Dropbox Bandit

Dropbox Bandit
Download Copy
Title: Dropbox Bandit
Author: Factor101

This payload is designed to target Windows 10/11 machines, but but may run on older versions of Windows. If you are using an older Rubber Ducky please use the "payload_duckyscript_old.txt" file. This payload extracts files from a specific location on a target's machine and uploads them in archives to a dropbox account. The actual payload takes about 5 seconds to run (faster on real machines, tested on virtual machine), but the actual exfiltration, which is invisible to the victim one started, can take longer depending on the total size of data to be uploaded.

Exfiltration is an involuntary backup. It's a technique for obtaining data from a network. Once obtained, the data may be removed using a number of methods. These may include traversing the network to a command and control server, such as Cloud C². The content is typically encrypted or obfuscated. In the case of physical access, a bring-your-own-network element may be included to evade detection. See all exfiltration payloads.

This payload is for the USB Rubber Ducky — a "flash drive" that types keystroke injection payloads into unsuspecting computers at incredible speeds. It's no wonder this little quacker has made appearances on Mr. Robot, FBI, Blacklist, National Geography and more!

Submit your own payload, or browse more featured USB Rubber Ducky Payloads.

 

 

Related Payloads

Exfiltrate NTLM Hash To SD
Exfiltrate NTLM Hash To SD
This payload exfiltrates NTLM hash files to the Rubber Ducky's SD card for further analysis.
Read More
Same File Name Prank
Same File Name Prank
This payload renames files and folders to all have a similar name.
Read More
Exfiltrate NTLM Hash
Exfiltrate NTLM Hash
A payload used to exfiltrate the NTLM hash on a Windows machine.
Read More