Michael22 Posted May 23 Share Posted May 23 Hello all, I just purchased a rubber ducky and am slowly working through the quick start guide. I began with Hello World (https://docs.hak5.org/hak5-usb-rubber-ducky/ducky-script-basics/hello-world) which worked fine in the notepad. I then upgraded to the 'slightly more advanced "hello world", but whenever I plug in, the task manager loads, the graphics control panel opens, and a Microsoft 365 sign in window opens. Trying on another machine, task manager opened and 4 tabs for logging into Microsoft 365. I only copy and pasted the code into the inject.bin file (code below) REM A slightly more advanced "Hello, World!" for Windows DELAY 3000 REM Open the Run dialog WINDOWS r DELAY 1000 REM Open powershell with our message STRING powershell "echo 'Hello, World!'; pause" ENTER Thank you for any help! Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted May 23 Share Posted May 23 14 minutes ago, Michael22 said: I only copy and pasted the code into the inject.bin file You should not paste the code into the inject.bin file. You need to compile the payload code, which creates the inject.bin file. Quote Link to comment Share on other sites More sharing options...
Michael22 Posted May 25 Author Share Posted May 25 Hello! I misspoke in the post. I did not paste the code into the inject file, I pasted it into the payload studio and created the file that way, then replaced the existing inject.bin file in my duck. I hope that gives more detail. Quote Link to comment Share on other sites More sharing options...
Solution dark_pyrro Posted May 25 Solution Share Posted May 25 If you correctly encode/compile the payload using Payload Studio, I can't see why that code wouldn't be working. I used the same code (although a bit tweaked according to what's available in Ducky Script 3.0), and it works as expected. Maybe try to increase the initial delay a bit (or use an extension that takes care of that). Quote Link to comment Share on other sites More sharing options...
Michael22 Posted May 27 Author Share Posted May 27 Hmmmm, maybe that is it? I tried this and I think it worked, so maybe I messed it up from before? I completely deleted the inject.bin file from the ducky (instead of replacing it with the new one). I then used the same code as above in payload studio, and then clicked Generate Payload. I moved over the resulting file into the ducky, confirmed it was exactly inject.bin and it seemed to run! Now I just need to deep dive which should be my default code that runs, and if I can make a folder of prefered codes on the ducky to store for later. Thank you for your help! Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted May 27 Share Posted May 27 You can store the payloads in a folder (and subfolders) on the Ducky storage, but I would suggest storing it all in some more secure place. Micro SD cards isn't that reliable. Also remember to store the actual code, and not the inject.bin, since you can't reverse it if you need to re-use/change the original payload code. Store the code and compile it when needed using Payload Studio. 1 Quote Link to comment Share on other sites More sharing options...
Michael22 Posted May 27 Author Share Posted May 27 That makes a ton of sense, thank you! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.