KCSEC - Rubber Ducky Toolkit
What is a Rubber Ducky ?
The USB Rubber Ducky is a keystroke injection tool disguised as a generic flash drive. Computers recognize it as a regular keyboard and accept pre-programmed keystroke payloads at over 1000 words per minute.
Payloads are crafted using a simple scripting language and can be used to drop reverse shells, inject binaries, brute force pin codes, and many other automated functions for the penetration tester and systems administrator.
Since 2010 the USB Rubber Ducky has been a favorite among hackers, penetration testers and IT professionals. With its debut, keystroke injection attacks were invented – and since it has captured the imagination with its simple scripting language, formidable hardware, and covert design
KCSEC Rubber Ducky Toolkit
So after checking out what is currently being used for the ducky toolkit it seems MS have patched a lot of the UAC bypasses making the Windows 10 potential limited.
There is now our repo on git hub that includes some of the follow updates and new KCSEC payloads.
https://github.com/KCSEC/USB-Rubber-Ducky
KCSEC Rubber Ducky Toolkit Upgrades
- Ducky-Flasher (Updated to latest version)
- Ducky-Flasher (Includes version numbers)
- Firmware List information and version explanations
KCSEC Ducky-Payloads
Ducky-Payloads are the Custom Inject.bin files for the Rubber-Ducky to Allow Execution of our KCSEC Host-Payloads
Windows 10 - Fodhelper UAC Bypass Exploit To host-Payload
Currently working 2018 Windows 10 UAC bypass Exploit - Requires user to have admin permissions More info on fodhelper UAC bypass here https://pentestlab.blog/tag/fodhelper/
KCSEC Ducky-Payloads To Host-Payloads Packages
The Packages Include both as Ducky-Payload + a Host Payload all setup and ready to be used.
Win10 - Fodhelper Bypass Exploit to Meterpreter reverse shell Available on,
– TwinDuck
– TwinDuck Special 2
– Original Ducky coming soonWin10 - Fodhelper Bypass Exploit to Empire Launcher Available on,
– TwinDuck
– TwinDuck Special 2
– Original Ducky coming soon
In development
- Each payloads will have 3 Version (Original, Twin Duck + Twin Duck special 2)
- Non UAC Bypass for non admin user payloads
- Mimikatz payloads
Want a specific payload ?
Feel free to request a payload write by either commenting bellow or emailing us :)
Recent Posts
Tags
Categories
Active directory Burpsuite Cheatsheet Crackmapexec Empire Events Exploit File transfer Iis Implants Kcsec Kerberos Kernelpop Ksec Ksec snapshot Lab Metasploit Metasploitable Msfvenom Netcat Nfc & rfid Nikto Nmap Pivoting Privilege escalation Proxmark Proxychains Redteam Responder Rubber ducky Shells Sqlmap Sshutle Thefatrat Toolkit Webapp Windows domain Xss