hak5
/
usbrubberducky-payloads
mirror of https://github.com/hak5/usbrubberducky-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
usbrubberducky-payloads/payloads/library/credentials/Duckie-Harvest/README.md

1.5 KiB
Raw Permalink Blame History

Duckie-Harvest

Overview

This script is designed for penetration testing purposes and offers the following functionalities:

  • Dump Wi-Fi Passwords: Extracts and saves all Wi-Fi passwords stored on the target machine.
  • Dump Browser Credentials: Extracts saved credentials from Google Chrome, Brave, Firefox, and Microsoft Edge.
  • System Information: Collects and dumps comprehensive system information, including network configurations and active processes.
  • Network Configuration: Gathers detailed network configuration data and performs a network scan.
  • Reverse Shell: Initiates a reverse shell to provide remote command-line access (requires configuration of the attacker IP and attacker port).

This payload is intended for use with a USB Rubber Ducky device.

Usage

Prerequisites

  • USB Rubber Ducky: Ensure you have a USB Rubber Ducky device.
  • Powershell: The target machine must have Powershell installed.

Configuration

  1. Configure drive name: edit the powershell script to set the name of your drive

    $DRIVE = 'DUCKY'

  2. Configure Attacker IP and Port: Edit the powershell script to set your attacker's IP address and port for the reverse shell connection:

    $IP = 'YOUR_IP'
$PORT = 'YOUR_PORT'

  3. **Configure drive and powershell script name **: edit the payload.txt to set both the name of the drive label and the powershell script

    DEFINE #DUCKY_DRIVER_LABEL DUCKY
DEFINE #PS1 sy_cred.ps1