Jump to content

Recommended Posts

Posted

hello,

[dunno if i'm posting at the right place, please advise.]

i recently acquired 2 USB Rubber Ducky. They are fantastic. I simply love them. What it does with android devices is simply awesome.

the only downside is that it's a prepare and fire **static** scenario.

meaning that you only type keys using a previously written scenario

I am thinking of the following usecase

1. plug the USB Rubber Ducky in the device (assume android)

2. make it request a webservice i own to actually download the keys i want the Rubber Ducky to type, using the victim's device network. i could be in the form of a inject.bin prepared and sent by my webservice.

3. if possible i'd like to grab some information from the device to upload to my webservice, such as if the following information displayed on screen (example : settings menu actually opened), takescreenshot. understand that some of this behavior could very well be an app that i install on the device using the ducky instead of the something that the ducky does by itself.

Let's focus on step #2 for starters.

I 'm guessing it would require to modify https://github.com/hak5darren/USB-Rubber-Ducky/blob/master/Firmware/Source/Duck_HID/src/main.c in order to introduce a new state (REQUESTING_INJECTOR) once the default script has worked + somehow use a per-type-of-device driver to use the device network stack for webservice acces

?

basically what i want to do is to control the set of keys to type after the USB Rubber Ducky has been inserted, instead of preparing everything in the inject.bin

is it doable ?

Posted

I prefer a low tech approach of just swapping out SD cards or using a "duck-like" arduino device that can have configurable (via dip switch) payloads or have more logic built into the code.

Posted

can you elaborate on this

or using a "duck-like" arduino device that can have configurable (via dip switch) payloads

have you seen a duck-like device running on a an arduino or raspberry pi around ?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...