Standard Phishing Campaign

Standard Phishing Campaign
Download Copy
Title: Standard Phishing Campaign
Author: Aleff

A script used to exfiltrate the Standard username and password by a phishing campaign. This DuckyScript code performs several actions related to downloading and unzipping a file from a specified link. The script creates a new random directory, downloads a zip file from the specified URL, and unzips it. It also opens a login page. This payload was created and tested on Linux but since the HTML markup code and JavaScript language are cross platform it will certainly be usable on machines running Windows or MacOS as well. However, it is essential to modify the DuckyScript script appropriately according to the terminal emulator used (PowerShell for Windows, Shell MacOS for Macs) since the commands are often not the same. To make it easier to use below you can find the various tested configurations, at the moment it is not available for macOS because since I do not have one it cannot be tested and therefore I cannot give the certainty that it works, however I hope that in the Hak5 community there may be someone who can contribute to this payload by completing it with this missing part.

🏆   Recognized with a Payload Award in September 2023

 

Phishing is a popular technique for gaining access to a target. Generally, phishing is a digitally delivered social engineering method. Phishing techniques may use a wide net, or specifically target one role or individual — known as spearphishing. Many phishing campaigns involve tricking a target into divulging confidential information, such as by mimicking a known-trusted source — be it a website or person. See all phishing payloads.

This payload is for the USB Rubber Ducky — a "flash drive" that types keystroke injection payloads into unsuspecting computers at incredible speeds. It's no wonder this little quacker has made appearances on Mr. Robot, FBI, Blacklist, National Geography and more!

Submit your own payload, or browse more featured USB Rubber Ducky Payloads.

 

 

Related Payloads

Cookie Monster
Cookie Monster
Recreates the 1969 program from Brown University. This version types messages asking for a cookie. Until the user type c
Read More
FileHunter
FileHunter
Crawls all drives of the target system for a specific file or file type, to then compress and exfiltrate them to the Duc
Read More
Silent File Exfiltrator
Silent File Exfiltrator
This DS1 payload executes a stealthy script that silently collects and exfiltrates specific file types through Discord w
Read More