Hak5 1503 – Install OwnCloud and Cracking Passwords with a Rubber Ducky

Cracking Windows passwords in 15 seconds or less with a special USB Rubber Ducky firmware and mimikatz. Build your own Dropbox alternative for free with OwnCloud – Shannon’s Installation and Configuration guide. Then Darren borrows a page from Mubix with a Ducky Script to dump Windows memory for password cracking without getting caught by Anti-Virus. All that and more, this time on Hak5!

Download HD | Download MP4

Youtube Hak5 1503.1: http://youtu.be/JON76zbiL1o
Youtube Hak5 1503.2: http://youtu.be/grWdm-fKCtk
Youtube Hak5 1503.3: http://youtu.be/HZY13jOcars

Cracking Windows Passwords in 15 seconds or less with a USB Rubber Ducky
This USB Rubber Ducky payload by RedMeatUK
is wicked. Using Gentilkiwi’s <ahref=”http://blog.gentilkiwi.com/mimikatz”>Mimikatz, this duckyscript is able to grab the plaintext password of the logged on user from a target Windows box running anything between XP and Windows 8 – 32 or 64 bit.

I decided to give it a go and make a modified version which uses the Ducky-Decode community firmware to grab the plaintext password from our target machine and save it to the SD card on the duck.

The Twin Duck firmware is nothing short of amazing. It makes the USB Rubber Ducky show up as both a HID Keyboard and Mass Storage – just like a regular USB drive. There are a few limitations, but nothing that hinders this payload. Specifically the Twin Duck is only capable of executing payloads of 2048 keystrokes (4K inject.bin files). It also only supports a transfer speed of about 150 KB/s – which is about 9 megabytes per minute. That said it is a fantastic firmware perfect for this situation.

Taking the Windows Password Recovery Ducky Script a little further I was inspired by Mubix’s blog on Room362.com about using Microsoft’s Sysinternals tool ProcDump to grab the memory from lsass.exe for later password extraction goodness with mimikatz. This is beautiful because Microsoft’s own tool is used to recover the Windows password – so there’s little chance of it setting off any Anti-Virus alarm bells. Grab the USB Rubber Ducky Payload here.

Looking forward I figured this would be a great opportunity to use Matt Graeber’s awesome PowerSploit in order to dump process memory even quicker. Low and behold b00stfr3ak took this on with a Ducky lsass dumper written in Ruby. Using it you’re able to pull off a lsass memory dump without the need for mass storage — it’ll transfer the file right over the network and even sets up the listener for you. Awesome stuff all around!

How to Install OwnCloud in Ubuntu Server 12.04
OwnCloud is a dropbox alternative that is open source and available for multiple platforms. Today, I am installing OwnCloud and setting it up on my Linux Ubuntu 12.04 server in a VM. There are steps online, but they are a bit outdated, so we want to start by going to and using the terminal steps to download and install OwnCloud. This takes a little while so I’ve already pre-installed it. Once it’s installed you can go to your browser and surf to your ifconfig IP address from the server. This should open the OwnCloud GUI. Type reboot if you get an error in OwnCloud. Create your admin account and you should be set! Log into your account, download the desktop or mobile phone app and start uploading.


  • Nico

    None of the Ducky Scripts are working if the PC is in an enterprise network with AD or other Domain Controller and the user does not have administrative rights.
    Any thoughts on that?

