How to Run a Ducky-Script Fake Windows Login

Picture this: your buddy steps away from their computer for a moment, and when they return, they're greeted by a fake Windows login screen, prompting them to enter their password. Little do they know, you've just pulled off a harmless prank using the Ducky-script-Fake-Windows-Login!

This article will guide you through the process of setting up and using this amusing script, available at https://github.com/Potential-Threat/Ducky-script-Fake-Windows-Logon.

Demo

What You'll Need:

• A Rubber Ducky USB device or Flipper Zero

How to Set It Up:

1. Download the script from the GitHub repository: https://github.com/Potential-Threat/Ducky-script-Fake-Windows-Logon.

   
   

2. Open the script.txt file in a text editor.

   
   

3. Replace the <YOUR_ACCESS_TOKEN_HERE> placeholder on line 45 with your own Dropbox access token: STRING $DropBoxAccessToken = 'YOUR_ACCESS_TOKEN_HERE'.

   
   

4. Save the changes to the script.txt file.

   
   

5. Deploy the payload to your Rubber Ducky USB device or Flipper Zero.

   
   

To obtain a Dropbox access token, follow these steps:

• Sign in to your Dropbox account or create one if you don't have one already: https://www.dropbox.com/.

  
  

• Go to the Dropbox Developer App Console: https://www.dropbox.com/developers/apps.

  
  

• Click the "Create app" button.

  
  

• Select "Scoped access" under "Choose an API" and choose "Full Dropbox" under "Choose the type of access you need." This allows your app to access all files and folders in your Dropbox account.

  
  

• Give your app a unique name, for example, "FakeWindowsLoginPrank," and click "Create app."

  
  

• In the "OAuth 2" section of your app's settings page, click the "Generate" button to create a new access token. Your access token will be displayed in a text field.

  
  

• Copy your access token and use it to replace the <YOUR_ACCESS_TOKEN_HERE> placeholder in the script.txt file, as mentioned in the previous instructions.

  
  

• Keep in mind that your access token is sensitive information, as it provides full access to your Dropbox account. Do not share it with others or expose it in public repositories. Store it securely and remember to revoke it if you suspect that it has been compromised.

How to Use It:

1. Insert the Rubber Ducky USB device or Flipper Zero into the target computer.
2. The script will automatically run, displaying a fake Windows login screen.
3. When the user enters their password and clicks "Submit," the script captures the password and uploads it to the specified Dropbox account.

How It Works:

The Ducky-script-Fake-Windows-Login is a fun and crafty script that takes advantage of the Rubber Ducky USB device or Flipper Zero to execute a series of commands on the target computer.

The script first minimizes all windows, then opens PowerShell with administrative privileges. It proceeds to disable Microsoft Real-Time Protection and opens Notepad to save a script that uploads the captured password to Dropbox.

Next, it downloads and executes the FakeLogonScreenToFile.exe file, displaying a fake Windows login screen to the user. When the user enters their password, the script captures the input and uploads it to Dropbox using the provided access token.