Yon Mon Posted April 19, 2023 Share Posted April 19, 2023 Hey, I was directed to this part of the forum to discuss rubber ducky matter. I was looking at the payload library and found the following: https://hak5.org/blogs/payloads/browser-passwords-dropbox-exfiltration?_pos=7&_sid=9b5a5b2cc&_ss=r The only issue is I'm unsure what type of URL is needed to make it work properly. Any thoughts? Link to comment Share on other sites More sharing options...
dark_pyrro Posted April 19, 2023 Share Posted April 19, 2023 It's the URL where you host the ps1 file. I.e. you need some web server where you put the ps1 file and the address to that server/file is what's supposed to be used. There may be reasons to obtain the ps1 file using a web request but I can't see why it's mandatory to use that method. Running the Ducky in ATTACKMODE HID STORAGE would make it possible to execute it from the Ducky storage instead and not needing to involve hosting the file on the internet (or some local resource that hosts a web server). Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.