Ehvanz Posted July 17 Share Posted July 17 Hello, I am brand new to the Advanced Ducky Script Course and am using this forum to check my work on the exercises presented. I had some troubles with the first exercise because I'm big dumb and this is an entirely new concept to me. Bellow is the exercises presented along with my answers. While I am still waiting on USB Rubber Ducky to come in the mail, I am trying to get a head start on the course content. Any feedback would be greatly appreciated. Exercise 1-1 Write and deploy a payload for the target operating system of your choice which will: Open the target operating system’s terminal. Run commands to show a listing of files and directories. Pause for 5 seconds. Close the terminal window. REM Title: Exposed REM Author: Ehvanz REM Description: List all Files and Directories DELAY 2000 GUI r STRING powershell ENTER DELAY 1000 STRING ls ENTER DELAY 5000 STRING exit Exercise 1-2 Modify the payload written in exercise 1-1 to minimize the terminal window after the 5 second pause, rather than closing it. REM Title: Exposed REM Author: Ehvanz REM Description: List all Files and Directories then minimize the terminal DELAY 2000 GUI r STRING powershell ENTER DELAY 1000 STRING ls ENTER DELAY 5000 STRING ALT SPACE n ENTER Exercise 1-3 Modify the payload written in exercise 1-1 to copy the contents of the terminal window after the 5 second pause, then open a new plaintext document and paste the clipboard. REM Title: Exposed REM Author: Ehvanz REM Description: List all Files and Directories, copy the contents REM then paste into a text document DELAY 2000 GUI r STRING powershell ENTER DELAY 1000 STRING ls ENTER DELAY 5000 STRING CTRL SHIFT a ENTER DELAY 1000 GUI r STRING notepad.exe ENTER STRING CTRL c ENTER Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted July 17 Share Posted July 17 Haven't read all of the code, but for 1-1 at least, you could do the following tweaks: - Increase the intitial delay, or better yet, use the PASSIVE_WINDOWS_DETECT extension to totally eliminate the need of any initial delay (it will speed up the execution as well and make sure the payload starts when Windows has enumerated the Ducky and is ready for input) - I would most likely use a longer delay after PowerShell has been started since it can take quite a while from when the command has been issued to when the PowerShell window is ready for input, it's PC specific though - Instead of using STRING followed by an ENTER, use the DuckyScript 3.0 command STRINGLN which doesn't need ENTER, it will make the code more "readable" and keep the line count down (the last STRING is missing an ENTER, but it can also be solved by using STRINGLN) 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.