[Firmware] Question about Custom Firmware?

[B4ckBOne]

Hello fellow Ducky owners,

first i want to thank Hak5 for providing the Ducky, love it !

Also i want to thank midnitsnake for his firmwares, they are awsome!

Still there are a few things that could be improved from my point of view.

I use the following firmware midnitsnake has put together:

c_duck_v2_S001.hex Composite Duck - Special Request 001 Ducky Composite Version 2 Special

To me its the best out there, but let me provide some thougts.

First it would be great to be able to start the injection process by pressing the button already on the ducky.

This would enable us to start the injection independent from keboard states at a time the pc owner is distracted.

Or you could just go like "oh i think its not properly seated .. and press the button while involving him/her in some b.s. talk. I use the cover on permanently and drilled a small hole where the button is and use a shortened black drawing pin to press the button. Works realy well :-)

Also i noticed that usb transferspeeds are way too slow. Ofcourse that gives us time to do stuff, but might raise suspicion.

And the driver install takes like forever which raises suspicion even more. Is it possible for the ducky to pretend to be a different HID make and model, which is recognised by lets say Win 7 much faster?

Another thing that would put it over the top would be to be able to load different payloads by pressing key combos like alt strg 1-9, that would avoid trouble with people that like to have their num lock on by default.

So thats it, thanks for your continued efforts and hard work!

Yours B4ckBOne

Edited January 20, 2013 by B4ckBOne

[no42]

USB transfer rates are known to be slow, because we're limited to using the open-source SPI protocol.

The SD-transfer protocol is faster but this is proprietary, so we would have to

1. spend a lot of money for the SD code
2. spend time integrating the code into the ducky's firmware (ducky has a small amount of memory? no guarantees)
3. charge all you ducky followers a lot more for the firmware updates

For now the slow speeds are acceptable, considering the firmware is opensource & freeware.

As to wiring up the button - this was in the demo firmware, quite easily to bring back. UPDATE: See c_duck_v2_S0002.hex on ducky-decode

The driver delay only happens the first time you insert in Windows - its the way windows handles drivers - cant be helped! Version 2 firmware supports easy manipulation of the VID & PID, if you find one that doesn't require a driver-install, please feedback.

Different payloads by key-press combo's - not sure how the ducky would detect this??? currently the ducky only detects keyboard LED status: this is how we detect all the *_LOCK keys.

Edited January 21, 2013 by midnitesnake

[madhak]

if you find one that doesn't require a driver-install, please feedback.

Hi Midnitesnake,

Thanks you very much for the twinduck firmware, I love it, I just posted a comment in an other post stating the same thing about transfer speed but now I understand you are using SPI to talk to the SD card reader, I had that same problem with the teensy version, I thought the new faster chip on the rubber ducky would have addressed that. anyway, I remember a while ago wile testing with the teensy that by using a Apple keyboard VID I could skip the windows update driver part which made thing much faster, not sure if that is still valid tho... I'll dig in my old code to find the exact VIP & PID and post it here when I can find it.

[no42]

For apple vid & pid. See http://code.google.com/p/ducky-decode/wiki/Keyboard_VID_PIDS

You can change vid & pid easily with version 2 firmware. Howto is on forum somewhere and ducky decode website, maybe Darren could demo this on next episode?