Time
2 hours 25 minutes
Difficulty
Beginner
CEU/CPE
3

Video Transcription

00:00
Okay, so after the string, be close. This what we want to do is close m s paint. And to do that, you can hit
00:10
Alta four. So let me do it here and show you what happens. Bam! It's gone.
00:15
So
00:16
after a string be we want to delay, Let's do another DeLay 200.
00:21
And then we'll hit all four and that will close the program.
00:25
Then the last thing we want to dio is we just want to minimize everything against we'll do another 200 delay
00:32
and then one does D and that will minimize everything.
00:36
So now we have the script we want,
00:38
uh, best best, uh, thing you should do is now uncovered it and test it out. So let's go ahead and do that. So let's go ahead and copy Here.
00:49
Our script here.
00:51
Copy. Don't go to the encoder website.
00:54
Go ahead and pace the said.
00:57
And now we're going to select whatever language you're going to use. I'm going to use the United States,
01:03
and then we'll go ahead and generate the script
01:06
and we'll get that that message again. Hit. Okay.
01:11
Now, if you make an air in ah, in this in the script. This website will actually tell you. So that's that's kind of nice feature there.
01:19
Some Once we have that. Let me go ahead, download that.
01:22
Save it.
01:23
And now let me actually plug in my micro SD card with the adapter.
01:30
So
01:34
pop up here in a second.
01:38
There we go. So this is empty for now. So what I'm gonna do,
01:44
I'm going to go to downloads, get the inject file. Actually, I had one here from before, so I'm just gonna throw this on and rename it so I believe it's the drive.
01:55
So if it's name like this, it's not going to run. So let's go ahead and make sure it's called inject dot Bend.
02:01
All right, so this should be good to go now, So I'm gonna go ahead and close this
02:06
and eject it.
02:08
And so let's let's try it out and see what happens.
02:13
Plug it back into my
02:15
You must be rubber ducky
02:17
and plug it in.
02:22
And remember, it has a five second delay to start, so we'll give it a few seconds here to start.
02:30
Okay, There we go. It's minimized everything in the icons
02:36
pasted in screen shot. And, uh oh, looks like we have our first error. So let's go ahead and look out and see what we did wrong.
02:45
And, user. Oh, yeah. Looks like I misspell profile user profile, and this is very common. And this is why we test our scripts before we run them. So let's go back. We won't save this
02:59
and will change us here, so Yep. Indeed. So we want to say profile.
03:06
Okay, So now will regenerate the script.
03:08
Say OK,
03:09
download this, Oppa Gan and actually 1,000,000 me. Unplug my USB rubber ducky and plug it back that my krusty back into the adapter
03:20
and we'll plug it back in the computer,
03:24
get a second
03:25
and we'll delete this.
03:28
Yes, let's go back to my downloads and we'll leave both of the east to make it nice and clean.
03:35
Okay, so let's go ahead and down. Those this inject up in file.
03:39
Save it way. Go.
03:42
All right, now to move it back,
03:45
tour my Krusty.
03:46
There we go.
03:49
Close this out and checked it again.
03:52
And this is the process that happens all the time. When you're working with these types of scripts, it just takes some time to get it working correctly. So let's try this again.
04:04
So again, get back in.
04:10
Okay, give it a few seconds.
04:15
Okay?
04:25
All right. And there we have it. Uh, let me just double check. And Yeah, As you can see, I'm clicking on these icons
04:32
and they are not working. So let's let's just take a look and see what, uh what? It set the background. As
04:41
so as you could see, this is the desktop background. And this was the original in here. So it does its job. So let's let's search the original just to see what it looks like.
04:51
Oh,
04:53
try that again.
04:56
Here we go.
04:59
And is it? You see, when I do that, there is no icons here, so it is annoying. Um, and it could be a good prank to plant people. So, um,
05:08
yeah, that's that's That's our payload we made.
05:12
Now there's all kinds of different payloads you can make. Um, and anything you could do with a keyboard you can do with
05:20
with this USB rubber, duckie. Really? The possibilities are endless. S o a cz. You could see it could be you could do a lot of pranks or you could do a lot of malicious things. So it's You have to be very, very careful with USB devices on, uh, and know what you're doing. So
05:40
hope you enjoyed the slap, so we'll move on to the next lap.

Up Next

USB Drop Attack

Malicious devices are everywhere these days, whether you can see them or not.

Instructed By

Instructor Profile Image
Shawn Briere
Information Security Analyst
Instructor