Jump to content

Creating your own rubber ducky


Mother

Recommended Posts

What I am trying to accomplish is deploying about 15-20 usb sticks around the offices and want to test users to see if they just plug them in. The issue is I do not want to purchase 15-20 Rubber Duckies and end up loosing half of them. I was thinking of creating some malicious pdf, excel, doc, or image and seeing who actually plugs the usb in and opens the file. Does anyone have any ideas on how to perform this? I do have working powershell scripts that connect to my MSF handler successfully but not sure how to hide the code into something else.

Thanks in advance

Link to comment
Share on other sites

If you intended to put malicious files onto the stick, they don't need to be rubber duckies, they can be ordinary usb sticks.

But if you want to know who plugs it in but then decides not to open anything, yeah you need a ducky. 

You say you don't know how to hide your powershell code, well you need to use duckyscript. 

Link to comment
Share on other sites

couldnt you just use regular usb and put a funny picture on it with some code hidden in it?  They open the pic and the code executes.

Link to comment
Share on other sites

Youtube, Ive use steghide in kali to hide messages in images but I don't know how to make an executable in an image.  Also i bet there is something on ExpoitDB that you could use to help depending on the OS.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...