Jump to content

DuckToolkit NG


Recommended Posts

Just a heads up.

I have updated the encoder on the Toolkit to 2.6.3. Hoping this will fix the issues users have been having with the Encoder.

Any issues let me know.

411.

Hi 411,

I just created/corrected some issues that would be corrected in the next SVN for the es.propoerties of the 2.6.3 encoder. can you send me a PM with an e-mail where i can send you the es.properties file with the corrections? Version 2.6.4 It´s out ;)

Edited by ARDETROYA
Link to comment
Share on other sites

  • 2 weeks later...
  • Replies 80
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

Hi 411,

I just created/corrected some issues that would be corrected in the next SVN for the es.propoerties of the 2.6.3 encoder. can you send me a PM with an e-mail where i can send you the es.properties file with the corrections? Version 2.6.4 It´s out ;)

Hi Ardetroya, sorry for not replying sooner i have only just seen this post! Do you have a copy of the properties file? I will update asap.

Thanks,

411.

Link to comment
Share on other sites

Hi 411, I have a problem similar to Nazgul's a couple of posts above. I would like to use my Ducky for light recon and have it email me a report. It opens and seems to run smooth (just testing Computer Information right now), it writes a .ps1 file to c:\windows but I don't think that I am getting a report.zip. The .ps1 doesn't delete itself and I never get my email. Would you look at my .bin and .txt too?

Link to comment
Share on other sites

Hi 411, I have a problem similar to Nazgul's a couple of posts above. I would like to use my Ducky for light recon and have it email me a report. It opens and seems to run smooth (just testing Computer Information right now), it writes a .ps1 file to c:\windows but I don't think that I am getting a report.zip. The .ps1 doesn't delete itself and I never get my email. Would you look at my .bin and .txt too?

Hi mate, yeah no worries. Send me the .txt, .bin and .ps1 file and i will have a look. It might also be worth launching the PowerShell.exe on your Windows box, navigating to the .ps1 file and attempting to run it from command line. That will show you if there any errors when it attempts to run.

I will be away for the weekend btw so wont be able to look until Monday.

Cheers,

411.

Edited by 411
Link to comment
Share on other sites

  • 3 weeks later...

Hi Ardetroya, sorry for not replying sooner i have only just seen this post! Do you have a copy of the properties file? I will update asap.

Thanks,

411.

Hi 411,

First ofa all sorry for my delay too... I´m a little bussy and I dind´t check the forum before. The Issues are fixed in the version 2.6.4 http://drive.google.com/#folders/0B7uVAbdkMKcXNW1KdnBrQzZtV3c (from the official rubber ducky decoder https://code.google.com/p/ducky-decode/ ) There are a couple of issues that I have to fix anyway. I will keep you update with the fixes that i have to solve.

Link to comment
Share on other sites

  • 2 weeks later...
  • 1 month later...
  • 8 months later...

Duck Toolkit v2 is now online: http://www.ducktoolkit.com

USB Rubber Ducky Toolkit

The aim of the USB Rubber Ducky Toolkit project was to create a website that would allow users to easily create payloads for the Hak5 USB Rubber Ducky that can be used within a penetration testing environment.

In order to achieve this goal the created product would include a website which would contain scripts for multiple operating systems that could be quickly and stealthily deployed against a target computer. The created scripts would fall under three categories; Reconnaissance, Exploitation and Reporting. Scripts from all three categories could be mixed together, allowing the user to create a payload suited for their situation. One of the most vital functions of the project however would not be the mixing of scripts but the reporting of information collected from the target computer. Reports would be generated containing information collected about the target computer based on the user’s selection and then delivered to the user via one of the Reporting methods. The information within these reports could range from installed software to network information, but is all designed to be useful in a penetration testing context.

All created scripts were written in PowerShell and therfore will only work against target machines with PowerShell installed (Windows 7/8, Windows Server 2008). Administrative access is also required.

