Mother Posted July 13, 2016 Share Posted July 13, 2016 What I am trying to accomplish is deploying about 15-20 usb sticks around the offices and want to test users to see if they just plug them in. The issue is I do not want to purchase 15-20 Rubber Duckies and end up loosing half of them. I was thinking of creating some malicious pdf, excel, doc, or image and seeing who actually plugs the usb in and opens the file. Does anyone have any ideas on how to perform this? I do have working powershell scripts that connect to my MSF handler successfully but not sure how to hide the code into something else. Thanks in advance Quote Link to comment Share on other sites More sharing options...
kerravon Posted July 15, 2016 Share Posted July 15, 2016 have you seen this, it may help http://www.ebay.co.uk/itm/162125861584?ssPageName=STRK:MESELX:IT&_trksid=p3984.m1555.l2649 kerravon :) Quote Link to comment Share on other sites More sharing options...
Guest Posted July 15, 2016 Share Posted July 15, 2016 If you intended to put malicious files onto the stick, they don't need to be rubber duckies, they can be ordinary usb sticks. But if you want to know who plugs it in but then decides not to open anything, yeah you need a ducky. You say you don't know how to hide your powershell code, well you need to use duckyscript. Quote Link to comment Share on other sites More sharing options...
b0N3z Posted July 17, 2016 Share Posted July 17, 2016 couldnt you just use regular usb and put a funny picture on it with some code hidden in it? They open the pic and the code executes. Quote Link to comment Share on other sites More sharing options...
Mother Posted July 18, 2016 Author Share Posted July 18, 2016 Any tutorials on how to hide code in a picture? 2 hours ago, b0N3z said: couldnt you just use regular usb and put a funny picture on it with some code hidden in it? They open the pic and the code executes. Quote Link to comment Share on other sites More sharing options...
b0N3z Posted July 25, 2016 Share Posted July 25, 2016 Youtube, Ive use steghide in kali to hide messages in images but I don't know how to make an executable in an image. Also i bet there is something on ExpoitDB that you could use to help depending on the OS. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.