Leontec Posted May 29, 2021 Share Posted May 29, 2021 Hey guys... I tried to execute the 15 Second Password Hack (https://shop.hak5.org/blogs/usb-rubber-ducky/15-second-password-hack-mr-robot-style) but unfortunately without any succes. I always get an error in the command line. I tried it out in my local network and the webserver is running on my raspberry pi with apache2 and php. I will attach a screenshot of the error and also one or two of my webserver. If you think there is a problem with the two files on the webserver, I would really appreciate if you could send me a working version of those two. It would be great if you could help me with my problem. Thank you very much and have a nice day https://photos.app.goo.gl/mkXYfr2DNrjx5r7w6 https://photos.app.goo.gl/EE7nKotj7Jr4PyDq6 https://photos.app.goo.gl/jgdj5NeT4wyzKr6M8 https://photos.app.goo.gl/zQ2E8LM5Z63v8nMZ6 Link to comment Share on other sites More sharing options...
chrizree Posted May 30, 2021 Share Posted May 30, 2021 Just look at the error messages in one of your posted screenshots. It's pretty obvious what I would try 1st in order to solve the issues. I would follow the instructions in the Hak5 article and put http:// in front of the IP addresses in the script. Now it thinks that those are local paths, hence complaining about not finding the files under C:\Windows\System32, as the error messages say. Link to comment Share on other sites More sharing options...
Leontec Posted May 30, 2021 Author Share Posted May 30, 2021 Thank you very much! The first problem is solved but I still get an error. Could it be possible that my Norton Security blocks the Attack? Or is there still sth. I have to change in my Payload/Webserver? Thanks for your answer @chrizree Link to comment Share on other sites More sharing options...
Leontec Posted May 30, 2021 Author Share Posted May 30, 2021 https://photos.app.goo.gl/abMLhQDFwxs6hPen8 Here the new error Link to comment Share on other sites More sharing options...
chrizree Posted May 30, 2021 Share Posted May 30, 2021 Check your AV logs. Even though mimikatz is supposed to not touch the disk, it might still be blocked/intercepted by any AV used on the "victim" machine. Link to comment Share on other sites More sharing options...
Leontec Posted May 30, 2021 Author Share Posted May 30, 2021 Thank you very much, I will try it out on a device without an AV these days. Kind regards 🙂 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.