# Exercise 7-2 Of The DuckyScript Advanced Course

Go to solution Solved by dark_pyrro,

## Recommended Posts

Posted (edited)

Hello, I apologize if this isn't the right thread to post this in. But I've been taking the online course  and I've managed to work my way through every other exercise except this on. Here's my prompt.

Write and deploy a payload for the target operating system of your choice which will:

• Include a comment block describing how to modify the runtime of the payload.
• Open a plaintext editor.
• Using a variable and loop, type the lyrics to the song John Jacob Jingleheimer Schmidt four times.
• Infinitely blink the LED green when the typing of the song has completed.
• If the button is pressed at any time in the payload, stop typing and infinitely blink the LED red.

And here is the script that I've written so far.

REM To alter the runtime of the payload just decrease the delay's miliseconds
ATTACKMODE HID
VAR \$John_Jacob_Jingleheimer_Schmidt = 25
VAR \$Button = 10
DISABLE_BUTTON

DELAY 1000
LED_R
DELAY 500
GUI r
DELAY 500
ENTER
DELAY 1500
VAR \$John_Jacob_Jingleheimer_Schmidt = (  \$John_Jacob_Jingleheimer_Schmidt - 1 )
LED_G

WHILE ( \$John_Jacob_Jingleheimer_Schmidt < 30 )
WHILE ( \$John_Jacob_Jingleheimer_Schmidt > 20 )
LED_OFF
STRINGLN John Jacob Jingleheimer Schmidt,
LED_R
DELAY 500
STRINGLN His name is my name too.
LED_OFF
ENTER
DELAY 500
STRINGLN Whenever we go out,
LED_G
DELAY 500
STRINGLN The people always shout,
LED_OFF
DELAY 500
STRINGLN There goes John Jacob Jingleheimer Schmidt.
LED_R
DELAY 500
ENTER
STRINGLN Dah dah dah dah, dah dah dah
LED_OFF
ENABLE_BUTTON
\$John_Jacob_Jingleheimer_Schmidt = ( \$John_Jacob_Jingleheimer_Schmidt - 1 )
END_WHILE
WHILE ( \$John_Jacob_Jingleheimer_Schmidt == 20 )
LED_OFF
DELAY 500
LED_G
DELAY 500
LED_OFF
DELAY 500
LED_G
DELAY 500
LED_OFF
END_WHILE
WHILE ( \$_BUTTON_PUSH_RECEIVED == TRUE )
IF \$Button == 10 THEN
\$John_Jacob_Jingleheimer_Schmidt = (\$John_Jacob_Jingleheimer_Schmidt - 10 )
\$Button == ( \$Button - 5 )
END_IF
LED_OFF
DELAY 500
LED_R
DELAY 500
LED_OFF
DELAY 500
LED_R
DELAY 500
LED_OFF
DELAY 500
LED_R
DELAY 500
LED_OFF
DELAY 500
LED_R
DELAY 500
ENABLE_BUTTON
END_WHILE
END_WHILE

I've gotten the first part of the payload to work, where it opens notepad, types the lyrics a couple times, and then blinks green infinetley upon completion. However I can't seem to get the button command to work. I've had trouble with BUTTON_PUSH_RECIEVED before but i managed to solve it although I'm having a hard time applying that to this. Is anybody able to help me figure this out? Best regards.

Edited by Esso
##### Share on other sites

• Solution

That's a lot of lines of code. Try using the example that is on the page just before the Exercise 7 page, and build on that instead.

##### Share on other sites

Thanks I appreciate your help, I took some inspiration from the second example on that page and switched around a little as well as turning it into a button def. In the end i couldn't really decrease the lines of code but I did get it to function properly.

