Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
hak5
GitHub Repository: hak5/usbrubberducky-payloads
 Path: blob/master/payloads/library/prank/Multi_HID_HeyGotAnyGrapes/payload.txt
2968 views
1
REM TITLE Hey Got Any Grapes?

2
REM AUTHOR Cribbit

3
REM DESCRIPTION Get Powershell or MacOS "say" or Linux (ubuntu) "espeak" to speak the opening of the duck song

4
REM NOTE espeak need to be install on the system for it to work

5
REM PROP Song by Bryant Oden

6


7
EXTENSION OS_DETECTION

8
    REM VERSION 1.0

9


10
    REM USB Rubber Ducky Host OS Detection

11
    REM Generic OS detection at a high view is a moving target

12
    REM results may vary greatly depending 

13
    REM on a combination of many variables:

14
    REM  - number of testing stages

15
    REM  - specific devices and versions tested against

16
    REM  - number of systems testing for (scope)

17
    REM  - detection techniques (passive/invisible/active/hybrid)

18
    REM  - overall speed

19
    REM  - overall accuracy

20


21
    REM TARGET:

22
    REM DEFAULT - Windows, Mac, Linux

23
    REM ADVANCED_DETECTION - Windows, Mac, Linux, iOS, ChromeOS, Android

24


25
    REM USAGE:

26
    REM Uncomment the function call below to run this extension inline (here)

27
    REM or call DETECT_OS() anywhere in your payload after the extension

28
    REM Place this extension and the DETECT_OS() before

29
    REM you would like to first reference $_OS to execute payload code conditionally

30


31
    REM CONFIGURATION:

32
    DEFINE VERBOSE FALSE

33
    DEFINE ADVANCED_DETECTION FALSE

34
    DEFINE STARTUP_DELAY 1500

35
    DEFINE RESTART_WAIT 1000

36
    DEFINE CONNECT_WAIT 1000

37
    DEFINE OS_DETECT_MODE HID

38
    DEFINE OS_DETECT_VID VID_05AC

39
    DEFINE OS_DETECT_PID PID_021E

40
    DEFINE WINDOWS_HOST_REQUEST_COUNT 2

41
    DEFINE HOST_RESPONSE_TIMEOUT 1000

42


43
    FUNCTION DETECT_OS()

44
        $_HOST_CONFIGURATION_REQUEST_COUNT = 0

45
        ATTACKMODE OS_DETECT_MODE OS_DETECT_VID OS_DETECT_PID

46
        DELAY STARTUP_DELAY

47
        SAVE_HOST_KEYBOARD_LOCK_STATE

48


49
        IF VERBOSE THEN

50
            IF ADVANCED_DETECTION THEN

51
                STRING ADVANCED OS DETECT

52
            ELSE 

53
                STRING OS DETECT

54
            END_IF

55


56
            ENTER

57
            STRING test caps

58
        END_IF

59


60
        IF ($_CAPSLOCK_ON == FALSE) THEN

61
            LED_R

62
            CAPSLOCK

63
            DELAY HOST_RESPONSE_TIMEOUT

64
        END_IF

65
        LED_OFF

66


67
        IF VERBOSE THEN

68
            ENTER

69
            STRING test done

70
        END_IF

71


72
        IF $_RECEIVED_HOST_LOCK_LED_REPLY THEN

73
            IF VERBOSE THEN

74
                ENTER

75
                STRING received led response

76
            END_IF

77
            LED_G

78
            IF ($_HOST_CONFIGURATION_REQUEST_COUNT > WINDOWS_HOST_REQUEST_COUNT) THEN

79
                IF VERBOSE THEN

80
                    ENTER

81
                    STRING prediction: Windows

82
                END_IF

83
                $_OS = WINDOWS

84
            ELSE

85
                IF VERBOSE THEN

86
                    ENTER

87
                    STRING prediction: Linux

88
                END_IF

89
                $_OS = LINUX

90
            END_IF

91
        ELSE

92
            IF VERBOSE THEN

93
                ENTER

94
                STRING no led response

95
                ENTER

96
                STRING prediciton: MacOS

97
            END_IF

98
            $_OS = MACOS

99
        END_IF

100


101
        IF ADVANCED_DETECTION THEN

102
            IF ( $_OS == LINUX ) THEN

103
                IF VERBOSE THEN

104
                    ENTER

105
                    STRING soft reconnect

106
                END_IF

107
                ATTACKMODE OFF

108
                DELAY RESTART_WAIT

109
                ATTACKMODE OS_DETECT_MODE OS_DETECT_VID OS_DETECT_PID

110
                DELAY CONNECT_WAIT

111
                IF VERBOSE THEN

112
                    ENTER

113
                    STRING reconnected

114
                END_IF

115
                IF ($_CAPSLOCK_ON == TRUE) THEN

116
                    IF VERBOSE THEN

117
                        ENTER

118
                        STRING caps led on

119
                        ENTER

120
                        STRING test numlock

121
                    END_IF

122
                    NUMLOCK

123
                    DELAY HOST_RESPONSE_TIMEOUT

124
                    IF VERBOSE THEN

125
                        ENTER

126
                        STRING test done

127
                    END_IF

128
                    IF ($_NUMLOCK_ON == FALSE) THEN

129
                        IF VERBOSE THEN

130
                            ENTER

131
                            STRING no numlock led

132
                            ENTER

133
