rger Posted October 30, 2015 Posted October 30, 2015 I have a serious problem, I would like to generate a script that takes control of your computer remotely. I do not know where to start. I know that I can do this, use rubber ducky. I would like to get a connection at all times and be able to control your computer. Please help in this task Quote
bored369 Posted October 30, 2015 Posted October 30, 2015 I think I'd prefer to stay in control of my computer... But if you want to get that setup with another computer that you have permission to do such a thing to (you won't get help performing illegal activities here), your best place to "start" is the Wiki for the rubber ducky here: http://usbrubberducky.com/#!resources.mdI think in the Duck Toolkit there are some things to enable remote desktop (haven't tried them myself). But I think the Lan Turtle would be more appropriate for this type of situation (the legal one that is). You can check out what it can do on it's wiki here: http://lanturtle.com/wiki/#!index.md Quote
Metalhedzor Posted October 30, 2015 Posted October 30, 2015 (edited) Do you have any programming background? Maybe you should use a computer in your network you have permission to "take control" of. Are you using Kali? Ubuntu? Are you using linux at all? The one thing I can say is somebody could give you a step by step instruction manual for you to follow and yeah, you might be able to open up a meterpreter session on a remote computer. But the difference is that you won't understand WHY it works thus, nothing is learned. Along with anything you learn, understanding what your doing is 3/4 of the battle. I do not know where to start Well, here's a good place. https://forums.hak5.org/index.php?/topic/913-hacking-where-to-begin/ Edited October 30, 2015 by Metalhedzor Quote
cooper Posted October 30, 2015 Posted October 30, 2015 Basically, provide a bit more context. Where is this computer located? By which I mean do you have physical access to it or only over the network (use of a ducky implies the former). You want to "control" is. What, specifically, would you like to make it do? Move the mouse? Enter text on the screen without actually being behind the keyboard? Run programs in the background without the person behind the system knowing you started them? Throw us a bone here. Quote
digip Posted October 30, 2015 Posted October 30, 2015 Here are some tutorials ot get you started - Quote
Metalhedzor Posted October 30, 2015 Posted October 30, 2015 Here are some tutorials ot get you started - https://www.youtube.com/watch?v=KEkrWRHCDQU I never knew they branched off Kung Fury and I'm so happy they did. Quote
rger Posted October 31, 2015 Author Posted October 31, 2015 I would like to browse files , folders, copy programs without the user's knowledge , the computer can be anywhere , whether such detailed enough? i tested meterpreter and my antivirus detected it , otherwise meterpreter after the disengagement does not connect back to victim's computer Quote
cooper Posted November 2, 2015 Posted November 2, 2015 Okay, so you can access the machine via the network, there is an exploitable service or something active on the remote machine and you're able to exploit this using metasploit but the remote machine's AV detects the payload and prevents it from working its magic. Chances are if it didn't you'd be set. You could verify this by simply disabling AV for now (one step at a time and all). Did you try to obfuscate the payload in any way? See this for a more detailed description (AV may have caught up with this by now, but google should provide you plenty of alternatives if that is in fact the case). Quote
rger Posted November 2, 2015 Author Posted November 2, 2015 someone tried using powershell? I think this is a way to bypass AV. How to create persistence connection? Quote
cooper Posted November 2, 2015 Posted November 2, 2015 You can't reach powershell until you get your session going and from what I can tell your payload that would provide you with this session is getting killed by the AV. In other words, you're not working on solving your actual problem, or I'm misunderstanding where you currently stand. Quote
0phoi5 Posted December 10, 2015 Posted December 10, 2015 If you are unable to; target a machine using it's IP and Metasploit with all attempts failing due to AV and you are unable to shut down their AV (you probably could, but it doesn't sound like you've read much in to it) then I would suggest targeting the user of the machine, rather than the machine itself. I.e: A malicious file. This will go past the AV software if the user is silly enough to open it. The most vulnerable part of any system is the Human part. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.