KSI_Syn Posted May 4, 2014 Share Posted May 4, 2014 So I was working on some powershell-Fu for a customer to restrict e-mails with specific keywords in the e-mail body or subject line from being delivered to a mobile device. In this effort I developed a script that creates hidden rules in exchange that are unable to be detected in the exchange management shell by an admin or in microsoft Outlook by the user. I also wrote a second tool to detect view and delete these hidden rules. What I would like to do is adapt this for the USB Ducky where when the duck is inserted it runs a script that injects a hidden mailbox rule that will auto forward all e-mails received by the user to a specified account. The difficulty here is that the script requires a dll that extends the standard MAPI32.dll that comes with Outlook or the MAPI CDO installer. I am looking for suggestions on the best way to approach getting the dll on the system during the duck script execution. I am considering the Twin Duck firmware ( HID + Mass Storage ) option to see if i could copy the dll to a tmp folder prior to running the script and if i were to do that i would also like to copy the ps1 file so i would just open powershell copy the 2 files to tmp launch the Ps1 from tmp dir and then delete the dir and walk off. any suggestions would be welcome Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.