                            STRING prediciton: ChromeOS

134
                        END_IF

135
                        $_OS = CHROMEOS

136
                    ELSE

137
                        IF VERBOSE THEN

138
                            ENTER

139
                            STRING numlock led on

140
                            ENTER

141
                            STRING testing scrolllock

142
                        END_IF

143
                        SCROLLLOCK

144
                        DELAY HOST_RESPONSE_TIMEOUT

145
                        IF VERBOSE THEN

146
                            ENTER

147
                            STRING test done

148
                        END_IF

149
                        IF ($_SCROLLLOCK_ON == TRUE) THEN

150
                            IF VERBOSE THEN

151
                                ENTER

152
                                STRING scrolllock led on

153
                                ENTER

154
                                STRING prediciton: Android

155
                            END_IF

156
                            $_OS = ANDROID

157
                        ELSE

158
                            IF VERBOSE THEN

159
                                ENTER

160
                                STRING no scrolllock reply

161
                                ENTER

162
                                STRING prediction: Linux

163
                            END_IF

164
                            $_OS = LINUX

165
                        END_IF

166
                    END_IF

167
                END_IF

168
            ELSE IF ($_OS == MACOS) THEN

169
                IF ($_CAPSLOCK_ON == TRUE) THEN

170
                    IF VERBOSE THEN

171
                        ENTER

172
                        STRING caps led on

173
                        ENTER

174
                        STRING prediction: iOS

175
                    END_IF

176
                    $_OS = IOS

177
                ELSE 

178
                    IF VERBOSE THEN

179
                        ENTER

180
                        STRING no caps reply

181
                        ENTER

182
                        STRING prediction: MacOS

183
                    END_IF

184
                    $_OS = MACOS

185
                END_IF

186
            ELSE IF ($_OS == WINDOWS) THEN

187
                IF VERBOSE THEN

188
                    ENTER

189
                    STRING Confident Windows Prediction

190
                END_IF

191
                $_OS = WINDOWS

192
            END_IF

193
        END_IF

194


195
        RESTORE_HOST_KEYBOARD_LOCK_STATE

196


197
        IF VERBOSE THEN

198
            ENTER

199
            STRING OS_DETECT complete

200
            ENTER

201
        END_IF

202
    END_FUNCTION

203


204
    REM Uncomment the function call below to run this extension inline (here)

205
    REM or call DETECT_OS() anywhere in your payload after the extension

206


207
    REM DETECT_OS()

208
END_EXTENSION

209


210


211
DEFINE #DUCKSONG "A duck walked up to a lemonade stand and he said to the man, running the stand. Hey! Bum bum bum. Got any grapes? The man said No we just sell lemonade. But it's cold. And it's fresh. And it's all home-made. Can I get you a Glass? The duck said I'll pass! Then he waddled away. waddle waddle. Til the very next day. Bum bum bum bum bum bumbum" 

212


213
DETECT_OS()

214


215
IF ($_OS == WINDOWS) THEN

216
    GUI r

217
    DELAY 200

218
    STRINGLN powershell

219
    DELAY 300

220
    REM the powershell version uses Speech Synthesis Markup Language so the speech can emphasis some words a change pitch for the duck

221
    STRINGLN Add-Type -AssemblyName System.speech;(New-Object System.Speech.Synthesis.SpeechSynthesizer).SpeakSsml('<speak version="1.0" xmlns="http://www.w3.org/2001/10/synthesis" xml:lang="en-US">A duck walked up to a lemonade stand<break time="0.5s"/>And he said to the man, running the stand<break time="0.5s"/><prosody rate="fast"><emphasis>Hey!</emphasis></prosody><prosody pitch="x-low">Bum bum bum</prosody><break time="0.5s"/><prosody rate="fast"><emphasis>Got any grapes?</emphasis></prosody>The man said<break time="0.5s"/>No we just sell lemonade. But it''s cold. And it''s fresh. And it''s all home-made. Can I get you a <emphasis>Glass?</emphasis><break time="0.5s"/>The duck said<break time="0.5s"/><prosody rate="fast">I''ll <emphasis>pass!</emphasis></prosody>Then he waddled away<prosody pitch="x-low">waddle waddle</prosody><break time="0.2s"/>Til the very next day<prosody pitch="x-low">Bum bum bum<break time="0.2s"/>bum bum bumbum</prosody></speak>')

222
ELSE IF ($_OS == MACOS)

223
    COMMAND SPACE

224
    DELAY 100

225
    STRINGLN terminal

226
    DELAY 100

227
    STRING say

228
    SPACE

229
    STRINGLN #DUCKSONG

230
ELSE IF ($_OS == LINUX)

231
    CTRL-ALT t

232
    DELAY 300

233
    STRING espeak

234
    SPACE

235
    STRINGLN #DUCKSONG

236
END_IF

237