DemonicMooCow Posted August 20, 2013 Share Posted August 20, 2013 Hi, I've a newbie when it comes to the duck and I've had some success getting some of my scripts to work but I haven't yet been able to make the ducky work with the SYSTEM_POWER of the SYSTEM_SLEEP as defined in the keyboard.properties. Are these command supported by the ducky? Thanks Quote Link to comment Share on other sites More sharing options...
no42 Posted August 20, 2013 Share Posted August 20, 2013 It might depend on the keyboard, if you have power keys; this will then be dependant on a VID and PID combination. I dont have once of these special keyboards, and cant comment. If Dnucna is still on here, maybe he can answer the question, as he build that original keyboard.properties file. Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted August 20, 2013 Share Posted August 20, 2013 I do recall when developing duckyscript running into these key combos, but I can't recall the hex values. They weren't incorporated however that isn't to say they couldn't be added. If you open an inject.bin in a hex editor it'll start to make sense - modifier followed by key. 00 is no modifier. I believe the scancode for sleep is E0 5F or E0 3F. http://www.quadibloc.com/comp/scan.htm Quote Link to comment Share on other sites More sharing options...
DemonicMooCow Posted August 21, 2013 Author Share Posted August 21, 2013 Thanks for the tips guys but I still couldn't get it to work unfortunately. I tried changing the VID & PID to match a keyboard that I know has a sleep button and I tried the E0 5F and E0 3F scan codes by hexeditting but that didn't work either. The E0 5F and E0 3F scancodes appear to be PS/2 scancodes. I did come checking up and found this PDF (http://www.hiemalis.org/~keiji/PC/scancode-translate.pdf) and what I noticed is that all the common USB HID scan codes are under the HID Usage Page 07 and that the System Power, System Sleep and System Wake are all under the HID Usage Page 01. Is there a was to instruct the Ducky to use a different HID Usage page? Thanks again for your help! Quote Link to comment Share on other sites More sharing options...
no42 Posted August 21, 2013 Share Posted August 21, 2013 If you have those keys on a usb keyboard, its easy to use a usb sniffer to capture those keys - then we can look at reversing them and getting them functional within the Ducky code. Quote Link to comment Share on other sites More sharing options...
overwraith Posted August 21, 2013 Share Posted August 21, 2013 Do media keys like play, stop, forward backward, and audio up and down work the same way? I got a Logitech G15. Quote Link to comment Share on other sites More sharing options...
no42 Posted August 22, 2013 Share Posted August 22, 2013 Honestly, no idea? Thats why I break out the USB sniffer to find out; but all my keyboards are standard 102/104 - no media keys. Quote Link to comment Share on other sites More sharing options...
DemonicMooCow Posted August 26, 2013 Author Share Posted August 26, 2013 Sorry for the delay, I tried using a software Scancode sniffer in Win 7 but it was unable to sniff the Sleep key. I wonder is a sniffer in Linux would be more affective. Could you suggest one? I'm really thinking that the USB HID Usage Page may have something to do with it. Does the ducky allow the use of HID Usage pages other than 07 or is that hard coded? Thanks, Quote Link to comment Share on other sites More sharing options...
no42 Posted August 26, 2013 Share Posted August 26, 2013 Windows: USBlyzer, Busdog Linux: Wireshark (yes, it has USB support in the later versions >libpcap-1.0.0) Quote Link to comment Share on other sites More sharing options...
DemonicMooCow Posted August 26, 2013 Author Share Posted August 26, 2013 Thanks! I'll try to have the results for tomorrrow. Quote Link to comment Share on other sites More sharing options...
DemonicMooCow Posted August 27, 2013 Author Share Posted August 27, 2013 I used USBlyzer The keyboard shows up as 3 devices but the one that reported the sleep scancode was called "HID-compliant consumer control device". I tried to attach the CSV file but it says I'm not permitted. Here's the CSV data from USBlyzer (I'm not sure it this is what you need)" I pressed the sleep button twice. Seq 0002-0003 is for the first time I pressed it and 0004-0007 is for the second time I pressed it. ----- USBlyzer ReportCapture ListType,Seq,Time,Elapsed,Duration,Request,Request Details,Raw Data,I/O,C:I:E,Device Object,Device Name,Driver Name,IRP,StatusSTART,0001,8:28:40.209,,,,,,,,,,,,URB,0002,8:28:41.910,1.687732 s,,Bulk or Interrupt Transfer,3 bytes buffer,,in,01:01:82,FFFFFA801A7121B0h,00000104,usbccgp,FFFFFA801A6F4A80h,URB,0003,8:28:42.268,2.055734 s,,Bulk or Interrupt Transfer,3 bytes buffer,,in,01:01:82,FFFFFA801A7121B0h,00000104,usbccgp,FFFFFA801A5D4BD0h,URB,0004-0002,8:28:47.053,6.840020 s,5.152288 s,Bulk or Interrupt Transfer,Input Report id:2 len:2,02 02,in,01:01:82,FFFFFA801A7121B0h,00000104,usbccgp,FFFFFA801A6F4A80h,Success (Success),02 02URB,0005,8:28:47.053,6.840039 s,,Bulk or Interrupt Transfer,3 bytes buffer,,in,01:01:82,FFFFFA801A7121B0h,00000104,usbccgp,FFFFFA801A6F4A80h,URB,0006-0003,8:28:47.193,6.984012 s,4.928278 s,Bulk or Interrupt Transfer,Input Report id:2 len:2,02 00,in,01:01:82,FFFFFA801A7121B0h,00000104,usbccgp,FFFFFA801A5D4BD0h,Success (Success),02 00URB,0007,8:28:47.193,6.984018 s,,Bulk or Interrupt Transfer,3 bytes buffer,,in,01:01:82,FFFFFA801A7121B0h,00000104,usbccgp,FFFFFA801A5D4BD0h,This report was generated by USBlyzer http://www.usblyzer.com/------ If you need the .ulz file, please let me know and I'll send it to you. Thanks again for your help. Quote Link to comment Share on other sites More sharing options...
no42 Posted August 27, 2013 Share Posted August 27, 2013 ok, the raw data for the sleep code is "03 82" but can you sniff the entire conversation... start sniffer, insert keyboard, push A (5x), then sleep (3x), then stop the sniffer - just want to check the HID report packets (these contain the Page number etc). Thanks Snake Quote Link to comment Share on other sites More sharing options...
DemonicMooCow Posted August 27, 2013 Author Share Posted August 27, 2013 Thanks, PM send with updated .ulz Quote Link to comment Share on other sites More sharing options...
no42 Posted August 27, 2013 Share Posted August 27, 2013 right the code is definitely "03 82" however, its being transmitted on a second endpoint. Its going to take a bit of time, and analysis to figure out this endpoint is setup, it also means a firmware modification and a possible subsequent encoder mod (so the ducky knows it needs to swap endpoints) What is an endpoint? Think of it as a port or communication channel, you define EndPoints (EP) for different applications or communication flow; 1xEP = Keyboard (Ducky.hex), 2xEP= Keyboard & Mass Storage (Twin Ducky uses this!) Quote Link to comment Share on other sites More sharing options...
DemonicMooCow Posted August 27, 2013 Author Share Posted August 27, 2013 Thanks, Unfortunately, I'm not a programmer but I could help by scanning the remaining media keys that are on that other endpoint (Volume Up, Volume Down, Mail, Calculator etc) and give you the scancodes. Quote Link to comment Share on other sites More sharing options...
no42 Posted August 27, 2013 Share Posted August 27, 2013 That would be useful thanks Quote Link to comment Share on other sites More sharing options...
DemonicMooCow Posted January 21, 2014 Author Share Posted January 21, 2014 Midnite, I know you're very busy but I was wondering if any progress has been made for this new feature request? Thanks, Demonic Quote Link to comment Share on other sites More sharing options...
no42 Posted January 22, 2014 Share Posted January 22, 2014 I've had very little down time :( but its still on my todo list . Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.