Theory5 Posted January 10, 2013 Share Posted January 10, 2013 So, I know the Rubber Ducky is complimented by the SD reader and other hardware, and I think it is well worth the price. However, I do not have the money to purchase this. It's not that I am cheap or don't want to. I couldn't purchase any of the Aurdino or Rasberry Pi boards when they came out, either. I originally came online today to search for the "USB Switchblade" of which I had just read about in my new issue of 2600. It sounded awesome, something I could just put on my SD card or USB device and have it grab or run what I wanted automatically. But now that I am here, I am quite confused over how this user did it, because in his article he says the USB switchblade was on his SD card and it made it sound like it was just thrown onto the normal one that he had been using in the first few paragraphs of the article. (titled: Hacking Walgreens Photo Processing Machine) So my question is, can I find a software version of ducky that does the same thing? Or are they completetly separate projects (if so, where can I find the sourcecode for switchblade)? That is, I want software that I can throw onto an SD card or USB device and have it do things, with limited functionality of course. I am not expecting it to be able to act like a keyboard, or have any of the hardware functionality. My main goal atm is to get it to act similarly to the one in the article, the author was able to use it to search for credentials like passwords, password hashes, and browser history, then he modified a bit of it to run the "Magic JellyBean password finder" and dump everything back onto the drive, without showing anything on screen. Thanks, Theory Quote Link to comment Share on other sites More sharing options...
no42 Posted January 10, 2013 Share Posted January 10, 2013 The switchblade targeted Windows machines, with Auto-run enabled. http://en.wikipedia.org/wiki/Autorun.inf Since then Vendors like Microsoft have disabled Auto-run, thats why alternatives were searched for e.g Teensy PHUKED project, Ducky V1. These initially used HID attacks, attacking the trust between a machine and a keyboard - keyboards are not usually limited by device control software (unlike mass storage drives). The power of the Ducky was noticed quite quickly, and others like myself in the community had a crack at writing different firmware's for different purposes eg. mass storage; multi-payload(demo);composite-device (systems without internet access). Hopefully, if more people invest in the Ducky, the price can drop further.... promote the power of the Ducky Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.