hak5
/
usbrubberducky-payloads
mirror of https://github.com/hak5/usbrubberducky-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create README.md

pull/409/head
drapl0n 2023-12-16 21:48:41 +05:30 committed by GitHub
parent eb1884f7c4
commit ab604673f2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 56 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
payloads/library/credentials/DuckyLogger2/README.md Normal file
View File

@ -0,0 +1,56 @@
## About:
* Title: DuckyLogger 2.0
* Description: Keylogger, which sends each and every keystroke of the target remotely/locally.
* AUTHOR: drapl0n
* Version: 2.0
* Category: Credentials.
* Target: Unix-like operating systems with systemd.
* Attackmodes: HID.
## DuckyLogger 2.0 is the most efficient version of the original DuckyLogger, which captures every keystroke of the traget and sends it back to the attacker.
### Features:
* Live keystroke capturing.
* Detailed key logs.
* Persistent.
* Autostart payload on boot.
### What's new ?
* No trigger from the target's end is required.
* Completely autostarts the payload on boot.
* Removed unnecessary script blocks.
* No need to run two different services.
### Workflow:
* Encoding payload and injecting it into the target's system.
* Checks whether the internet is connected to the target system.
* If the internet is connected, then it sends raw keystrokes to the attacker.
* Attacker processes raw keystrokes.
### Changes to be made in payload:
* Replace ip (0.0.0.0) and port number (4444) with your server's ip address and port number on line no. `43`.
* Increase/Decrease time interval to restart service periodically (default is 5 minutes), on line no. `59`.
### Usage:
1. Encode payload.txt and inject it into the target's system.
2. Start Netcat listner on the attacking system:
* `nc -lvp <port number> > <log filename>` use this command to create new a logfile with raw keystrokes.
* `nc -lvp <port number> >> <log filename>` use this command to append raw keystrokes to an existing log file.
3. Process raw keystrokes using the DuckyLoggerDecoder utility:
```
./duckyLoggerDecoder
DuckyLoggerDecoder is used to decode raw key strokes acquired by duckyLogger.
Usage:
Decode captured log: [./duckyLoggerDecoder -f <Logfile> -m <mode> -o <output file>]
Options:
-f Specify the log file.
-m Select Mode(normal|informative)
-o Specify an output file.
-h For this banner.
```
#### Support me if you like my work:
* https://twitter.com/drapl0n