Make your own BadUSB with a Digispark

StefanStefan
2 min read

Table of contents

How to make your Digispark run BadUSB Scripts using Duckify!

https://youtu.be/X6R8cveFz74

What is a Bad USB

A Bad USB is a USB device that acts as a USB keyboard to run a keystroke injection attack, which can be used to open a terminal and run commands on the target computer.

Because these attacks are scripted, they can happen incredibly fast. It's crazy how a BadUSB with the right script can take over an unlocked computer in just 3 seconds!

We've covered this in more detail in a previous blog post How Bad USBs work

What is the Digispark

Digispark Development Board

The Digispark is a very simplistic development board based on the ATTiny85. It's popular due to the Arduino compatibility, built-in USB-A plug (so no dangling cables!), the affordable price, and the fact that it can act as a keyboard.

Buy a Digispark (affiliate link): https://amzn.to/3v69bU0

How to run Bad USB Scripts on your Digispark

Duckify Website

Ok now, how do we turn the Digispark into a BadUSB?

I made an online converter that makes this process incredibly easy!

  1. Visit duckify.huhn.me

  2. Enter your Bad USB script on the left (it's Ducky Script compatible)

  3. Select your keyboard layout and hit convert

  4. Now you have an Arduino sketch that you can download and flash onto your digispark

Further Documentation

Check out https://duckify.huhn.me/docs/digispark/getting-started for a more in-depth tutorial on the Digispark and a reference to the scripting language

Once you have Arduino setup, it's really straightforward.

1
Subscribe to my newsletter

Read articles from Stefan directly inside your inbox. Subscribe to the newsletter, and don't miss out.

BadUSB

Written by

Stefan
Stefan

CS student building open-source tools for fun and profit. Mostly hacking around with Arduino.