Oli

Yep, and that is what my device does. Not really feasible using the ducky though without hacking the firmware, etc. If you make a peensy and have the script as the arduino sketch and the SD as a mass storage device this is what happens.

That is one of the problems with SAASS (service as a software substitute). http://www.gnu.org/philosophy/who-does-that-server-really-serve.html There is no real substitute for have a copy of your own free (as in freedom) software on your own PC, rather than relying on some other persons server to do your own computing.

You might be able to fix it if you have a soldering iron. Potentially an issue with the connector being broken / lifted from pads on the PCB. Probably best to just but a new one (or alternative) though,

OK, so if anyone needs any help modding the PCB to connect the ominous box button to the expansion port / pineapple then let me know. From the pictures, it looks like the board is a simple 1 layer board and may be easier to just swap it out for a bit of perfboard rather than cutting traces. Can't believe it was missed off the design as it is essentially a zero cost upgrade to the ominous box. Connect one end of the button to a GPIO and the other to ground, use a kmod and bam the button could actually do something useful:) Whist you are there, you can add the LEDs just as easily to the expansion bus and have control via the pineapple too. No logic level translation or voltage regulator is needed so the fix is simple and cheap.

The ducky is essentially a keyboard just blindly executing a predefined set of keystrokes so it is going to work 99% (bar edge cases relating to VID/PID etc) once drivers are installed. The script is using a fairly hacky way to detect a USB dongle - just run and debug the actual script. Hacky method of doing things are likely to be easily broken / change for system to system. I'm guessing you actually remembered to name a separate flash USB drive as "DUCKY? You say "the AV kicked in and an autorun.inf file appeared on the Duck's SD card.". The script needs a separate USB drive called ducky and nothing should be actually changing the Ducks SD card - are you using one of the other firmwares to use the ducky as a mass storage device or something?

Is that all there is? Power and ground? What exactly is a " functional push button" referring to then in the product description then if you aren't connecting to any of the expansion bus GPIO? Just a buzzer or a flashing LED or something on the ominous box and no interaction with the pineapple?

EEPROM is quite slow and has limited write cycles. It could easily be used for storing payloads and scripts, but ex-filtrating data from the target is a not really feasible via EEPROM (especially not if you don't mount it as a storage device and have to bit bang the data across).

All the breakout holes (e.g. Analog 0, 1, 2, 3, 4, 5 etc) Out of the box the add-on can't "do" anything - no LEDs, buttons, other I/O. So, you need to attach something to the board and you can't just wrap an LED leg around a hole as that won't provide a sound electrical connection. You can't really solder arbitrary components to the breakout as the legs won't be long enough, you can only get a finite number of legs into a single hole, etc. Typically on any breakout board like this you would have header (male or female) so that you can use jumper wires to connect the add-on board I/O to a breadboard for prototyping. So, with say an Arduino Uno, a user can add a few jumpers to a breadboard and add LEDs and switches without needing to solder anything straight away. See the following images: http://sciencedemo.org/wp-content/uploads/2014/05/shrimp_and_arduino.jpg http://arduino.cc/en/uploads/Main/ArduinoUno_R3_Front.jpg Also, you then don't have to make permanent solder connections to the board - you can just move jump wires around to fix mistakes, etc. The first thing 99% of users of the board are going to have to do is solder some header to the add-on board. Header is pretty cheap, but it can be a bit annoying getting the exact sizes that you need in female header (the female breakaway header isn't great). Male header is easily broken down into the right lengths but isn't as convenient as female header. http://www.pololu.com/category/50/0.100-in-2.54-mm-female-headers Not an absolute showstopper, but a pain to solder nearly 30 pins before being able to use the board properly. Have a google - pretty much all Arduino boards with a non trivial number of pins are going to have header already attached. If anything, I'd be tempted to remove the ISP header and the serial programming header (presuming the Wifi Pineapple can program the board over SPI) for the RTM version of the board and use the cost saving to add header for the I/O pins which is what most people will need.

