15 Second Password Hack! I'm at the end :(

[Leontec]

Hey guys...

I tried to execute the 15 Second Password Hack (https://shop.hak5.org/blogs/usb-rubber-ducky/15-second-password-hack-mr-robot-style) but unfortunately without any succes. I always get an error in the command line. I tried it out in my local network and the webserver is running on my raspberry pi with apache2 and php. I will attach a screenshot of the error and also one or two of my webserver. If you think there is a problem with the two files on the webserver, I would really appreciate if you could send me a working version of those two. It would be great if you could help me with my problem.

Thank you very much and have a nice day 

 

https://photos.app.goo.gl/mkXYfr2DNrjx5r7w6

https://photos.app.goo.gl/EE7nKotj7Jr4PyDq6

https://photos.app.goo.gl/jgdj5NeT4wyzKr6M8

https://photos.app.goo.gl/zQ2E8LM5Z63v8nMZ6

[chrizree]

Just look at the error messages in one of your posted screenshots. It's pretty obvious what I would try 1st in order to solve the issues. I would follow the instructions in the Hak5 article and put http:// in front of the IP addresses in the script. Now it thinks that those are local paths, hence complaining about not finding the files under C:\Windows\System32, as the error messages say.

[Leontec]

Thank you very much! The first problem is solved but I still get an error. Could it be possible that my Norton Security blocks the Attack? Or is there still sth. I have to change in my Payload/Webserver? Thanks for your answer @chrizree

[Leontec]

https://photos.app.goo.gl/abMLhQDFwxs6hPen8

Here the new error

[chrizree]

Check your AV logs. Even though mimikatz is supposed to not touch the disk, it might still be blocked/intercepted by any AV used on the "victim" machine.

[Leontec]

Thank you very much, I will try it out on a device without an AV these days. 

Kind regards 🙂