  • Alexander Jackson

    I have been testing ownCloud on and off for the last three years. With each new version new bugs appear which effectively render productive usage useless.
    I am always afraid of updating ownCloud just to find out that things that used to work don’t work anymore.
    Also, the file syncing part is very buggy and likes to produce lots of conflicts. I read a few comments about slow syncing speeds, but haven’t noticed this myself. Synching with different ownCloud servers at the same time is not possible since this option was not thought of at the initial client development. I don’t get it but no one was able to imagine that users would like to synchronize to their private and business ownCloud server at the same time. And what about the business partners who run their own ownCloud server and want to share files with me via the sync client. These scenarios are not possible with the current ownCloud sync-client. At least with Dropbox this would be possible.
    The company behind ownCloud claims that ownCloud is an open source alternative to Dropbox. But even after almost four years they are still not able to maintain a stable version or fix errors in a timely manner. It looks like there is now quality management – at least not in the community version. Also it seems like they are not very interested in solving issues openly on their forum. I thought about buying a supported version but what it looks like from the outside I don’t believe it’s worth paying for. Remembering the ridicules prices they had on their business site about a year ago does not help. Who are there targeted clients? The prices suggest larger companies. I just can’t believe that these companies would accept this buggy piece of software that does not even perform well with a handful of users.
    I am not a programmer but what I have been reading around the web – the code behind the shiny GUI seems to be “not up to time” (spoken nicely because I still like the idea behind ownCloud). Nevertheless at the current (shabby) state I don’t feel like paying for ownCloud. Even though I would love to support them.
    About a month ago I stumbled over an article about Seafile in the German version of the linuxuser magazine (http://www.linux-community.de/Internal/Artikel/Print-Artikel/LinuxUser/2013/09/Komfortable-private-Cloud-mit-Seafile). I had never heard about the project prior and was very surprised that there might be a real alternative to Dropbox.
    In the short time of testing I feel that Seafile does a way better job at synchronizing files then ownCloud has ever done. One thing I don’t like compared to ownCloud is the confusing web interface. Also there are far less features in Seafile then in ownCloud at the moment but at least the few available features work after the initial configuration. One major advantage is that the sync-client is able to sync to different Seafile servers at the same time.
    I just hope future Seafile-updates won’t be as troublesome as the ownCloud ones.
    All in all I am very happy how Seafile performs in this early stage. I believe Seafile is a real Dropbox alternative compared to ownCloud if you take into account only the main functionality of file-synchronization.
    Another good thing about Seafile ist that the Chinese programmer Lingtao Pan is very helpful in the online community and via email.
    Seafile is a Chinese open source project which I was a bit suspect about at first to be honest. Since I am German I wanted to trust the German ownCloud project but they have kept disappointing me for too long.
    Another thing that annoyed me with ownCloud was that in the early beginning it deleted some important business related files which I hadn’t backed up at the time – I keep thinking about that incident…
    Maybe you can review Seafile (http://seafile.com) in one of your upcoming shows?

  • myles mcnamara

    Well….if you use a stable branch of owncloud you shouldn’t have any problems, and if you do … it’s open source, so contribute back to the community and provide the fix 🙂

  • moviestarplanet hack no download

    The official trailers of the interlude are quite tempting because they reveal a lot about upcoming events.
    Regularly, a functional vacation premises Becoming For a minimum
    of 90, for it to be of their necessary set up 90 stages,
    we’d like styles but also best suited and as a result non-elite businesses prior to A Language Like German GS criteria, while much as 100 metres because
    separate thousand parts of generally speaking easy places, are allowed to
    have more as compared with 1 centimetres along with malfunction. Lefton has
    a bit of big-screen exposure herself, having played the
    role of three-year-old Annie in the 1991 comedy, “Father of the Bride.

  • AnnelleOFreidkin

    I absolutely love your blog.. Excellent colors & theme.
    Did you develop this web site yourself? Please reply back as I’m hoping to create my own site
    and would love to find out where you got this from or exactly what the theme is called.
    Many thanks!

  • Rick Jubert

    Owners thinking about loaning their horses on the unit can rest
    assured that each animal’s daily welfare needs and charges could be met with the police Rick Jubert they will want a voided check,
    a duplicate of your license or id, a duplicate of the bank statement
    with your account number on it, as well as a copy of your most current
    pay stub.

  • CarliKHudon

    Tremendous issues here. I am very satisfied to look your post.

    Thank you a lot and I am having a look forward to contact you.
    Will you please drop me a e-mail?

  • Pandora Bracelet Outlet Sale

    Let me inroduce myself, my name is Angelica. One of the
    points she loves most is bird keeping but she’s thinking on starting something
    mroe challenging. Montana is her birth place but her husband wants
    them to run. I am currently a hotel receptionist.

    See what’s new on my website here: Pandora Bracelet Outlet Sale

  • http://Www.Scout-Gunma.org/

    ?here are some incredible Wo – W leveping spec guide? out there th?t w?ll help
    ?ou take your game even further. Andd that’s to say noth?ng ?f Hero Mode, which ?nlocks after ?ou fini?xh tthe
    game for the first time and causes Link to take a whopping fou? times as muc damage
    as normal — trul?, only hardcore ?elda fans need apply for that
    challenge. Resou?ces inclu?e ea?ier mining and the ability to chop maple trers in F2P.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>