The link to the Eagle files doesn't work - both links lead to the schematic: ==Schematic & Reference Design== * EAGLE files: [https://www.dropbox.com/s/3ywjpkft82bi5nq/hdk-schematic.pdf?dl=0 hdk-design.zip] * Schematic: [https://www.dropbox.com/s/3ywjpkft82bi5nq/hdk-schematic.pdf?dl=0 hdk-schematic.pdf] Quick commentary for people who don't know what they are looking at with the schematic: Connector WIFI Pineapple 14 Pin connector to connect the board to the pineapple. SPI INTERFACE The Pineapple communicates with the Arduino via a bit-banged SPI interface (the AR9331 doesn't have hardware SPI) To make the SPI Interface work, logic level translation is needed as the Arduino will be running at 3.3V and the Pineapple GPIO is 2.5V +- 10%). The MCP1700 and NTB0104 chips are used to do this. MCP1700 Low dropout positive voltage regulator takes the 3.3V and outputs 2.5v. This is then used as the input reference value for the logic level translation chip (NTB0104) http://ww1.microchip.com/downloads/en/DeviceDoc/20001826C.pdf NTB0104 4-bit bidirectional voltage level translation - does the conversion (in both directions) from 2.5V to 3.3V. http://www.nxp.com/documents/data_sheet/NTB0104.pdf Arduino Pro Mini The rest of the board is essentially an Arduino Pro Mini Programming Interfaces ISP is for in system programming of the Arduino. There also appears to be a serial programming interface. Typically (I'd hope) the Wifi Pineapple would be used for programming the Arduino over the SPI bus. Breakout Most of the ATMEGA pins are broken out so you can add additional hardware / I/O etc to the board. Initial Thoughts No surprises as all here - turns out that my methods used for my expansion board was correct (though I used breakout boards as I'm not fully set up for SMD soldering yet - which is overkill anyway for prototyping). Generally happy with the design - based on a solid open hardware base using a pretty standard chip (ATMEGA328). Interested to see the actual software when it lands - hopefully the API will be sensible and well designed... Really could have done with female header on the pins to stop people having to get the soldering iron out straight away. Missed opportunity to have Rubber Ducky / USB functionality by not basing the design on a Leonardo-like design rather than a Uno-like design. Would be interesting to have seen what the throughput of the SPI bus is like compared to using bit-banged I2C or serial (both which use 2 GPIO pins) and also how this compared to using the hardware serial on the AR9331 (like on the Arduino Yun). Quite a small board, but a not fantastic use of the space. For anything non-trivial you are going to need to attatch an additional board... Would have been noce to have a prototyping area (with standard 0.1 pin pitch) actually on the board. Some GPIO is wasted... These could have been used to provide an example of how to use the GPIO without level conversion to add some extra stock I/O such as a few tactile buttons, slide switch or LEDs. Missed a great selling point for the board - would of been nice if some stock functionality was there so that people without soldering irons etc would still have a reason to buy the board. Stick in a real time clock, some RGB leds and a few switches along with the pin breakouts and that would be instant win (kind of like the Pimoroni Pibrella) All the level shifting stuff should have been actually part of the main Pineaple PCB rather than as add-on then people could have easily interfaced with whatever they wanted rather than just the Arduino.

It is not a "hate" comment but sarcasm. I've been there (show stopper bugs/issues on release of Hak5 hardware) and I am still having problems due to the lack of up to date firmware (which is a legal right under GPL) and lack of complete build instructions. I've spent hundreds with Hak5 and am trying to raise the bar of what I feel is an inappropriate level of quality. Constant 'half baked' products, documentation and software (along with GPL copyright violations) is, in my humble opinion, not acceptable and is as "fair of a point" as your Hak5 apologetic stance. Sure, the Hak5 crew are nice people and i'm sure there is no deliberate malice, but there is a definite quality control problem that I am highlighting that needs to be addressed if I am to buy anything from them again in the future.

How rude of you to expect firmware, support and documentation or example use cases for a product you purchased! HAK5 are a small team, making no profit from the hakshop and clearly marked the product as not yet supported on on the product page! Oh wait...

The firmware was reluctantly released to satisfy legal obligations under the GNU Public License (GPL) - the absolute minimum has been done. The firmware has not been updated for months (against the GPL that legally enforces via copyright that an offer for the corresponding source should be made available) and neither has the GitHub source code... Still waiting (coming up to a year) for official expansion bus info so don't expect any proper guide to get the pineapple firmware and software into the "as released" state anytime soon.

