Search the Community

Introducing the latest Composite Firmware - Codename : The Twin Duck The Ducky primarily acts as a USB Mass Storage Device, and on a click of the button will start emulating a Keyboard. Its multi-OS, multi-lingual and comes in three flavours: c_duck_v2.hex - Supports DuckyScript as HID payload, triggered automatically and on GPIO (limited instructions) c_duck_v2_S001.hex - Triggered on CAPS/NUM/SCROLL LOCK c_duck_v2_S002.hex - Triggered on Ducky's GPIO only! Depending on your circumstances, you may want to use either one of these available firmwares. Downloads http://code.google.c.../downloads/list Please test and post feedback here. Snake

Hi there, I got my bunny today and while developing a payload to drop my meterpreter onto the computer, it actually got detected by my AV and deleted from the storage. At that point, I remembered a pretty boring defcon talk I once saw showing a device able to block every write / delete on an usb stick. Further it allowed to filter the data to get passed to the os so you can ultimatively hide any files until you need them which can be especially useful when you have a stick with multiple exploits / payloads on it and some of them may trigger the AV but are not necesserily needed at one stage or your usb stick get's checked when walking into a facility while pentesting (actually happened to me once :/). So I'm kindly requesting an extension to the API which: Allows to block every write to the usb stick. Allows to filter every read / write from / to the storage. I would suggest the visitor pattern, but I guess it is not compatible to bash :( Yours sincerely, VincBreaker

Hello all, i am new with rubber ducky, can anyone explain the below things to me so that i can get a clear image for it. can i use it as a usb mass storage device ? like it should show in PC that new mass storage device found and i can put files into it directly ( the mounted sdcard space) ? without remove sd card again and again ? will payloads wrok ? if i put files directly from PC into sdcard (without removing) using ducky usb port ? will ducky works (executes the commands / keyboards key ) while pluging into PC first time ? like as i feel like it does'nt work on first time it detects and install drivers and i have to re-plugin again to get it work. Thank you in advance, please explain a bit and suggest.

NEW Version 2.0 of my USB SwissKnife (Faster, Smaller and concealed, With new USB Ruber Ducky 2.0) Since HAK5 recently lowered its price on the USB Ruber Ducky, I decided it was time to update my old USB SwissKnife! So this one is quite simple; A HAK5 USB Ruber Ducky with the TwinDuck (Composite HID + Mass Storage) firmware with a 8Gb SD card + a 32Gb Bootable USB drive. The Bootable USB Drive is exactly like the old one except that I increased from 16Gb to 32Gb… So the old one still correctly describe that portion. However, the new version of the Ruber Ducky is quite different; - It run on custom hardware instead of using a Teensy. - It has its own scripting language. - It is officially supported by some Penetration Testing software. - Require no programming skill to operate and update payload. - Support Mass Storage from the payload SD card. - Faster and slimmer hardware… So it effectively supersede the older versions, including mine… Now, the question is; can I make it better? Well, the only down side is the speed of the USB Mass Storage which is way too slow to use it as a Bootable USB key, It is still good enough for small Application, Script and Payload so I’ll reserve that storage space for that purpose only, which is still very useful since you can access the payload without removing the SD card. In order to add a Bootable USB Key to the mix, I would need to do the same thing I did on the old version, which is adding a HUB… But this time I realized that I have never used both the HID attack vector and the Bootable USB key at the same time, which kind of make sense since one Inject a payload in a foreign OS, the other Boot an OS on a foreign machine, they are 2 different thing so why not use 2 different key? Well, simply because I want to carry only 1 key! All that to say that this hack simply consist of putting the 2 USB devices in the same plastic package, the real hack is what you put on and do with them! Check OLD Version 1.0 for details about the bootable USB tools...