Jump to content

Recommended Posts

Posted (edited)

Hello,

I took the wordlist from this talk at Defcon: https://www.defcon.org/html/defcon-21/dc-21-speakers.html#Engler where he generated a really great PIN wordlist. I took the wordlist and converted it into Rubber Ducky payload format for you guys.

Get the payload here: http://pastebin.com/eBEuprfX

Here's the PHP file hacked together to generate the Android payloads: http://pastebin.com/t0jqnbC4

(Syntax is "php generator.php inputfile.txt" and it'll output a script to use for your payloads!)

-mandatory

Edited by mandatory
  • 3 weeks later...
  • 3 months later...
Posted

I tried this and noticed that some devices take a 30 seconds break after 5 attempts. Ducky is not aware of that and keeps sending codes, and these codes are not executed. So after 5 attempts there must be a wait for 30 seconds or more build in the script.

The double enter is also not needed but only after 5 attempts to klick the warning away.

The changed script can be found here:

http://pastebin.com/4x53pkya

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...