The rubber ducky from Hak5 has always interested me but being a cheapskate I didn’t want to spend the USD$40 on buying one when I think of them as potentially throw away devices. In a real world penetration test I visualise dropping a bunch of “USB Drives” around a business and having them install a backdoor automatically upon insertion. My solution to this problem is the DigiSpark which can be bought for as little as $5 each.
Setting up a Digispark as a rubber ducky is quite easy. Digispark have a library called “DigiKeyboard” and is automatically detected as a HID device. This means you can import the library and do a minimal amount of coding to get a fairly effective rubber ducky. You should however note that the Digispark is not always detected fully and sometimes you require a small USB hub. With the use of a USB hub I have found it to work on 100% of devices I have tested it on.
- DigiSpark Buy Cheaper on ebay
- Some free time
How to setup a “DigiDucky”:
- Install the arduino IDE. Download
- Install the Digispark and get it connected to your Arduino IDE. Tutorial
- Run the test script provided to check it is working - This is a rickroll payload for Windows. It should automatically open up Rick Astley’s Never Gonna Give You Up on youtube. Download
- Use the provided bash script to convert rubber ducky scripts to digispark scripts. Download Note: Untested
Blog post will be updated as development continues.
This blog post was inspired by Chris Adebenham’s USB-Rubber Ducky scripts on Arduino/Leostick
Update 22nd November 2016
To fix issues with the DigiSpark not being detected by some machines (particularly USB3 ports) you can use an adapter like this for around $2.
The 3d printed case design requires the USB adapter mentioned above.