From ab604673f2fb8c96c81dd1638fa2c694d99b0d58 Mon Sep 17 00:00:00 2001
From: drapl0n <87269662+drapl0n@users.noreply.github.com>
Date: Sat, 16 Dec 2023 21:48:41 +0530
Subject: [PATCH] Create README.md

---
 .../credentials/DuckyLogger2/README.md        | 56 +++++++++++++++++++
 1 file changed, 56 insertions(+)
 create mode 100644 payloads/library/credentials/DuckyLogger2/README.md

diff --git a/payloads/library/credentials/DuckyLogger2/README.md b/payloads/library/credentials/DuckyLogger2/README.md
new file mode 100644
index 0000000..b306daa
--- /dev/null
+++ b/payloads/library/credentials/DuckyLogger2/README.md
@@ -0,0 +1,56 @@
+## About:
+* Title: DuckyLogger 2.0
+* Description: Keylogger, which sends each and every keystroke of the target remotely/locally.
+* AUTHOR: drapl0n
+* Version: 2.0
+* Category: Credentials.
+* Target: Unix-like operating systems with systemd.
+* Attackmodes: HID.
+
+## DuckyLogger 2.0 is the most efficient version of the original DuckyLogger, which captures every keystroke of the traget and sends it back to the attacker.
+
+### Features:
+* Live keystroke capturing.
+* Detailed key logs.
+* Persistent.
+* Autostart payload on boot.
+
+### What's new ?
+* No trigger from the target's end is required.
+* Completely autostarts the payload on boot.
+* Removed unnecessary script blocks.
+* No need to run two different services.
+
+### Workflow:
+* Encoding payload and injecting it into the target's system.
+* Checks whether the internet is connected to the target system.
+* If the internet is connected, then it sends raw keystrokes to the attacker. 
+* Attacker processes raw keystrokes.
+
+### Changes to be made in payload:
+* Replace ip (0.0.0.0) and port number (4444) with your server's ip address and port number on line no. `43`.
+* Increase/Decrease time interval to restart service periodically (default is 5 minutes), on line no. `59`.
+
+### Usage:
+1. Encode payload.txt and inject it into the target's system.
+2. Start Netcat listner on the attacking system:
+
+* `nc -lvp <port number> > <log filename>` use this command to create new a logfile with raw keystrokes.
+* `nc -lvp <port number> >> <log filename>` use this command to append raw keystrokes to an existing log file.
+3. Process raw keystrokes using the DuckyLoggerDecoder utility:
+```
+./duckyLoggerDecoder
+DuckyLoggerDecoder is used to decode raw key strokes acquired by duckyLogger.
+
+Usage: 
+Decode captured log:    [./duckyLoggerDecoder -f <Logfile> -m <mode> -o <output file>]
+
+Options:
+-f      Specify the log file.
+-m      Select Mode(normal|informative)
+-o      Specify an output file.
+-h      For this banner.
+```
+
+#### Support me if you like my work:
+* https://twitter.com/drapl0n