aideux Posted June 29, 2018 Share Posted June 29, 2018 I understand how to script payloads and write them to the Ducky, but I'm a little confused as to how to get the two payloads working using Twin Ducks. I understand that one payload would be executed when Caps Lock is active and the Ducky is inserted, while the other would work when Num Lock is active before the Ducky is inserted, but I'm unsure as to how to get the Ducky to differentiate between the two payloads. I'm assuming there are two inject.bin files that are named differently, but I would love if someone could explain this process a little further for me, as I can't seem to find any Twin Ducks documentation anywhere. Thank you! P.S. Already posted this in the Ducky GitHub, but it doesn't really look like the "Issues" tab gets much activity, so I thought I'd post here too. Just for anyone wondering why I didn't start there. Quote Link to comment Share on other sites More sharing options...
aideux Posted July 2, 2018 Author Share Posted July 2, 2018 Can no one really help me with this? Quote Link to comment Share on other sites More sharing options...
Just_a_User Posted July 2, 2018 Share Posted July 2, 2018 On 6/29/2018 at 2:17 PM, aideux said: I understand that one payload would be executed when Caps Lock is active and the Ducky is inserted, while the other would work when Num Lock is active before the Ducky is inserted Im not sure thats the case, i think its payload one when cps/num/scroll lock are pressed and GPIO button for payload two? I think the term twin duck refers more to Storage and Payload. Maybe im wrong someone will correct me. but its worth searching the forums for more info - like the below Quote Link to comment Share on other sites More sharing options...
aideux Posted July 2, 2018 Author Share Posted July 2, 2018 3 hours ago, Just_a_User said: Im not sure thats the case, i think its payload one when cps/num/scroll lock are pressed and GPIO button for payload two? I think the term twin duck refers more to Storage and Payload. Maybe im wrong someone will correct me. but its worth searching the forums for more info - like the below What do I need to name the payloads, and is the setup any different, or is it like “inject.bin” and “inject2.bin”. Thanks :) Quote Link to comment Share on other sites More sharing options...
Just_a_User Posted July 2, 2018 Share Posted July 2, 2018 (edited) 1 hour ago, aideux said: What do I need to name the payloads, and is the setup any different, or is it like “inject.bin” and “inject2.bin”. Thanks ? its in here ? https://github.com/hak5darren/USB-Rubber-Ducky/blob/master/Firmware/Source/Composite_Duck - Multi/src/main.c Maybe its always GPIO button but payload1 if caps on and payload2 if not? Edited July 2, 2018 by Just_a_User Quote Link to comment Share on other sites More sharing options...
aideux Posted July 2, 2018 Author Share Posted July 2, 2018 1 hour ago, Just_a_User said: its in here ? https://github.com/hak5darren/USB-Rubber-Ducky/blob/master/Firmware/Source/Composite_Duck - Multi/src/main.c Maybe its always GPIO button but payload1 if caps on and payload2 if not? Hm I see that. Looks like it is "inject.bin" and "inject2.bin". Also, num lock would affect payload 1 and caps would initiate payload 2? This block of code makes me think that: void ui_kbd_led(uint8_t value) { if(!in_affect){ //this is called when LEDs CAPS LCK, NUM LCK change if (value & HID_LED_NUM_LOCK) { // Here, turn on Num LED LED_On( LED1 ); in_affect=true; //use injectarray state = state_START_INJECT; } else{ // Here, turn off Num LED LED_Off( LED1 ); } if (value & HID_LED_CAPS_LOCK) { // Here, turn on CAPS LED LED_On( LED0 ); in_affect=true; //use injectarray2 for (int c=0;c<(sizeof(inject_array2));c++){ inject_array[c]=inject_array2[c]; } state = state_START_INJECT; } else{ // Here, turn off CAPS LED LED_Off( LED0 ); } } } I haven't written in C in a while, though, so I'm not sure if injectarray = inject.bin / injectarray2 = inject2.bin. Can anyone confirm? Also, does the key (caps lock or num lock) need to be active for the payload to work, or does one put the ducky in first, and then press the corresponding button? I'm not with it right now, or I would test this, but I'd love to know from someone more knowledgeable. Quote Link to comment Share on other sites More sharing options...
Just_a_User Posted July 2, 2018 Share Posted July 2, 2018 21 minutes ago, aideux said: Also, num lock would affect payload 1 and caps would initiate payload 2? This block of code makes me think that: Yes thats looks good to me Quote Link to comment Share on other sites More sharing options...
aideux Posted July 2, 2018 Author Share Posted July 2, 2018 57 minutes ago, Just_a_User said: Yes thats looks good to me Okay, do you know if the key (caps or num) needs to be pressed prior to ducky insertion, or if you insert the ducky and then press the key? Quote Link to comment Share on other sites More sharing options...
Just_a_User Posted July 2, 2018 Share Posted July 2, 2018 (edited) 1 hour ago, aideux said: Okay, do you know if the key (caps or num) needs to be pressed prior to ducky insertion, or if you insert the ducky and then press the key? As it seems to be looking for the gpio button push im guessing it can be inserted, key pressed then gpio to run script. // injection state machine switch(state) { case state_IDLE: // check switch in_affect=false; LED_Off(LED1); if( gpio_get_pin_value(GPIO_JOYSTICK_PUSH) == GPIO_JOYSTICK_PUSH_PRESSED ) { // debounce if( debounce == 0 ) { state = state_START_INJECT; Maybe wrong tho Edited July 2, 2018 by Just_a_User Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.