nik321

Can I get my Rubber Ducky to do this?

8 posts in this topic

Hello fellow Hak5 enthusiasts! 

I just wanted to run a quick question by you.

Would it be possible to set the rubber ducky up in such a way that...

When you plug the ducky in, it runs a script to check for the IP in the ipconfig in windows CMD, and then save the ip to a file within the USB?

While also, the ducky acting as a USB drive? So as its doing its thing with ipconfig, you can also browse to files on the ducky that I have saved... Possibly an Image file?

So it tricks the target into thinking this is just an ordinary usb drive with a picture on it... But in the back ground, grabbing the IP?

0

Share this post


Link to post
Share on other sites

What you are describing is the Twinduck firmware (have a look at the wiki).

It will mount your Ducky as a USB Drive and as a HID. So it will execute keystrokes while being mounted as a USB Drive.

You can of course write the output ofthe ipconfig command to your usb drive. will look something like (in cmd):

for /f %a in ('wmic logicaldisk get volumename^,name ^| find "DUCKY"') do ipconfig > %a/ip.txt

Note that your sdcard must be labeled DUCKY for this to work.

0

Share this post


Link to post
Share on other sites

you can also change the VID and PID to make it look like a completely different device, like say a bluetooth dongle, webcam, mouse, keyboard, just about any device you want.

0

Share this post


Link to post
Share on other sites
14 hours ago, ThoughtfulDev said:

What you are describing is the Twinduck firmware (have a look at the wiki).

It will mount your Ducky as a USB Drive and as a HID. So it will execute keystrokes while being mounted as a USB Drive.

You can of course write the output ofthe ipconfig command to your usb drive. will look something like (in cmd):


for /f %a in ('wmic logicaldisk get volumename^,name ^| find "DUCKY"') do ipconfig > %a/ip.txt

Note that your sdcard must be labeled DUCKY for this to work.

This sounds very promising. Thank you very much.

0

Share this post


Link to post
Share on other sites
6 hours ago, b0N3z said:

you can also change the VID and PID to make it look like a completely different device, like say a bluetooth dongle, webcam, mouse, keyboard, just about any device you want.

Oh ok interesting! Thanks for this little info. Might come in handy!

0

Share this post


Link to post
Share on other sites
11 hours ago, b0N3z said:

you can also change the VID and PID to make it look like a completely different device, like say a bluetooth dongle, webcam, mouse, keyboard, just about any device you want.

I'm guessing this could circumvent some security programs that use a whitelist for devices? Using the same VID/PID as a device that is whitelisted, it would allow the ducky to run?

Interesting.

0

Share this post


Link to post
Share on other sites

can this be done also with the arduino atmegau34 leonardo pro micro ?    i tried to run  the ducky code thru duckuino converter   and therese too many errors for me to figure out

lol  i would like to execute a .exe   ( " payload.exe" ) for example  by pluging in a plash drive along with the 32u4 leonardo  and have it execute  my .exe file off the flash drive 

what i had in mind if this would work is they make a single male to double usb female adapter i would like to see if this can be done im sure it can but my programming skills are limited lol  in other words im a dummy  .. but if any of you all has example code  that i can have that would be great ...

i have already asked this question  on here but no replies yet  here is the link  the code i tried is there too  thanks in advance

 

0

Share this post


Link to post
Share on other sites
6 hours ago, haze1434 said:

I'm guessing this could circumvent some security programs that use a whitelist for devices? Using the same VID/PID as a device that is whitelisted, it would allow the ducky to run?

Interesting.

exactly :)

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.