mackwage Posted October 6, 2011 Share Posted October 6, 2011 I apologize if this seems like a dumb question. I am seeking to understand the benefit in having the duck emulate other USB devices. Would it execute the malicious script any differently? Quote Link to comment Share on other sites More sharing options...
pyro2927 Posted October 6, 2011 Share Posted October 6, 2011 I apologize if this seems like a dumb question. I am seeking to understand the benefit in having the duck emulate other USB devices. Would it execute the malicious script any differently? It's not a dumb question. First off, emulating other devices would require a major rehauling of the script. Currently the firmware just checks for inject.bin on the SD card, then emulates the keystrokes it finds in that file. If you only update the firmware the duckencoder is still just going to load keystrokes into inject.bin, and nothing new will happen. The fun comes when you get the ducky emulating multiple devices at once. The computer recognizes it as both a mass storage device and keyboard. They keyboard can "inject" an xcopy script to dump important information to it's own SD card. You can have it emulate a physical DVD drive and load malicious ISOs on boot. It would give the RubbyDucky MUCH more potential and capable of different attack vectors, not just executing keyboard scripts. In short, the keyboard aspect would probably remain the same, you would just be able to attack via other ways as well. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.