Polisher

Why do you want to use email to send the data? Email headers contain much more info as to what is happening than in the email itself....

I don't want to prove you wrong actually! Matter of fact I think you are absolutely right.

Only an absolute maximum of five can join the project and receive the firmware and documentation. And no you are not allowed to donate if your donation doesn't contribute towards the goal of 240 euros. (240eur/5 people is 48 euros)... Euros are not the same as dollars either... Right now I just want to see a show of hands on how many people want to join.

Good questions overwraith. My intentions are not to release the codes/firmware to the public because it will make the ducky and teensy too easy and convenient to use. There is no easy defense against it either if it is used in malicious ways. Not now or the future. Yea I totally agree that developers of pen-testing tools should not be held liable. Unfortunatly in Germany there is a law saying that you can not sell, distribute or give tools that "hack". The official use of goodUSB is for debugging systems and setting up a lot of different devices using one USB stick. What payloads you use with it is up to you though. I am not doing this project to monetize from, but I do expect a small compensation for my time for which I will share the documentation/code/firmware with you. You will have to agree not to share it with anyone. I think that is a fair approach? At the moment I just want to see if there is enough interest. I will let you guys know when my code reaches a respectable stage.

Code samples will not be provided to the general public. I will not start taking money until I am quite confident that my code will work, or the very least be in such a stage where it will only require some fine tuning. So a concern of yours is whether I am legitemly developing something or am just going to take the fund money and run? That is a very reasonable concern and I am open to suggestions on how I can be verified. Btw in my country that kind of fund money could buy me a hotel. See video below. (Just kidding I am from Germany :) )

I do not see a problem giving the source code as part of the documentation. Actually I am not going to be borrowing heavily from others! No code has been published by anyone for USB OS autodetection unfortunately. The majority of the code that I am using is published by atmel, as with all firmwares here... If you guys want to chat feel free to pop into #hak5 or #ducky @ irc.hak5.org

thanks for your kind words Oli. Everything you say makes me smile! :) The project will cost 240 euros. You will get constant running updates and every single piece of documentation. You may also get beta versions before you get the final v1! I will try to deliver in 1 week from the time i get the rubber ducky! 2 weeks though to give me some cushion if code doesn't run the way i want it! As soon as the crowd fund goal is met no more people will be able to join this project. Edit: If you all can give me a show of hands who wants in it would be great. You obviously do not pay if the goal has not been met.

Good questions. If anyone else has any questions please ask them here. A clear outline and all documentation necessary on how OS Auto detection works will be provided by me. I have already gathered unique identifiers for 6 different Operating Systems. (More Operating Systems and devices are coming!) This information is more than enough for me to build goodUSB. A great coder can build it probably in a day or two with the outline and documentation, but I am not the brightest and will need about a week or two. Regarding why I chose rubber ducky: It already has a correct USB port so there is no need for soldering or using a bulky adapter (like on the teensy) + the thumb drive case. The ducky has more than enough power to run goodUSB. Nohl's 8 bit usb controller had 12mhz. The ducky uses a great 32-bit controller with 60mhz for which there are many great open source firmware codes.

Is anyone interested in me developing OS autodetection? The firmware will be able to automatically detect the OS it is running on and based of that it will choose the appropriate payload for the OS. goodUSB will be able to differentiate not only between desktop OS versions but also detect some devices like android phones, Linux STB receivers and IOT devices! I have a lot of free time in the next two weeks to code this. You will get running updates on this project, all documentation, fingerprints with unique identifiers and the firmware. Only 4 - 5 people can join the project. Redistribution of the software or documentation is not allowed.

If there is interest in OS auto detection we could get crowd funding going for this. It will help me finish it much sooner! The BadUSB capabilities should bring new life into it. I will only accept 4 or 5 people into the project and you will agree not to share the documentation or firmware with anyone. The worst people and biggest agencies probably already have this, but this should not be accessible to the average joe and everyone else! I will need around 200-240 euros for this project. (56 euros for the rubber duck + shipping and 150 euros to get me through the next two weeks). Once the 200-240 euro target is reached I will not accept any more people. I have a lot of free time in these next two weeks, but I am looking to finish this in one week! If you are interested reply here and PM me so I can provide you with more info about the project. (P.s I will not trade my code for payloads so please stop asking me that in PM :) )

Karsten Nohl didn't release his BadUSB firmware for a good reason in my opinion. I am coding the same thing at the moment however I am respecting Nohl's opinion and am not releasing it to the public when it is finished. OS Fingerprinting is too powerful and can be abused a lot more than twin duck or any other firmware. I will only share it with a few friends... Besides, I have not bought a rubber ducky yet. I am ready to code it now though!

Karsten Nohl didn't release his BadUSB firmware for a good reason in my opinion. I am going to respect his opinions and not release it when it is finished. I will only share it with a few friends... Besides, I have not yet bought a rubber ducky yet. I am ready to code it now though!

That is why you would want to move your window to the top left of the screen (0,0). That way you have a reference.

You could control the mouse using powershell. There are enough scripts and examples that you can google! About the visual aspect, you do not necessarily need any visual feedback. You could move the mouse and click on things that you know will always be in the same positions. If they are not always in the same position you can position the window so the buttons you are looking for are in the positions you want! Have a look at the following video. The guy did just that but on a mac. The idea is the same though.

overwraith: are you trying to accomplish anything specific?