Jump to content

Archived

This topic is now archived and is closed to further replies.

anthrounit

[Version 1] Speculative Developments

Recommended Posts

I wanted to open a little discussion on the Ducky Dev kit or whatever you wanna call it, but according to everything ive seen and heard about this clearly shows there is plenty of room for more so here i wanted to see if we can stir any ideas up. First looking at the kit itself its just a simple chip that can hold a small amount of data inside with the exception of wiring a SD card to it. now I have been a huge fan of the switchblade and all the different payloads but lets say we have it as a device that works as a HUD along side a common flash drive so the scripts for the HUD for the command line and all that and maybe even some of the switchblades payload can be on the SD card so when you plug in the ducky at say a friends house it looks normal enough works normal enough instead of being the 5 second ducky in the usb slot. as for switching the payloads I was thinking something similar to the switchblade pocketknife payload with specifying it into a script on the Dev kit chip itself then have all the different payload scripts and files on the SD card to run. Darren did say something about a dip switch for switching between payloads and maybe that's a good idea but what about using a dip switch as a on off switch for the payload to make it a normal usb flash drive for those you don't want to hack. my goal in creating a usb Ducky is to keep everything simple clean and freaky with abilities. I even have taken some hak5 icons I made some time ago for the switchblade to have the switchblade as the icon in the my computer windows but actually they were make for the hak5 Linux box I have. Hopefully we can get this USB rubber Ducky done up to be out uber USB Dooms Day Device ;)

Share this post


Link to post
Share on other sites

Firstly, paragraphs, makes posts a WHOLE lot easier to read.

I think using the duck to load switchblade payloads is a good idea, it would help to increase the pwnage potential of the project as a whole.

The reason darren was talking about DIP switches is because whenever you add another switch to the line, the ammount of payloads you can access will increase quite a bit (There is a rule for this but I can't remember it off the top of my head.) so esentually you could have a huge list of payloads and you can choose the one that will work in a particular situation.

Anyway, as for developments to come I'm planning on both making Mac payloads and a payload that when inserted into an xbox 360 will go and buy things off the xbox live marketplace while your friend goes to have a drink or even play Rock Band since we can fake USB IDs, the possibilities are wide open with this project since it can do almost anything a USB device can do (Quite a bit might I add.).

Share this post


Link to post
Share on other sites
Anyway, as for developments to come I'm planning on both making Mac payloads and a payload that when inserted into an xbox 360 will go and buy things off the xbox live marketplace while your friend goes to have a drink or even play Rock Band since we can fake USB IDs, the possibilities are wide open with this project since it can do almost anything a USB device can do (Quite a bit might I add.).

Funny, I was playing MW2 last night and the thought of a rapid fire button crossed my mind. I'm not that mean, however. <_<

Share this post


Link to post
Share on other sites
Funny, I was playing MW2 last night and the thought of a rapid fire button crossed my mind. I'm not that mean, however. <_<

Rapid fire would not work since the xbox would see it as another controler but you could get it to play games like Rock Band because they are predictable and the same everytime you play them, this is the same reason why aimbots usually have to be built into the game code itself to work.

Share this post


Link to post
Share on other sites

so far the payloads will need to be compartmentalized for mac windows (maybe between various various like 95 to xp) and of-course Linux and even something oddballish such as the 360 or ps3 I am still thinking about what in the world I could to with it but if I could use it like the old Nintendo game genie I could think of some wishes to have granted.

as for the payload for different versions what if we made a script that would go to the payload for say windows and we could select the XP payload and say everything is in this one folder or maybe organized nice and neat. and the script would just use those specific payload files and give you the user the power of controlling the script to activate and deactivate different sections of that like with the USB Pocket Knife with the menu it has that convenient.

and just a thought but who isnt going to notice a yellow rubber duck if your trying to be all 007 or Austin powers like (ya baby ya!!) idk the exact size of how big everything is going to be with the sd flash on it and the usb adapter to the dev board but what if it was something or casual for the housing like a large marker with the cap to cover the usb plug or something?

Share this post


Link to post
Share on other sites
Rapid fire would not work since the xbox would see it as another controler but you could get it to play games like Rock Band because they are predictable and the same everytime you play them, this is the same reason why aimbots usually have to be built into the game code itself to work.

Ah yes...

But what if I just wanted to stand there and rapid fire :)

Share this post


Link to post
Share on other sites
Darren did say something about a dip switch for switching between payloads and maybe that's a good idea but what about using a dip switch as a on off switch for the payload to make it a normal usb flash drive for those you don't want to hack. my goal in creating a usb Ducky is to keep everything simple clean and freaky with abilities.

This is where understanding the hardware with the programming comes in handy. Based off what I saw in the latest episode Darren is using the Teensyduino. There are a bunch of I/O bins on that board. If you run out then you can use an I/O expander that supports i2c.

For dip switches you will end up connecting each switch to an input pin. Then in the setup() function read the dip switch pins to figure out how the dip switch is set and fork the code accordingly.

Since it is AVR/Arduino based there is a ton of possibilities with interfacing with other hardware. If the hardware support i2c or spi you should be able to interface with it. This includes SD cards, EEPROMs, sensors, tons of stuff. Add a wifi shield and you could have it twitter its actions.

Share this post


Link to post
Share on other sites
Since it is AVR/Arduino based there is a ton of possibilities with interfacing with other hardware. If the hardware support i2c or spi you should be able to interface with it. This includes SD cards, EEPROMs, sensors, tons of stuff. Add a wifi shield and you could have it twitter its actions.

