34604 04b40101 04b40102 04b41006 04b45201 04b45202 04b48329 04cf0022 04d90022 04d91203 04d91603 04d92013 04d92221 04d9a055 04f20001 04f20002 04f20110 04f20111 04f20116 04f20200 04f20201 04f20220 04f20402 04f20403 04f20418 04f20760 04f20841 04f30103 04f301a4 05000001 05000002 05000200 05100001 05101000 05180002 055d0001 055d6780 055d6781 055d3107 05862011 058f2802 058f9410 058f9472 05a41000 05a42000 05a49720 05a49722 05a49731 05ac0201 05ac0202 05ac0205 05ac0206 05ac020b 05ac020c 05ac020d 05ac020e 05ac020f 05ac0214 05ac0215 05ac0216 05ac0217 05ac0218 05ac0219 05ac021a 05ac021b 05ac021c 05ac021d 05ac021e 05ac021f 05ac0220 05ac0221 05ac0222 05ac0223 05ac0224 05ac0225 05ac0229 05ac022a 05ac022b 05ac0230 05ac0231 05ac0232 05ac0236 05ac0237 05ac0238 05ac023f 05ac0240 05ac0241 05ac0242 05ac0243 05ac0244 05ac0245 05ac0246 05ac0247 05ac024d 05ac0250 05ac0252 05ac0253 05ac0254 05ac1006 05ac820a 05af0806 05af0809 05af3062 05c72001 05c72011 05e3000a 05e30504 05f30007 05fa3301 05fa3302 05fa3303 060300f1 060b0001 060b0230 060b1006 060b2101 060b2231 060b2270 060b5811 060b5903 060b6002 060b6003 062a0201 06735000 067e0801 067e8020 067e8021 06d54000 077c0005 08010001 099a0638 099a610c 099a7160 09da0260 0a340110 0a4d00a3 0a4d4502 0a710001 0a730002 0a810101 0a810103 0aa70100 0aa70101 0aa70102 0aa70103 0aa70104 0aa70502 0b380003 0b380010 0b510020 0bf8100c 0d3d0001 0d620004 0d62001c 0d622021 0d622106 0dc62301 0e0f0001 0e0f0006 0e6a6001 0e8f0021 0e970908 10200006 119b0400 12411503 12411603 12670103 12932101 145f0176 15320102 15320109 16c0047c 16c0047d 17f60709 1a2c0021 1a2c0024 1b1c0a60 1c4f0002 1c4f0003 1c4f000e 1e542030 1e7d30d4 22220004 413c0000 413c0001 413c1001 413c1002 413c1003 413c1005 413c2001 413c2002 413c2003 413c2005 413c2010 413c2011 413c2100 413c2101 413c2105 413c2106 413c8157 71042202 71040dad You will have to compile this program yourself, as I do not have an account with an online file sharing service. I am open to recommendations on which service is the best, so I may end up posting files online in the future. The executable does not have much going on, and is designed to swap numbers on double click. I may have to change the code later to better inform the user of errors. Quote Link to comment Share on other sites More sharing options...
overwraith Posted July 21, 2013 Author Share Posted July 21, 2013 This project's source on ducky decode now, will put the executable on the downloads page as soon as I figure out how to do it. Quote Link to comment Share on other sites More sharing options...
overwraith Posted July 21, 2013 Author Share Posted July 21, 2013 Both VID_PID_SWAPPER.exe, and VIDPID.txt are now on ducky decode. Quote Link to comment Share on other sites More sharing options...
overwraith Posted July 25, 2013 Author Share Posted July 25, 2013 Update version 1.1 on ducky decode. Quote Link to comment Share on other sites More sharing options...
HughMungis Posted May 28, 2022 Share Posted May 28, 2022 Lets say you're using twin duck firmware on your device and you want the "keyboard" vid/pid to be a generic logitec keyboard or something, but you want the usb mass storage portion to have the vid/pid of something else that might be whitelisted on the target's environment. Can you use this swapper tool to change each one independently? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.