Exmix Posted April 28, 2019 Share Posted April 28, 2019 So I'm in a cyber security class and I want to demo how to not just plug in any flash drive you find and not to leave your machine open/unattended. I want to see if it's possible with a big enough SD card, to check what OS the system is on/running, and exfil user data to the micro SD Card, such as a users Documents on Windows, Mac, and/or Linux. Since they do have different paths, I'd like to have it know which OS it's on so the path is correct. After talking with a friend we decided this could be a lot easier in Python which got me curious if this is possible. tl:dr So long story short, I'm curious if it's possible to run a python script from my Ducky, without python being installed on the host machine, since most normal users won't have python installed. Quote Link to comment Share on other sites More sharing options...
handletwo0nne Posted April 29, 2019 Share Posted April 29, 2019 Ducky would open the command line that could run python as a two step. exfil WRITE python.py file RUN python.py Quote Link to comment Share on other sites More sharing options...
uintdev Posted May 4, 2019 Share Posted May 4, 2019 For what you are wanting to do, as far as I am aware, it would not be possible on the USB Rubber Ducky. It uses HID. It can use mass storage as well if you program the device with the Twin Duck firmware but the data transfer will be very slow and there would still be no way of detecting all major desktop platforms. Using a Bash Bunny would be ideal as that would allow you to determine the platform used (USB Ethernet & nmap) and quickly exfiltrate user data via mass storage in the same script (either by using HID to issue copy commands or setting up a hidden reverse shell that would then be interacted with via USB Ethernet and netcat). Quote Link to comment Share on other sites More sharing options...
Exmix Posted May 28, 2019 Author Share Posted May 28, 2019 On 5/3/2019 at 10:34 PM, NodePoint said: For what you are wanting to do, as far as I am aware, it would not be possible on the USB Rubber Ducky. It uses HID. It can use mass storage as well if you program the device with the Twin Duck firmware but the data transfer will be very slow and there would still be no way of detecting all major desktop platforms. Using a Bash Bunny would be ideal as that would allow you to determine the platform used (USB Ethernet & nmap) and quickly exfiltrate user data via mass storage in the same script (either by using HID to issue copy commands or setting up a hidden reverse shell that would then be interacted with via USB Ethernet and netcat). I do have the BashBunny as well, my only 'complaint' with it is not a whole lot of storage. I would LOVE it if they made BashBunny with a MicroSD card slot. Quote Link to comment Share on other sites More sharing options...
Chael Posted August 24, 2021 Share Posted August 24, 2021 I'm wondering about this as well. There's a youtube video I watched about making a reverse shell with password and since I couldn't find a payload with that option for the ducky I wonder If it's possible to convert the script to ducky script. Does anyone have an idea what to do? Quote Link to comment Share on other sites More sharing options...
chrizree Posted August 24, 2021 Share Posted August 24, 2021 There are reverse shell payload scripts for the Ducky. However, they use netcat and that is blocked by Defender nowadays so it needs to be altered or obfuscated in some way in order to work (or disable Defender/AV). Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.