Jump to content

[Question] Rubber Ducky Without The SD Reader?


Theory5

Recommended Posts

So, I know the Rubber Ducky is complimented by the SD reader and other hardware, and I think it is well worth the price. However, I do not have the money to purchase this. It's not that I am cheap or don't want to. I couldn't purchase any of the Aurdino or Rasberry Pi boards when they came out, either.

I originally came online today to search for the "USB Switchblade" of which I had just read about in my new issue of 2600. It sounded awesome, something I could just put on my SD card or USB device and have it grab or run what I wanted automatically. But now that I am here, I am quite confused over how this user did it, because in his article he says the USB switchblade was on his SD card and it made it sound like it was just thrown onto the normal one that he had been using in the first few paragraphs of the article. (titled: Hacking Walgreens Photo Processing Machine)

So my question is, can I find a software version of ducky that does the same thing? Or are they completetly separate projects (if so, where can I find the sourcecode for switchblade)?

That is, I want software that I can throw onto an SD card or USB device and have it do things, with limited functionality of course. I am not expecting it to be able to act like a keyboard, or have any of the hardware functionality. My main goal atm is to get it to act similarly to the one in the article, the author was able to use it to search for credentials like passwords, password hashes, and browser history, then he modified a bit of it to run the "Magic JellyBean password finder" and dump everything back onto the drive, without showing anything on screen.

Thanks,

Theory

Link to comment
Share on other sites

The switchblade targeted Windows machines, with Auto-run enabled.

http://en.wikipedia.org/wiki/Autorun.inf

Since then Vendors like Microsoft have disabled Auto-run, thats why alternatives were searched for e.g Teensy PHUKED project, Ducky V1.

These initially used HID attacks, attacking the trust between a machine and a keyboard - keyboards are not usually limited by device control software (unlike mass storage drives).

The power of the Ducky was noticed quite quickly, and others like myself in the community had a crack at writing different firmware's for different purposes eg. mass storage; multi-payload(demo);composite-device (systems without internet access).

Hopefully, if more people invest in the Ducky, the price can drop further.... promote the power of the Ducky

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...