Jump to content

Fastest way to deploy an exe (do not need UAC bypass)

Recommended Posts


I have been searching the forums, and have been playing around with the basic 'Start cmd -> Mount DUCKY drive -> execute payload' scripts.

The mounting portion of the script is all done silently, however the start CMD and deploying the diskpart commands that create a lot of noise, and require the exploitee to not touch anything or it will interrupt the script.

Perhaps I need to do more searching, but offhand, does anyone have a way of deploying an exe ASAP once the drive is inserted? Preferably something that will not require no action in order to deploy correctly.

It doesn't even have to be deployed from the USB Ducky, I could use a GET request, I just would like to know the most silent, fast way of achieving this.

Here is the script I am using:



Link to comment
Share on other sites

There's an old wmic command you might be able to replace the diskpart line with, and that way I don't think it would require admin privileges.

for /f %d in ('wmic volume get driveletter^, label ^| findstr "DUCKY"') do set myd=%d

I used to think that the diskpart one was superior, but quickly changed my mind when I found out it was an admin tool.

You might also try replacing variable names with single letter aliases to reduce the amount of typing. Another thing you could try is going completely VB, and that way you would cut down on the number of files.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...