: your buddy steps away from their computer for a moment, and when they return, they're greeted by a fake Windows login screen, prompting them to enter their password. Little do they know, you've just pulled off a harmless prank using the Ducky-script-Fake-Windows-Login! Picture this This article will guide you through the process of setting up and using this amusing script, available at . https://github.com/Potential-Threat/Ducky-script-Fake-Windows-Logon Disclaimer: Please note that this script is for educational and entertainment purposes only. Always obtain permission from the computer's owner before using it. Demo What You'll Need: A Rubber Ducky USB device or Flipper Zero How to Set It Up: Download the script from the GitHub repository: . https://github.com/Potential-Threat/Ducky-script-Fake-Windows-Logon Open the file in a text editor. script.txt Replace the placeholder on line 45 with your own Dropbox access token: . <YOUR_ACCESS_TOKEN_HERE> STRING $DropBoxAccessToken = 'YOUR_ACCESS_TOKEN_HERE' Save the changes to the file. script.txt Deploy the payload to your R device or Flipper Zero. ubber Ducky USB To obtain a Dropbox access token, follow these steps: Sign in to your Dropbox account or create one if you don't have one already: . https://www.dropbox.com/ Go to the Dropbox Developer App Console: . https://www.dropbox.com/developers/apps Click the "Create app" button. Select "Scoped access" under "Choose an API" and choose "Full Dropbox" under "Choose the type of access you need." This allows your app to access all files and folders in your Dropbox account. Give your app a unique name, for example, "FakeWindowsLoginPrank," and click "Create app." In the "OAuth 2" section of your app's settings page, click the "Generate" button to create a new access token. Your access token will be displayed in a text field. Copy your access token and use it to replace the placeholder in the file, as mentioned in the previous instructions. <YOUR_ACCESS_TOKEN_HERE> script.txt Keep in mind that your access token is sensitive information, as it provides full access to your Dropbox account. Do not share it with others or expose it in public repositories. Store it securely and remember to revoke it if you suspect that it has been compromised. How to Use It: Insert the Rubber Ducky USB device or Flipper Zero into the target computer. The script will automatically run, displaying a fake Windows login screen. When the user enters their password and clicks "Submit," the script captures the password and uploads it to the specified Dropbox account. How It Works: The Ducky-script-Fake-Windows-Login is a fun and crafty script that takes advantage of the Rubber Ducky USB device or Flipper Zero to execute a series of commands on the target computer. The script first minimizes all windows, then opens PowerShell with administrative privileges. It proceeds to disable Microsoft Real-Time Protection and opens Notepad to save a script that uploads the captured password to Dropbox. Next, it downloads and executes the FakeLogonScreenToFile.exe file, displaying a fake Windows login screen to the user. When the user enters their password, the script captures the input and uploads it to Dropbox using the provided access token. Please remember that this script is intended for fun and educational purposes only. Always obtain permission from the computer's owner before using it. The author and contributors are not responsible for any illegal actions performed with the help of this script. Happy Hacking!

Read My Stories

Too Long; Didn't Read

CTA: Download the FREE AI Productivity Shift report

How to Run a Ducky-Script Fake Windows Login

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

How to Get a Reverse Shell on macOS Using A Flipper Zero as a BadUSB

Your USB Gadget Could Be Weaponized

3 Flipper Zero Hacks to Wow Your Friends (and How They Work)

255 Stories To Learn About Hacking

4 Reasons To Learn Ethical Hacking

How to Get a Reverse Shell on macOS Using A Flipper Zero as a BadUSB

Your USB Gadget Could Be Weaponized

3 Flipper Zero Hacks to Wow Your Friends (and How They Work)

255 Stories To Learn About Hacking

4 Reasons To Learn Ethical Hacking

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps