Jump to content
Hak5 Forums
Sign in to follow this  
KCSEC

KCSEC - Rubber Ducky 2018 Pentesting Toolkit

Recommended Posts

Posted (edited)

Hello Everyone,

 

Were creating an updated fork of the Rubber Ducky repo on github

 

https://github.com/KCSEC/USB-Rubber-Ducky

 

Toolkit changes so far

* Updated Ducky-Flasher

* Firmware version list & Infomation

* KCSEC fodhelper UAC bypass to Meterpreter payloads (TwinDuck+TwinDuck Special 2)

* KCSEC fodhelper UAC Bypass to Empire Launchers  (TwinDuck+TwinDuck Special 2)

 

 

In Development 

*Twin Ducky Specific Payloads for local exfiltration 

* 2018 working payload list for windows 10

- MimiKatz

- KeyLogger

* 2018 working payload list for windows 7

 

Want to request a payload idea ?

 

Feel free to comment or post for any payload ideas 

 

Edited by KCSEC
Updated
  • Like 2

Share this post


Link to post
Share on other sites

Added new and working with the latest windows 10 Fodhelper UAC bypass to execute meterpreter reverse shell.

This Rubber ducky module for TwinDuck Special 2 .... Will released a standard twinDuck version 2 soon.

https://github.com/KCSEC/USB-Rubber-Ducky/tree/master/KCSEC-Payloads/fodhelper-UAC-Metashell--TwinDuck-special2

 

** Key info **

* Twin Duck Special 2 required (See Ducky Flasher OR Firmware list)
* Drive must be called KCSEC to work (Can be changed in ducky code)
* meterpreter-32.ps1 Must be changed to have the right IP/Port
* Ducky_code.txt shows inject.bin decoded (Not needed for setup)


** Explaination **

Ducky commands runs a hidden powershell calling the fod.ps1
This bypasses UAC and runs the metasploit shell with admin rights without a UAC prompt

Share this post


Link to post
Share on other sites

Added new and working with the latest windows 10 Fodhelper UAC bypass to execute meterpreter reverse shell.

This Rubber ducky module for TwinDuck original 

https://github.com/KCSEC/USB-Rubber-Ducky/tree/master/KCSEC-Payloads/fodhelper-UAC-Metashell--TwinDuck-Orginal

Fodhelper bypass to Metasploit reverse shell

** Key info **

* Twin Duck orginal required (See Ducky Flasher OR Firmware list)
* This version has a delay added to allow the USB Storage to mount
* Drive must be called KCSEC to work (Can be changed in ducky code)
* meterpreter-32.ps1 Must be changed to have the right IP/Port
* Ducky_code.txt shows inject.bin decoded (Not needed for setup)


** Explaination **

Ducky commands runs a hidden powershell calling the fod.ps1
This bypasses UAC and runs the metasploit shell with admin rights without a UAC prompt

Share this post


Link to post
Share on other sites

Added new and working with the latest windows 10 Fodhelper UAC bypass to execute Empire Launcher.

https://github.com/KCSEC/USB-Rubber-Ducky/tree/master/KCSEC-Payloads

** FOR BOTH TWIN DUCK/SPECIAL 2 **

Fodhelper bypass to Empire Launcher

** Key info **

* Twin Duck Special 2 required (See Ducky Flasher OR Firmware list)
* This version has a delay added to allow the USB Storage to mount
* Drive must be called KCSEC to work (Can be changed in ducky code)
* Empire-launcher.ps1 Must be changed to have the right IP/Port
* Ducky_code.txt shows inject.bin decoded (Not needed for setup)


** Explaination **

Ducky commands runs a hidden powershell calling the fod.ps1
This bypasses UAC and runs the Empire Launcher with admin rights without a UAC prompt

More info on fodhelper UAC bypass here https://pentestlab.blog/tag/fodhelper/

Share this post


Link to post
Share on other sites

Added updated and easier to read readme.txt 

 

- Added categories 

KCSEC Ducky-Payloads
KCSEC Ducky-Payloads To Host-Payloads Packages

 

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×