KSEC ARK Posted July 6, 2018 Share Posted July 6, 2018 (edited) Hello Everyone, Were creating an updated fork of the Rubber Ducky repo on github https://github.com/KCSEC/USB-Rubber-Ducky Toolkit changes so far * Updated Ducky-Flasher * Firmware version list & Infomation * KCSEC fodhelper UAC bypass to Meterpreter payloads (TwinDuck+TwinDuck Special 2) * KCSEC fodhelper UAC Bypass to Empire Launchers (TwinDuck+TwinDuck Special 2) In Development *Twin Ducky Specific Payloads for local exfiltration * 2018 working payload list for windows 10 - MimiKatz - KeyLogger * 2018 working payload list for windows 7 Want to request a payload idea ? Feel free to comment or post for any payload ideas Edited July 16, 2018 by KCSEC Updated 2 Quote Link to comment Share on other sites More sharing options...
KSEC ARK Posted July 7, 2018 Author Share Posted July 7, 2018 Added new and working with the latest windows 10 Fodhelper UAC bypass to execute meterpreter reverse shell. This Rubber ducky module for TwinDuck Special 2 .... Will released a standard twinDuck version 2 soon. https://github.com/KCSEC/USB-Rubber-Ducky/tree/master/KCSEC-Payloads/fodhelper-UAC-Metashell--TwinDuck-special2 ** Key info ** * Twin Duck Special 2 required (See Ducky Flasher OR Firmware list) * Drive must be called KCSEC to work (Can be changed in ducky code) * meterpreter-32.ps1 Must be changed to have the right IP/Port * Ducky_code.txt shows inject.bin decoded (Not needed for setup) ** Explaination ** Ducky commands runs a hidden powershell calling the fod.ps1 This bypasses UAC and runs the metasploit shell with admin rights without a UAC prompt Quote Link to comment Share on other sites More sharing options...
KSEC ARK Posted July 7, 2018 Author Share Posted July 7, 2018 Added new and working with the latest windows 10 Fodhelper UAC bypass to execute meterpreter reverse shell. This Rubber ducky module for TwinDuck original https://github.com/KCSEC/USB-Rubber-Ducky/tree/master/KCSEC-Payloads/fodhelper-UAC-Metashell--TwinDuck-Orginal Fodhelper bypass to Metasploit reverse shell ** Key info ** * Twin Duck orginal required (See Ducky Flasher OR Firmware list) * This version has a delay added to allow the USB Storage to mount * Drive must be called KCSEC to work (Can be changed in ducky code) * meterpreter-32.ps1 Must be changed to have the right IP/Port * Ducky_code.txt shows inject.bin decoded (Not needed for setup) ** Explaination ** Ducky commands runs a hidden powershell calling the fod.ps1 This bypasses UAC and runs the metasploit shell with admin rights without a UAC prompt Quote Link to comment Share on other sites More sharing options...
KSEC ARK Posted July 7, 2018 Author Share Posted July 7, 2018 Added new and working with the latest windows 10 Fodhelper UAC bypass to execute Empire Launcher. https://github.com/KCSEC/USB-Rubber-Ducky/tree/master/KCSEC-Payloads ** FOR BOTH TWIN DUCK/SPECIAL 2 ** Fodhelper bypass to Empire Launcher ** Key info ** * Twin Duck Special 2 required (See Ducky Flasher OR Firmware list) * This version has a delay added to allow the USB Storage to mount * Drive must be called KCSEC to work (Can be changed in ducky code) * Empire-launcher.ps1 Must be changed to have the right IP/Port * Ducky_code.txt shows inject.bin decoded (Not needed for setup) ** Explaination ** Ducky commands runs a hidden powershell calling the fod.ps1 This bypasses UAC and runs the Empire Launcher with admin rights without a UAC prompt More info on fodhelper UAC bypass here https://pentestlab.blog/tag/fodhelper/ Quote Link to comment Share on other sites More sharing options...
KSEC ARK Posted July 12, 2018 Author Share Posted July 12, 2018 Added updated and easier to read readme.txt - Added categories KCSEC Ducky-Payloads KCSEC Ducky-Payloads To Host-Payloads Packages Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.