Thanks Lavanoid! It is all pretty much as I thought it would be - when I get time I'll see if I can start a schematic so that we can see if there are any fun hardware hacks that can be done. Nothing is immediately apparent though.

Thanks for posting the pics in the other thread - looks like those pins on the bottom of the Ducky are JTAG/reset pins and I don't think they can be used as GPIO or any of the common protocols easily - more investigation is needed.... So, I don't think it is a simple case of soldering on some header then hacking the firmware (which is not as trivial as modifying Arduino sketches). There appears to be unused GPIO pins on the Atmel chip that could be used for modding the Ducky with some thin wire, probably more effort than it is worth though, especially when the firmware is taken into account. Additionally, not much value in hacking into the LED / tactile switch I/O as nothing too interesting can be done with that.

Post some PCB pics and I'll tell you :) A Teensy 2 (or later) has a ton of I/O for LEDs / screens / buttons / anything else. Some might say it is even a WiiFi Pineapple expansion board,

I've spent a fair amount of time and effort and money - next step is to design some custom PCBs to shrink my prototype down. I'd release my stuff not as "open source", but "free software" (GPLv3) - yes, they are essentially the same thing, but freedom is what is important for "hacker" tools. I have a proof of concept that works fantastic for me (search previous threads for photo) and I'm not sure if I can be bothered finishing it to "release" quality. I'm quite busy and this is just a hobby. I've had nothing but friction so far with the official Hak5 products. I really want to support them but I'm pretty close now to just designing my own stuff that work just as I like them and tossing my MKV in a drawer. I'm pinning my hopes on the Pineapple HDK and add-on board (the design files for which were supposed to be released over 2 weeks ago... I'm still waiting...). If this stuff is not to my liking or if they don't accept improvements to supposedly "open" hardware then I'm just going to leave the community and work on my own stuff. Quite frankly a year waiting for basic expansion bus info is absolutely ridiculous and then after the wait the add-on board looks unimpressive (five minutes looking at it and I have a dozen quick win improvements). Also, the USB Rubber Ducky Github has not been updated for 3 years! Hardly a supported product. Yes, that pseudo code is more what is needed - something that promotes re-useability and non-trivial applications. I'm tired of seeing ridiculously simple "scripts" that are essentially open a command prompt or powershell and run a simple command or two! I have a Jinja3 / python framework that I'm successfully using to generate payloads that are an order of magnitude more elegant than ducky script.

Cool - then I can see if any GPIO is free for LEDs etc :)

Well it is a USB keyboard, so if the system supports USB keyboards then the ducky will work?

U3 is pretty much dead so essentially pointless. The add-on board for the MKV could easily be a Rubber Ducky 2.0 (if designed right). I have a prototype "Ducky 2.0/Add-on board" using off the shelf components, it wouldn't be too hard to properly design this fit a USB drive form factor. First things first: the terrible "Ducky Script" language needs revisiting!

Anybody got some nice resolution pics of both side of a Rubber Ducky PCB that they could share? I accidentally broke mine and chucked it before I got properly interested in electronic engineering!

Any progress on this?

Just desolder the DIP switch (using desoldering pump/braid/gun) then you can add GPIO 01, 13, 15, 16 and 11 to the available I/O on the expansion bus. This is a bit of a pain using the stock I/O since the default firmware pinches some of them, but I just work around this. Eventually I will get around to modding the main part of the firmware (if I can be bothered) but for now I just use workarounds. This way, you can have extra LEDs etc on the pineapple without needing an Arduino based expansion. The stock I/O can be used for switches, LEDs, buttons etc without an Arduino being involved. I was never 100% happy with the stock DIP switch implementation anyways.

Yeah, paying twice as much plus shipping, plus tax, plus a wait of a few weeks for a ten times less capable hardware device that can't do the thing that you started the post asking how to do is definitely the way to go

If you are in the UK get this: http://shop.pimoroni.com/products/teensy-3-1 Then look at this: https://github.com/offensive-security/hid-backdoor-peensy Then pat yourself on the back :)

Desoldered mine to get access to some more GPIO pins.