Jump to content

My First report making project


mrdanedwards

Recommended Posts

Posted

Hi All, 

New to the Hak5 world, and have found a great resource at https://ducktoolkit.com/payload/windows, and I am trying to get the very first payload on the list to work (Computer Information, to save to the C Drive).
I know everyone says this, but the idea behind this project isn't meant to be nefarious - it's use case would be having to do an audit on a data centre sized operation of hardware, and want an easy and fast way to run this sort of script on every machine in my system, save a report file to the same location on each (would actually be a shared drive) and then can audit the system as a whole.

The payload seems simple enough, and so far I have followed the workflow, even adding in some delays to slow the whole thing down and see whats going on. 
However, I cant seem to get any sort of output, outside of an empty report.zip folder.

Reading through a few other sites and guides, I know this could be something simple like versions or firmware, but in case it's a ducky script config thing, or maybe the way that its writing the report file, I thought I'd reach out here first and see if anyone has had the same issue, or would be able to suggest an alternative way of running this sort of payload.

Thanks in advance!
Dan

Posted

The way that the path to the zip file is specified in the payload script might result in issues (PowerShell runtime errors). Specify a full path to where the zip file should be placed. Not sure why it's relevant to use the zip functionality, but... it's there.

Posted

Many thanks for the reply - Ive got a few days off work now, so I am going to have a proper play around in a VM, mainly want to get my head around the powershell side of this payload, rather than be a "copy and paste from someone else" kind of guy.

Thanks again!

Dan

Posted

Picking the payload apart when it's not working is a good strategy. Run each identifiable parts separately in order to find where things might go wrong. For that specific payload it's easy to extract the different segments and exclude the things that are not relevant. It's actually only one thing that is subject for troubleshooting and that's the PowerShell script file that is being created. Extract that code and run it in the PowerShell ISE (or in a "regular" PowerShell window) and you will be able to easily spot any errors.

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...