bg-wa Posted March 29, 2017 Share Posted March 29, 2017 (edited) I'm having trouble getting the following the key combo to work: Left SHIFT + Left ALT + NUMLOCK If I press these keys manually at the end of my payload I have mouse control with the keyboard on windows... https://github.com/bg-wa/bashbunny-payloads/blob/windows_mouse_control/payloads/library/windows_mouse_control/payload.txt I have tried the commands in different orders, and the ALT-SHIFT variation. Edited March 29, 2017 by bg-wa Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted March 29, 2017 Share Posted March 29, 2017 What I would do to debug it is this: Remove the hidden window style so you can see what is going on, and remove the ErrorAction SilentlyContinue parameters as well so you can see the actual error that is happening. It could be you mistyped one of the strings or it could be you aren't accessing the right Control Panel area. Could be anything. Just allow yourself to see any errors and make sure it is all working first before you hide everything. Quote Link to comment Share on other sites More sharing options...
bg-wa Posted March 29, 2017 Author Share Posted March 29, 2017 Hi Dave, I've checked the registry entries and all edits are successfully being changed. Just this one key combo is not being sent correctly. For PR simplicity, I've removed my debugging helpers but I know the script succeeds at all points ACCEPT sending the above key combo. https://github.com/bg-wa/bashbunny-payloads/blob/develop/payloads/library/bunny_debug_helpers.sh Quote Link to comment Share on other sites More sharing options...
bg-wa Posted March 29, 2017 Author Share Posted March 29, 2017 It would also be nice to hold down a key (numpad) to take advantage to the mouse acceleration property if anyone knows if that is possible!! Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted March 29, 2017 Share Posted March 29, 2017 I wonder if you can execute two QUACKs one after the other and still register them as one combo? E.g. QUACK ALT QUACK SHIFT NUMLOCK Also, do you know if NUMLOCK is the correct term? Another thing as well, maybe try quoting the whole 3 terms, because it might not like all 3. Quote Link to comment Share on other sites More sharing options...
bg-wa Posted March 29, 2017 Author Share Posted March 29, 2017 (edited) Got it form here: wondering if I need to add another command to my json file.... Should that process be scripted or submitted in a PR? @elkentaro any insight? Edited March 29, 2017 by bg-wa Quote Link to comment Share on other sites More sharing options...
bg-wa Posted March 29, 2017 Author Share Posted March 29, 2017 (edited) @Dave-ee Jones I'm sure ours are the same, as I have not modified mine. I'm wondering if I need to create a new "ALT SHIFT NUMLOCK" command, or if I can accomplish this task with the existing keyboard methods. Edited March 29, 2017 by bg-wa Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted March 29, 2017 Share Posted March 29, 2017 Just now, bg-wa said: @Dave-ee Jones I'm sure ours are the same, as I have not modified mine. I'm wondering if I need to create a new "CTRL SHIFT NUMLOCK" command, or if I can accomplish this task with the existing keyboard methods. I see no reason why it wouldn't work Quote Link to comment Share on other sites More sharing options...
elkentaro Posted March 29, 2017 Share Posted March 29, 2017 (edited) 45 minutes ago, bg-wa said: Got it form here: wondering if I need to add another command to my json file.... Should that process be scripted or submitted in a PR? @elkentaro any insight? I'll have to look into it. The key would be to find out the byte array written to the /dev/hidg0 , in the ducky.py script . I'll take a look after I get done with some job-work. Although I suspect that if you add ["ALT-SHIFT-NUMLOCK " :"06,00,53"] to your language.json file it might work. Given that Alt-Shift is the modifier key code "06,00,00" and hence you would only need to add the num lock key to the modifier. Edited March 30, 2017 by elkentaro 1 Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted March 30, 2017 Share Posted March 30, 2017 (edited) 36 minutes ago, elkentaro said: I'll have to look into it. The key would be to find out the byte array written to the /dev/hidg0 , in the ducky.py script . I'll take a look after I get done with some job-work. Although I suspect that if you add ["ALT-SHIFT-NUMLOCK " :"06,00,53"] to your language.json file it might work. Given that Alt-Shift is the modifier key code "06,00,00" and hence you would only need to add the num lock key to the modifier. That would probably work. Edited March 30, 2017 by Dave-ee Jones Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.