Comments are annotations added to source code of a payload for the purposes of describing the functionality and making it easier for humans to read and understand. This is especially helpful given the open source nature of DuckyScript payloads.
When sharing, or modifying a shared payload, comments are especially helpful for conveying important aspects, such as constants and variables which may be specific to each user's particular environment.
As an example, a remote access payload may specify the IP address of a reverse shell listener within a constant. This may be documented within a comment block at the beginning of the payload, or as a single line comment above the definition.
REMcommand does not perform any keystroke injection functions.
REMgets its name from the word remark. While
REMmay be used to add vertical spacing within a payload, blank lines are also acceptable and will not be processed by the compiler.
REM This is a comment block.
REM It can be as many lines as you wish, as long as they all begin with REM.
REM This block will not be compiled into the inject.bin file.
REM It will however help fellow DuckyScript programmers understand this payload..
- If encoded, this example payload will not perform any keystroke injection.
REM Sometimes it's helpful to add single line comments above specific sections.
ATTACKMODE HID STORAGE
REM This executes d.cmd from the drive with the label DUCKY. Change as necessary.
STRING powershell ".((gwmi win32_volume -f 'label=''DUCKY''').Name+'d.cmd')"
- This payload executes a cmd file on the root of the USB Rubber Ducky MicroSD card.
- The comment above the
STRING powershell...line notes the necessity for the volume label of the MicroSD card to be "DUCKY".
Payloads, especially those designed to be shared, should begin with a block of comments specifying the title of the payload, the author, and a brief description. Additionally, one may wish to describe the target (OS, version) and any credit or inspiration (commonly commented as props).
REM Title: Full Screen TREE Command
REM Author: Darren Kitchen
REM Description: Runs "tree" in fulll-screen green-on-black cmd window.
REM Target: Windows 95 - 11
REM Props: Korben
ATTACKMODE HID STORAGE
STRING cmd /K color a & tree c:\