Completely off topic, but:

Twitter feed:
Mr Rubber Ducky: @Hak5: Just got the passwords to John's computer. His email password is hunter2! lolol

Share this post


Link to post
Share on other sites
Completely off topic, but:

Twitter feed:
Mr Rubber Ducky: @Hak5: Just got the passwords to John's computer. His email password is hunter2! lolol

Actually, not completely off topic. Twitter could be the tool to have the ducky post commands for a bunch of drones.

It's a mini-computer that is easily programmable. I didn't realize the Teensy existed before the ducky existed. I have an arduino project I have been thinking of but wonder if I could implement it. The Teensy is going to make it much easier with the USB support.

If I get my current arduino project done I will try to rmember to post something int he everything else forum. it will give you an idea on what you can do with the thing in terms of automation. It's a custom motorcycle led accent lighting project that uses an Arduino mini as the host, a YellowJacket arduino clone as a (very slow) webserver for iphone control, 4 button key fob control, and microsd to store the animations. I could replace the YellowJacket with a Fonera if the Fonera didn't run so hot. It's would be stored inside my storage compartment so there wouldn't be much air flow. Unless anyone knows another small AP that can use dd-wrt or openwrt. Anyway, starting to ramble on an off topic subject :)

Share this post


Link to post
Share on other sites
Ah yes...

But what if I just wanted to stand there and rapid fire :)

Or, you could add some buttons as movement though it wouldnt work very well, it would work >.<

Share this post


Link to post
Share on other sites

I think as far as the rapid fire on xbox is concerned, it'd just be easier to mod an existing controller.

Probably some sort of 555 circuit.

Share this post


Link to post
Share on other sites

a little off topic but you could use this to work to configure a ps3 to auto check for updates for the console and/or shows from psn and download them on start up and just leave it in so it will do it every boot unless you press like the L2 and R2 buttons

Share this post


Link to post
Share on other sites

Just saw the show for today and with that duck hunt program made by moonlite to block HID keyboard access I was thinking why not have a little something to kill it on the storage area of the ducky. now your thinking well how can I run it automatically, if the keyboard is a no go there is a good chance other things should be working like mouse control and scripts. so my idea is make a little shutdown script for the defenses of the duck hunt program, maybe it should be called "Killer Ducks" lol.

Share this post


Link to post
Share on other sites
Just saw the show for today and with that duck hunt program made by moonlite to block HID keyboard access I was thinking why not have a little something to kill it on the storage area of the ducky. now your thinking well how can I run it automatically, if the keyboard is a no go there is a good chance other things should be working like mouse control and scripts. so my idea is make a little shutdown script for the defenses of the duck hunt program, maybe it should be called "Killer Ducks" lol.

The Duck hunt program blocks HIDs I believe (correct me if Im wrong..). That would mean any HID device.

Nice thought, but not going to work.

Seb

Source:

DuckHunt 1.1.1:

This application will prevent all keyboard and mouse input when new USB devices are attached and will only allow input again when the device is removed. It will prevent the USB Rubber Duck from functioning and on Vista and higher it will also prevent the use of the Autorun dialog. Requires .net Framework 3.5 and on Vista/7 also requires Administrator privileges.

Share this post


Link to post
Share on other sites

there has to be another way...if the U3 switchblade had a cd rom partition and the ducky has a macro for keyboard and mouse is it possible that we could do the same thing as the switchblades cd rom partition even tho there is a patch for it i hear. still something has to come up when the device is detected other then a prompt for what to do. still I don't fully understand the duck hunt program but if its only HID devices with keyboard and mouse why would scripts be effected, just a thought i just came up with what if the ducky's keyboard mimicked the attached keyboard it has to have some unique ID tag or something it can get. but if the computer things the HID is its own keyboard that's perfectly legit just makes me wonder if it would really pull it off.

The Duck hunt program blocks HIDs I believe (correct me if Im wrong..). That would mean any HID device.

Nice thought, but not going to work.

Seb

Source:

DuckHunt 1.1.1:

This application will prevent all keyboard and mouse input when new USB devices are attached and will only allow input again when the device is removed. It will prevent the USB Rubber Duck from functioning and on Vista and higher it will also prevent the use of the Autorun dialog. Requires .net Framework 3.5 and on Vista/7 also requires Administrator privileges.

Share this post


Link to post
Share on other sites

ok got my dev kit in the mail today (TY Darren) and got to check it out a little. its much smaller then I first thought, but still the possibilities started to race in my head. Yet, Duck hunt is a prime target Ill be looking very closely at it this week to see if I cant find a loop hole in it and I believe I have a working theory on working around it but now that i have the kit i can test that theory.

what i would like to know is why Darren decided to shove an abomination of hardware up a ducks butt for?

Share this post


Link to post
Share on other sites
still I don't fully understand the duck hunt program but if its only HID devices with keyboard and mouse why would scripts be effected, just a thought i just came up with what if the ducky's keyboard mimicked the attached keyboard it has to have some unique ID tag or something it can get. but if the computer things the HID is its own keyboard that's perfectly legit just makes me wonder if it would really pull it off.

The rubber ducky doesn't use scripts, it simulates keystrokes. The ducky's ability to do so gives it power because it won't be blocked by mechanisms built into Windows Vista and 7 which block autorun code execution without the user's knowledge. If duck hunt prevents your device from sending signals to the machine, you are dead. There is no script execution, nor any key presses sent to the machine. This is why scripts would be effected.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...