Dropbox Bandit

Dropbox Bandit
Download Copy
Title: Dropbox Bandit
Author: Factor101

This payload is designed to target Windows 10/11 machines, but but may run on older versions of Windows. If you are using an older Rubber Ducky please use the "payload_duckyscript_old.txt" file. This payload extracts files from a specific location on a target's machine and uploads them in archives to a dropbox account. The actual payload takes about 5 seconds to run (faster on real machines, tested on virtual machine), but the actual exfiltration, which is invisible to the victim one started, can take longer depending on the total size of data to be uploaded.

Exfiltration is an involuntary backup. It's a technique for obtaining data from a network. Once obtained, the data may be removed using a number of methods. These may include traversing the network to a command and control server, such as Cloud C². The content is typically encrypted or obfuscated. In the case of physical access, a bring-your-own-network element may be included to evade detection. See all exfiltration payloads.

This payload is for the USB Rubber Ducky — a "flash drive" that types keystroke injection payloads into unsuspecting computers at incredible speeds. It's no wonder this little quacker has made appearances on Mr. Robot, FBI, Blacklist, National Geography and more!

Submit your own payload, or browse more featured USB Rubber Ducky Payloads.

 

 

Related Payloads

Exfiltrate NTLM Hash
Exfiltrate NTLM Hash
A payload used to exfiltrate the NTLM hash on a Windows machine.
Read More
Shark Net Sniff
Shark Net Sniff
uses tcpdump to capture network traffic for 1 minute and saves a pcap into loot storage folder
Read More
SSH proxy pivot
SSH proxy pivot
Creates Dynamic port forwarding available on Squirrel to allow for pivoting inside network from remote server.
Read More