REM To alter the runtime of the payload just decrease the delay's miliseconds
ATTACKMODE HID
VAR \$John_Jacob_Jingleheimer_Schmidt = 25
VAR \$FOO = 5

BUTTON_DEF
VAR \$John_Jacob_Jingleheimer_Schmidt = ( \$John_Jacob_Jingleheimer_Schmidt + 40 )

WHILE ( \$FOO == 5 )
LED_OFF
DELAY 500
LED_R
DELAY 500
LED_OFF
DELAY 500
LED_R
DELAY 500
LED_OFF
DELAY 500
LED_R
DELAY 500
LED_OFF
END_WHILE

END_BUTTON

DELAY 1000
LED_R
DELAY 500
GUI r
DELAY 500
ENTER
DELAY 1500
VAR \$John_Jacob_Jingleheimer_Schmidt = (  \$John_Jacob_Jingleheimer_Schmidt - 1 )
LED_G

WHILE ( \$John_Jacob_Jingleheimer_Schmidt < 30 )
WHILE ( \$John_Jacob_Jingleheimer_Schmidt > 20 )
LED_OFF
STRINGLN John Jacob Jingleheimer Schmidt,
LED_R
DELAY 500
STRINGLN His name is my name too.
LED_OFF
ENTER
DELAY 500
STRINGLN Whenever we go out,
LED_G
DELAY 500
STRINGLN The people always shout,
LED_OFF
DELAY 500
STRINGLN There goes John Jacob Jingleheimer Schmidt.
LED_R
DELAY 500
ENTER
STRINGLN Dah dah dah dah, dah dah dah
LED_OFF
\$John_Jacob_Jingleheimer_Schmidt = ( \$John_Jacob_Jingleheimer_Schmidt - 1 )
END_WHILE
WHILE ( \$John_Jacob_Jingleheimer_Schmidt == 20 )
LED_OFF
DELAY 500
LED_G
DELAY 500
LED_OFF
DELAY 500
LED_G
DELAY 500
LED_OFF
END_WHILE
END_WHILE

##### Share on other sites

Not sure why you use those nested while loops. They aren't necessary.

Also, read the instructions carefully. That's not just something important to this exercise, but also something that is valuable in (work) life in general. It doesn't say that you should have the Ducky blink green when it types, it says that it should blink green when the typing of the suggested lyrics has been *completed*. That will remove any need to try to include the green LED blinking into the code as it types out the lyrics (and the Ducky will blink green anyway when typing).

The BUTTON_DEF can be shorter, and you don't need any variables in it.

##### Share on other sites

Sorry I'm not sure if I'm reading anything wrong or not getting something, but the way it is now the LED does blink infinitely green when the payload is complete, and doesn't there need to be a variable and a loop to infinitely blink the LED red? Did I do something wrong?

##### Share on other sites

Nothing wrong. It's a "you do you" thing. If it works, it works. I wouldn't do it that way though since it's a complex way of doing it.

##### Share on other sites

Oh okay I got afraid I'd have to redo it, if you don't mind though I'd like to ask you two more questions. First, could you show me your way of doing it?

