Unable to get script to work?

[Yon Mon]

Hey,

I was directed to this part of the forum to discuss rubber ducky matter.

I was looking at the payload library and found the following: https://hak5.org/blogs/payloads/browser-passwords-dropbox-exfiltration?_pos=7&_sid=9b5a5b2cc&_ss=r

The only issue is I'm unsure what type of URL is needed to make it work properly.

Any thoughts?

[dark_pyrro]

It's the URL where you host the ps1 file. I.e. you need some web server where you put the ps1 file and the address to that server/file is what's supposed to be used.

There may be reasons to obtain the ps1 file using a web request but I can't see why it's mandatory to use that method. Running the Ducky in ATTACKMODE HID STORAGE would make it possible to execute it from the Ducky storage instead and not needing to involve hosting the file on the internet (or some local resource that hosts a web server).