JakeT69 Posted April 9, 2015 Share Posted April 9, 2015 Hi Guys, I've used the Run Payload exe from sd by overwraith (https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payload---runexe-from-sd) but It gets stuck on USB Diskpart. Also just to make sure I'm doing it right, am I correct in thiking that I just chage the " HelloWorld.exe" to my payload.exe? thanks guys. Quote Link to comment Share on other sites More sharing options...
overwraith Posted April 10, 2015 Share Posted April 10, 2015 (edited) Diskpart does not work correctly on machines which are not running as administrator. There are about 2 or 3 different methods of parsing the attached drives on a system, they all should be out there on the website you link to. REM The highly specific and in my opinion better version. for /f %%d in ('wmic volume get driveletter^, label ^| findstr "DUCKY"') do set myd=%%d REM A simple example of a more brute force approach, will work every time. You need to modify. for %%d in (A, B, C) do echo %d:\ You may need to do a little modification, but here is where you start, and provided you look at some of the examples on the ducky payloads page you should be able to hash it out. When learning batch just remember, one % is in the regular command prompt, two %% is in a batch file, ! is used when you reference a variable twice in a specific statement and you have enabled delayed expansion. One technique for not having to get the drive's label is to place a file or folder on the ducky and see if it exists. Just found this today; http://stackoverflow.com/questions/8649934/how-to-read-the-label-of-a-drive-or-volume-in-a-batch-file Edited April 10, 2015 by overwraith Quote Link to comment Share on other sites More sharing options...
overwraith Posted April 19, 2015 Share Posted April 19, 2015 I am looking at alternative ways of iterating over ducky drives, check out this in the ducky forum. Remember, I haven't had time to debug yet. https://forums.hak5.org/index.php?/topic/35074-looking-at-the-for-loops-again/#entry260225 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.