Rubber Ducky

What is a rubber ducky?

A USB Rubber Ducky is a device designed to mimic a USB keyboard, making it a powerful tool for penetration testing and security auditing. When plugged into a computer, it can inject pre-written scripts, simulating a sequence of keystrokes at superhuman speeds. This enables it to execute commands, open programs, download files, or modify settings on the target machine.

Why rubber ducky?

Building a Rubber ducky from scratch is a bit challenging and fun project to build, moreover by modifying it we can do more interesting hacks, i.e next project could be a WI-FI ducky.

BUILD REQUIREMENT………………………..

• Attiny85 - 1

• Zener Diode 3.6V - 2

• Resistors (68 ohm -2) & (330 ohm - 2) & (1k ohm - 1)

• 2 LED

• Male USB

Diagram

Initially, the first step is to bootload the ATTiny85 microcontroller. For this, we initially use an Arduino Nano as a programmer to flash the ATTiny85 with the required bootloader. Once this bootloading process is complete, the circuit we’ve built can act as a standalone programmer, eliminating the need for an external IC programmer in the future.

With the bootloader installed, we can now directly program the ATTiny85 using the USB interface. Next step is to install the Digispark driver.

Next, simply connect the device to a computer’s USB port, and the Arduino IDE will recognize it as a programmable device. This setup enables us to upload code to the ATTiny85 conveniently, without requiring additional hardware. The LEDs and other components in the circuit provide visual feedback during programming.

WORKING…………………….

Computer: Who are you?

Rubber Ducky: I am an HID device.

Computer: Oh, so you’re like a keyboard? Go ahead.

Rubber Ducky: Exactly! When plugged in, I act just like a keyboard, sending preprogrammed keystrokes and commands directly to you.

Computer: Alright, what do you do?

Rubber Ducky: Let’s go! Once connected, I automatically start sending keystrokes as if a user were typing them. This allows me to run scripts and commands quickly, which can be useful for automation, testing, or even penetration testing tasks.

Computer: So, you’re like an automated keyboard for specific commands?

Rubber Ducky: Exactly! I execute commands as fast as possible, without needing any manual input from the user. That’s the magic of being a “Rubber Ducky” – I look like a USB drive but act like a keyboard, seamlessly executing the script I’m programmed with.

Script Example………………...

#include "DigiKeyboard.h"
void setup() {
  //empty
}
void loop() {
  DigiKeyboard.delay(2000);
  DigiKeyboard.sendKeyStroke(0);
  DigiKeyboard.sendKeyStroke(KEY_R, MOD_GUI_LEFT);
  DigiKeyboard.delay(600);
  DigiKeyboard.print("https://youtu.be/dQw4w9WgXcQ?t=43s");
  DigiKeyboard.sendKeyStroke(KEY_ENTER);
  DigiKeyboard.delay(500);
  DigiKeyboard.sendKeyStroke(KEY_R, MOD_GUI_LEFT);
  DigiKeyboard.delay(1000);
  DigiKeyboard.print("http://fakeupdate.net/win10ue");
  DigiKeyboard.sendKeyStroke(KEY_ENTER);
  DigiKeyboard.delay(500);
  DigiKeyboard.sendKeyStroke(KEY_F11);
  for(;;){ /*empty*/ }
}

So , the above Script works like an automated keyboard is hitting the key but the catch that it sending the keystroke in milliseconds, this script aims to open the fake update windows screen and play the YouTube video in the background.

Demonstration………….

In creating this Rubber Ducky, I’ve explored the process of bootloading, gained insights into shell scripting, and uncovered many more valuable lessons in hardware hacking and automation like installing a RAT(Remote Access Trojan) or either manipulating the .dll(dynamic linked library) files . Stay tuned for more!