##### Share on other sites

```EXTENSION PASSIVE_WINDOWS_DETECT
!!! INCLUDE THE EXTENSION WHEN THE PAYLOAD IS COMPILED IN PAYLOAD STUDIO, NOT INCLUDED HERE !!!

REM    Include a comment block describing how to modify the runtime of the payload.
USAGE:

TARGETS:
Windows systems (in this variant of the payload code, preferably not Windows 11 if Notepad is used)
END_REM

REM    If the button is pressed at any time in the payload, stop typing and infinitely blink the LED red.
BUTTON_DEF
WHILE TRUE
LED_R
DELAY 1000
LED_OFF
DELAY 1000
END_WHILE
END_BUTTON

REM    Open a plaintext editor.
GUI r
DELAY 500
DELAY 3000

REM    Using a variable and loop, type the lyrics to the song John Jacob Jingleheimer Schmidt four times.
VAR \$SONGLOOP = 4
WHILE ( \$SONGLOOP > 0 )
STRINGLN John Jacob Jingleheimer Schmidt
STRINGLN His name is my name too
STRINGLN Whenever I go out
STRINGLN The people always shout
STRINGLN "There goes John Jacob Jingleheimer Schimdt
STRINGLN Da da-da da-da da-da da"
ENTER
\$SONGLOOP = ( \$SONGLOOP - 1 )
END_WHILE

REM    Infinitely blink the LED green when the typing of the song has completed.
WHILE TRUE
LED_G
DELAY 1000
LED_OFF
DELAY 1000
END_WHILE```

##### Share on other sites

Alright yeah I must say that does look a whole lot simpler, and my second l was wondering if you could point me in the right direction for Exercise 7-5. I can't wrap my head around how to make the emoticons continuously switch back and fourth with each button press.

Here's the prompt.

Write and deploy a payload for the target operating system of your choice which will:

• Open a plaintext editor.
• Continuously type the smiling emoticon :-).
• If the button is pressed at any time, change the continuously typed emoticon to a frowning :-(.
• For each subsequent press of the button, alternate the emoticon being typed between smiling and frowning.
##### Share on other sites

Try a BUTTON_DEF with an IF, and a WHILE with an IF

##### Share on other sites

Hey sorry for the late response, I've been trying to work on it since Monday. The first thing I did was take inspiration from your idea and come up with this.

ATTACKMODE HID

DELAY 1000
GUI r
DELAY 500

BUTTON_DEF
CAPSLOCK
END_BUTTON

WAIT_FOR_CAPS_CHANGE

WHILE ( \$_CAPSLOCK_ON == TRUE )
WHILE TRUE
STRINGLN 🙂
END_WHILE
END_WHILE

WHILE ( \$_CAPSLOCK_ON == FALSE )
WHILE TRUE
STRINGLN 😞
END_WHILE
END_WHILE

This worked as it should but it doesn't keep switching back and fourth continuously, It only switched once although it did infinitely type the emoticon.

Then I tried to follow your advice exactly but I must've did something wrong because all it will do is open notepad right now, here's that.

ATTACKMODE HID

DELAY 1000
GUI r
DELAY 500
DELAY 2000

BUTTON_DEF
CAPSLOCK
IF ( \$_CAPSLOCK_ON == FALSE)
STRINGLN 😞
END_IF
END_BUTTON

WHILE ( \$_CAPSLOCK_ON == TRUE)
IF ( \$_CAPSLOCK_ON == TRUE )
STRINGLN  🙂
END_IF
END_WHILE

Could You tell me what I did wrong?

##### Share on other sites

Why are you introducing caps lock into it all?

##### Share on other sites

Its the only thing that I could think of that I could use to switch the two faces.

##### Share on other sites

Use a variable and switch the value of it as you press the button.

##### Share on other sites

That's the first thing I thought of, disappointingly, I couldn't wrap my head around doing that until now. But now that I have I just have one problem left. I believe that there's something wrong with my BUTTON_DEF. The Ducky is typing the emoticon but I can't get it to switch.

Here It is:

ATTACKMODE HID
VAR \$BUTTON = 10

DELAY 1000
GUI r
DELAY 500
DELAY 2000

BUTTON_DEF
IF ( \$BUTTON == 10 ) THEN
\$BUTTON = ( \$BUTTON - 1 )
END_IF

IF ( \$BUTTON == 9 ) THEN
\$BUTTON = ( \$BUTTON + 1 )
END_IF
END_BUTTON

WHILE ( \$BUTTON > 0 )
IF ( \$BUTTON == 10 ) THEN
STRINGLN 🙂
END_IF
IF ( \$BUTTON == 9 ) THEN
STRINGLN 😞
END_IF
END_WHILE

Could you tell me what's wrong?

##### Share on other sites

You don't need the "math", just use two "static" values for the variable, such as 0 and 1, and alter them using the BUTTON_DEF. I would use an IF ELSE instead of two IFs (both in the BUTTON_DEF and WHILE).

9 hours ago, Esso said:

WHILE ( \$BUTTON > 0 )

I would use a WHILE TRUE instead of the WHILE above.

(You can skip ATTACKMODE HID since it's the default attackmode of the Ducky, not specifying any attackmode will put the Ducky in HID mode "automagically")

## Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

×   Pasted as rich text.   Paste as plain text instead

Only 75 emoji are allowed.

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×