Time
2 hours 25 minutes
Difficulty
Beginner
CEU/CPE
3

Video Transcription

00:00
you know have some commands that are used in conjunction with a lot of other commands. For example, we have the L command, which will imitate the old key.
00:09
Now, as you know, our as you may know, the whole key is used in a lot of short cut features. For example, if you have a pop up window uh, asking yes or no? Yes, you can hit. Why say yes.
00:23
So this coming command continues with a lot of their commands like and escape all the F keys. Single character keys are space or tab,
00:33
and this is very useful because this can cut down a lot of time
00:37
within your tripped
00:39
controls. Another examples. We have the controller Ctrl Command that imitates the control key
00:45
and again that can be used with a lot of other commands like break pas, all the F keys, escape or some other single characters.
00:54
Then we have the break or pause command which will imitate the brakes slash pas key,
00:59
the caps Lock command. I don't find I've used this very often because when you write ah, command safe, you have string and then a command after you could capitalize or do whatever case you want. But sometimes you will need the caps lock. So it's there for you
01:15
thing we have the in command which will do the in key,
01:19
the escape command or yes, he
01:23
which, of course, imitates the escape heat
01:26
and then the insert command,
01:29
which imitates answer key.
01:32
Now we just have a few more commands left. First on the slide we have the NUM lock Command, which will imitate the num lock key.
01:38
The Print Screen Command, which does the print screen key for now familiar print screen that basically takes a screen capture of your screen and saves it to your clipboard. And I find we don't use is ah lot with Ducky script, but in the particular lab will be doing We will be using it.
01:57
Then we have the scroll lock command, which does this cruel AKI,
02:00
the Space Command, which does the space key. Ah, the Inter Command, which does the enter key and that get used quite a bit as well because, for example, for doing something in like a command when newer power shall window, you'll need to enter hidden her quite a lot after your commands
02:17
than West is not on the keyboard. It actually repeats the previous command. That command is repeat.
02:24
So say, for example, let me show you. Here
02:29
you have
02:30
the up command.
02:31
Now, maybe you figured out in your script you need to do 10 of these. So, senators writing 10 out like this, you could do this. You could say up and then
02:43
repeat
02:44
10.
02:45
So you repeat
02:47
that command 10 times,
02:53
okay? And that that should do it for the commands of Ducky script.
02:57
Now there's a lot to keep in mind when making a script with Ducky script. It usually takes quite a few of revisions to get the code working properly.
03:07
I find one working on even simple scripts. It could take dozens of times to get it right,
03:15
because there's always something you may not expect. You may have toe add delays or do other things you didn't think had to do so. Please, if you get frustrated when you're making your own scripts, don't it really? Just It takes some patients in some practice
03:31
again because of the revisions you need. Do you need to actually test your scripts? If you're not testing, I guarantee you you will come into some sort of problem that you'll need to fix down the road. So before you deployed, just always test.
03:47
And as I said before, delays really matter in this ripped.
03:52
Um, if if you do not have a long enough delay and script,
03:57
um, it could have ah,
04:00
command's going on top of each other. So it really doesn't
04:02
the script. We may not have the intended effect, or if you do them too long, someone may come back and notice something's not right or on an unemployed, the device.
04:15
And because of all this, it's really important to have a lot of information on the target device, because if it's too slow and you have really fast commands, it's not gonna work or vice versa. Eso In these attacks, it's very important to do
04:31
your reconnaissance work. Otherwise, it's just not gonna work the way you intend

Up Next

USB Drop Attack

Malicious devices are everywhere these days, whether you can see them or not.

Instructed By

Instructor Profile Image
Shawn Briere
Information Security Analyst
Instructor