• Saturday , 6 June 2020

ZOMG HaX one-liners and Javascript Ducky Encoding – Hak5 2513

Code Canyon



JS Ducky Encoder: https://downloads.hak5.org/ducky

Payload:
DELAY 3000
GUI r
DELAY 500
STRING cmd /C “color a&FOR /L %N IN () DO tree”
ENTER

Contest: https://hak5.org/contest

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆

Original source

3d Ocean

Related Posts

32 Comments

  1. DAVID GREGORY KERR
    April 26, 2019 at 17:15

    I have a reworked version of AES which uses 4×16 byte blocks called states and uses TDES128 cryptosystem to modify the 4xstates in the keyaddition() routine instead of just XORing the states with four keys per round which makes for a stronger cryptosystem do you want me to send your the package or not.

  2. catcalvar #
    April 26, 2019 at 17:15

    these comments are awesome. i wish i could afford some of your gear but im too young to get a job here and dont earn enough doing what im doing. do you know if there are any cheap alternatives to the pineapple. would be great if there was thanks

  3. Sh4d0w St0rm
    April 26, 2019 at 17:15

    I love the rubberducky, still learning all the possibilities

  4. toby bailey
    April 26, 2019 at 17:15

    Thanks for the chance at the giveaway. I'd actually use a simple line like yours add a pause in the tree (stop it) and then continue on as if someone found a file they wanted

  5. Beckett O'Brien
    April 26, 2019 at 17:15

    Add start before tree so that it keeps opening new windows with the tree command on each one.

  6. Trevis Schiffer
    April 26, 2019 at 17:15

    Man, do a video on matrix irc bridging. It would be cool. Also do some FreeBSD based video. FreeBSD is mainstream enough these days for geeks. Do a video on dtrace, ZFS etc.

  7. Jan
    April 26, 2019 at 17:15

    Awesome video

  8. doggo doggo
    April 26, 2019 at 17:15

    how to prank a technologically inadvanced friend.
    DELAY 1000
    GUI r
    STRING cmd
    DELAY 500
    STRING ipconfig /all
    REM spooked

    Then scream "You're getting hacked!!!!"
    **He went nuts**

  9. Don S
    April 26, 2019 at 17:15

    I flip the screen upside down while before running the command…

  10. Dale Ahvakana
    April 26, 2019 at 17:15

    the tree is pretty great

  11. Julio Valencia
    April 26, 2019 at 17:15

    Great tip for starters

  12. Hannu Mäkilampi
    April 26, 2019 at 17:15

    Nice! And also, I would like to win 🙂

  13. ben boe
    April 26, 2019 at 17:15

    Yeah I definetly need a rubber ducky for security awareness training too!

  14. Owen Gauci
    April 26, 2019 at 17:15

    You should include ALT + ENTER right after the command starts to execute! It'll make the noobs go crazy!!

  15. Sarina R.
    April 26, 2019 at 17:15

    My Run Dialogue would look like a system infiltration from The girl in the Spider web complete with a fake ip Adress 👩🏼‍💻

  16. kevinlife
    April 26, 2019 at 17:15

    I love this thing

  17. Benjamin Cheng
    April 26, 2019 at 17:15

    I have never used a usb rubber ducky before (and would love to try any hak5 gear) but i think its possible to lock folders with 1 line? ¯_(ツ)_/¯ but this becomes scary i suppose…

  18. Ben Dallimore
    April 26, 2019 at 17:15

    What would be awesome would be to copy a zip compatible file on to a computer (such as an XPS file – lots of manuals are like this or can be created from Word/PDF docs), change the file extension to zip, copy documents into the zip, rename it back to XPS and then extract it/email it or whatever. If it's ever intercepted, the XPS file will just open like you'd expect showing the original document. This is great for extracting small files (<1mb depending on size of the original XPS file) as it won't noticeably change the overall file size. You'd raise some eyebrows if you ended up with a one-page XPS file over a GB in size though…

    Real easy to do in a GUI… not sure how easy in a CLI? I left most of my CMD knowledge back in 1998!

  19. Taylor White
    April 26, 2019 at 17:15

    I've seen a rubber duck that once injected, it open youtube and started to play Rick Astley – Never Gonna Give You Up

  20. Enzo C.
    April 26, 2019 at 17:15

    My favorite one liner I discovered a while back is a fork bomb to make the pc increasingly become slower and run out of memory (eventually crashing):

    "cmd /k echo -^|->-.bat&-"

    And the flashy factor is there since it just keeps opening new windows faster than you can close them filling the screen!

  21. Tyler Sadler
    April 26, 2019 at 17:15

    Currently a software developer. You guys have inspired me to go back to school and get certified in Cybersecurity. Currently working on Network+ and Security+. I just wanted to thank you all for relighting the spark in me. Was starting to burn out on Enterprise software development and it feels great to have inspiration again. Keep up the good work.

  22. Theo Topham
    April 26, 2019 at 17:15

    Could anyone else here the emergency services in the background at 3:40?

  23. william butler
    April 26, 2019 at 17:15

    I love the rubber ducky. My bash bunny is jealous! Lol

  24. Alain-Pierre P.
    April 26, 2019 at 17:15

    To make this payload even scarier, after the loop is launched, simply send "Alt-Enter" to switch from graphical mode to true "text mode".

  25. Art E
    April 26, 2019 at 17:15

    Maybe it might be fun to do this same cmd. That opens a gif window (in the users browser of the deleting files animation) this probably isn't in the one line category but it would really freak noobs more than just a looping dialog maybe

  26. 200000 subs with no video
    April 26, 2019 at 17:15

    Same

  27. Squidkingdom
    April 26, 2019 at 17:15

    Random numbers, green characters

  28. NBG. -PhAntOm
    April 26, 2019 at 17:15

    The dir/s of doom!

  29. Steven Dx
    April 26, 2019 at 17:15

    Endless loop command "echo malware installed, thank you! !" & pause & cls
    (rules of the game we dont mod anything) not tested..

  30. M1lkweed 761
    April 26, 2019 at 17:15

    The USB HID standard has buttons for standby and power-off. Is there any encoder that allows those buttons to be pressed?

  31. A. O.
    April 26, 2019 at 17:15

    Can you program the ol' 'take pic of their desktop and replace as wallpaper?" that one keeps them trying to click for awhile in confusion. Bwahaha!

  32. Console
    April 26, 2019 at 17:15

    Nothing quite like a bit of Hollywood hacking 🙂

Leave A Comment

You must be logged in to post a comment.