List of Current Scripts

Reconnaissance Scripts

  • Computer Information
  • User Information
  • USB Information
  • Shared Drive Information
  • Program Information
  • Installed Updates
  • User Document List
  • Basic Network Information
  • Network Scan
  • Port Scan
  • Copy Wireless Profile
  • Take Screen Captures
  • Copy FireFox Profile
  • Extract SAM File

Exploitation Scripts

  • Find and Upload File (FTP)
  • Disable Firewall
  • Add User
  • Open Firewall Port
  • Start Wi-Fi Access Point
  • Share C:\ Drive
  • Enable RDP
  • Create a Reverse Shell
  • Local DNS Poisoning
  • Delete a Windows Update
  • Reporting

Reporting Scripts

  • Save Report/Files to Target Machine
  • FTP Report/Files to External Host
  • Email Report/Files to GMAIL Account
  • Save Report/Files to USB Drive

Twin Duck

  • Duck Slurp (Copy all files in users home directory)

411.

the url has expired on godaddy is there a more current location for this information?

Link to comment
Share on other sites

I am new to this. I am looking to use the Ducky Tool to create the 4 digit auto generator for Android unlock. I have tried to copy and rewrite the text into the ducky online tool but the resulting file inject does not work. I am not familiar with Bash. If someone could helo me rewrite the code so that it works in the online tool I would really appreciate the help.

Link to comment
Share on other sites

Here is the text I am using in Ducktoolkit

echo DELAY 5000 > android_brute-force_0000-9999.txt; echo {0000..9999} | xargs -n 1 echo STRING | sed '0~5 s/$/
WAIT/g' | gsed '0~1 s/$/
DELAY 1000
ENTER
ENTER/g' | gsed '0~5 s/WAIT/DELAY 5000
ENTER
DELAY 5000
ENTER
DELAY 5000
ENTER
DELAY 5000
ENTER/g' >> android_brute-force_0000-9999.txt

This is not working.

Link to comment
Share on other sites

  • 4 months later...

Sorry for the downtime everyone. The old site is now back up.

I am working on a new site and have moved the old site to a new hosting provider and have had a few issues.

Hoping to have the new site up and running by April! It will be worth the wait!

411.

Edited by 411
Link to comment
Share on other sites

Hi guys,

I'm rather new to rubber ducky.


My issues are the following:




My idea is to simply copy my pc's wifi password and save it to my ducky or send it to my gmail.


Unfortunately I can't get either of them to work I notice that the script does make a log.txt with the wifi password but it's not being saved to the rubber ducky but instead being saved to my desktop


My alternative option was to send the info to my gmail but that's not woring either.

Please note that I'm testing on Windows 10.


Is anyone else having the same issue?


thanks guys

Link to comment
Share on other sites

  • 1 month later...

Anyone else having an issue where the duck stops working after loading a script from this site? Im using c_duck_v2.1 and when i load the inject.bin onto the ducky and remove it to plug into the 'victim' machine. it flashes red once and then nothing happens. What seems to be the issue?

Link to comment
Share on other sites

  • 4 months later...
On 2/12/2016 at 7:03 PM, cheeto said:
Hi guys,

 

I'm rather new to rubber ducky.

 

 

 

My issues are the following:

 

 

 

 

 

 

My idea is to simply copy my pc's wifi password and save it to my ducky or send it to my gmail.

 

 

 

Unfortunately I can't get either of them to work I notice that the script does make a log.txt with the wifi password but it's not being saved to the rubber ducky but instead being saved to my desktop

 

 

 

My alternative option was to send the info to my gmail but that's not woring either.

 

Please note that I'm testing on Windows 10.

 

 

 

Is anyone else having the same issue?

 

 

 

thanks guys

I am also having this issue, on top of a couple others...Today I started playing with it again and I am getting errors in the target cmd

 

C:\WINDOWS\system32>ymode con:cols=14 lines=1

'ymode' is not recognized as an internal or external command,

operable program or batch file.

