Duckie Scripts
These Duckie Scripts are made by us in house and are potent.
Use Base64 to encode them which helps reduce detection, we also sell the Base64 encoder for the duckie scripts encoding.
List of scripts:
🔍 Clipboard Stealer
This payload silently opens the clipboard content on the victim's machine and logs or copies it. It can be used to capture sensitive data such as copied passwords, emails, or crypto wallet addresses.
=========================================
📱 Remote/Reverse Access
This payload injects a reverse/remote shell, hidden from plain view and allows the user to access/control the victim machine. May need Base64 encoding if being used solo.
=========================================
👤 Create Admin User
Creates a hidden administrative user account on the Windows system using built-in command line tools. This can allow persistent access to the machine if credentials are known.
=========================================
🔑 Credentials Grabber
Leverages Windows tools like `runas`, `cmdkey`, or PowerShell to enumerate or capture stored credentials. May also attempt to dump hashed credentials depending on the context.
=========================================
⬇️ Download and Execute
Downloads a remote executable file from a specified URL and runs it. This is commonly used to deploy second-stage payloads, malware, or tools like Cobalt Strike or Metasploit droppers.
=========================================
💥 Fork Bomb
A destructive test payload that spawns endless new processes to overwhelm system resources, resulting in a crash or reboot. Used as a denial-of-service prank or sabotage script.
=========================================
🖥️ System Info Dump
Gathers system details including hostname, username, IP address, OS version, and hardware info using commands like `systeminfo` and `ipconfig`, then outputs the result to a visible file or clipboard for extraction.
=========================================
📶 Wi-Fi Keys Grabber
Uses `netsh wlan show profiles` and `netsh wlan show profile name=... key=clear` to extract saved Wi-Fi credentials from the system. These can be exfiltrated or saved to a file for collection.
=========================================
🪟 Fake Windows Update
Displays a full-screen fake Windows Update screen to distract or delay the user. Useful for running long or suspicious background processes unnoticed.
=========================================
⚠️ Panic Shutdown
Forces an immediate shutdown or restart of the victim machine. May be triggered by a hotkey or button as a quick clean-up or exit tactic.
=========================================
📸 Screenshot Grabber
Takes a screenshot of the current display and saves it to disk using PowerShell or third-party tools. Useful for grabbing session data, visible passwords, or open windows.
=========================================
📁 USB Copy Script
Automatically scans for USB drives, then copies selected files (e.g. documents, images, PDFs) from the target to the connected device. Can be filtered to target specific file types.
=========================================
🧽 Anti-Forensics
Cleans logs, disables recovery features, deletes recent files, or wipes bash/history/powershell logs. Makes forensic analysis and investigation much harder for responders.
=========================================
🛡️ Disable Defender
Disables Windows Defender features using PowerShell commands. It turns off real-time monitoring, sample submission, behavior monitoring, and other protection services.
=========================================
♻️ Restore Defender
Re-enables all Windows Defender features that were previously disabled. Useful after testing or when trying to return a system to its default state.
=========================================
🚫 Firewall Bypass
Disables or opens specific Windows Firewall rules to allow incoming/outgoing traffic on certain ports. Useful for enabling reverse shells, web servers, or malware communication.
=========================================
⚠️ Legal Notice:
Duckie Scripts is intended strictly for educational and authorized testing purposes. You may only use this software on devices you own or have explicit permission to test. Hack n Back Tech assumes no responsibility for misuse.