Git Product home page Git Product logo

blueducky's Introduction

BlueDucky

logo

BlueDucky is a blue-team tool. It generates a list of USB-Rubber-Ducky instructions.

The idea behind this tool is to create different payloads for each member as fast as possible. Each member of the team will have a USB-Rubber-Ducky. Each member will be responsible of setting up different boxes. Here where the tool comes handy, the team can make a customized USB-Rubber-Ducky payload for each member. Payloads that run PowerShell and SSH into each box and execute a list of instructions for each box and making payloads will not take more than a minute before the competition.

The goal is to design the fastest incident response plan, which should include:

  • Changing every user's password in every box.
  • Executing customized scripts to setup firewall rules, setup up new users, clean cronjobs/scheduled task... you know the drill ...

Setup

$ git clone https://github.com/M507/BlueDucky.git
$ cd BlueDucky
$ python3 BlueDucky.py
$ # Follow the instructions
..
..
Saving ..
Enter filename > output.txt
$ java -jar duckencode.jar -i output.txt -o inject.bin
$ cp inject.bin /<usb path>/

Configuration

  • All scrpits/plans must be in Config/
  • Windows scrpits/plans must have .ps1 extension
  • Linux scrpits/plans must have .sh extension
  • BlueDucky/Config/startingAccounts file is where the default credentials should be.
Win:admin:10.1.2.1:CCDCsucks123#
Win:admin:10.1.2.5:CCDCsucks123#
Win:admin:10.1.2.10:CCDCsucks123#
Win:dnsUser:10.1.2.202:CCDCsucks123#
Linux:root:10.2.2.2:Admin123#
Linux:dnsadmin:10.2.2.202:Admin123#
  • BlueDucky/Config/NewPasswords file must have two inputs, one for Windows users, and the other one for Linux:
Win:THISisTHEnewPASSWORD
Linux:UPDATEDpassword

  • BlueDucky changes all passwords to what is in Config/NewPasswords file.

  • BlueDucky/Config/NewUsers file is where the backup users shoud be, they will be created after chaning the password for the default users.

Win:Admin123:MyPasswordIs123456:1
Win:user1:123456:0
Linux:Admin:Password123456:1
Linux:user1:123456:0
  • BlueDucky/Plans directory is where the firewall/anyscrpit scrpts should be.

Requirements

  • python3
  • java

github.com/M507

blueducky's People

Contributors

m507 avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.