 

C:\WINDOWS\system32>powershell Set_ExecutionPolicy 'Unrestricted" -Scope CurrentUser -Confirm:$false

'powershell' is not recognized as an internal or external command,

operable program or batch file.

 

C:\WINDOWS\system32>powershell.exe -windowstyle hidden -file C:\Windows\config-72145.ps1

'powershell.exe' is not recognized as an internal or external command,

operable program or batch file.

 

I have used the ducky generator. my target is windows 10

Can anyone help me with this?

Link to comment
Share on other sites

Hello everyone. Sorry for the delay in replies and issues with the previous site over the past few months. 

I am happy to announce that the DuckToolkit NG is now available!

This is an entirely new version of the previous site which has been rewritten in Python/Django by myself and KevtheHermit. 

Current Features:

  • Online Encoder
  • 30+ Recon/Exploit/Reporting PowerShell scripts
  • Online Decoder
  • UK/US Language Support
  • Standalone Python Encoder/Decoder

We are working to add new languages and to implement Linux/OSX scripts in the coming weeks, however since this in an open source project please feel free to help us! If you want a certain language added then help us by writing it!

You can access the online DuckToolkit NG here:

https://www.ducktoolkit.com

You can access the standalone DuckToolkit here:

https://github.com/kevthehermit/DuckToolkit

Any issues, comments or suggestions then either post on the Disqus thread on the website or respond in this thread,

411.

Link to comment
Share on other sites

  • 2 weeks later...
On 8/26/2016 at 5:47 AM, 411Hall said:

Hello everyone. Sorry for the delay in replies and issues with the previous site over the past few months. 

I am happy to announce that the DuckToolkit NG is now available!

This is an entirely new version of the previous site which has been rewritten in Python/Django by myself and KevtheHermit. 

Current Features:

  • Online Encoder
  • 30+ Recon/Exploit/Reporting PowerShell scripts
  • Online Decoder
  • UK/US Language Support
  • Standalone Python Encoder/Decoder

We are working to add new languages and to implement Linux/OSX scripts in the coming weeks, however since this in an open source project please feel free to help us! If you want a certain language added then help us by writing it!

You can access the online DuckToolkit NG here:

https://www.ducktoolkit.com

You can access the standalone DuckToolkit here:

https://github.com/kevthehermit/DuckToolkit

Any issues, comments or suggestions then either post on the Disqus thread on the website or respond in this thread,

411.

I am still having the same issue that I was before...this page looked just like the one I used previously (just fyi)

Link to comment
Share on other sites

16 hours ago, lilfear1 said:

I am still having the same issue that I was before...this page looked just like the one I used previously (just fyi)

What Language are you using?

ymode will appear when the commands ALT y, DELAY 1000, STRING mode con:cols=14 lines=1 are not recognised. 

I have no idea why its saying PowerShell.exe isnt a valid executable. Can run it manually from Windows Key + R? 

Link to comment
Share on other sites

There's a slight bug in the copy to USB code... ( in my case RECON is my alternative USB drive)

STRING $present = Get-WMIObject Win32_Volume | ? { $_.Label -eq  RECON} | Measure

should be 

STRING $present = Get-WMIObject Win32_Volume | ? { $_.Label -eq  'RECON'} | Measure

this can be fixed by putting the destination in '' but this isn't obvious. The same applies if putting a drive letter

Edited by monkeytrumpet
more info
Link to comment
Share on other sites

18 hours ago, monkeytrumpet said:

There's a slight bug in the copy to USB code... ( in my case RECON is my alternative USB drive)

STRING $present = Get-WMIObject Win32_Volume | ? { $_.Label -eq  RECON} | Measure

should be 

STRING $present = Get-WMIObject Win32_Volume | ? { $_.Label -eq  'RECON'} | Measure

this can be fixed by putting the destination in '' but this isn't obvious. The same applies if putting a drive letter

 

All fixed now, thank you for the heads up :)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...