DuckyDude Posted July 29, 2015 Share Posted July 29, 2015 Hi there! I'm a fairly new Ducky user (3 months or so) and I'm trying to use it in a Social Engineering engagement. Unfortunately I'm struggling with the firmwares, specifically which one to use and if it's possible to do what I'm trying to do. Objective - have the Ducky run a executable from an externally mounted drive without user intevention. Ideally I'd like the Ducky to run in "twin duck" style mode so I don't have to insert the Ducky AND another USB stick into the victim machines. From what I understand, the "Twin Duck" or "Composite (C_duck.hex)" firmwares should allow the Ducky to work in both "keyboard" and "mass storage device" mode. Now I've found that the S001 firmware requires the user to press a key (CAPSLOCK/SCROLLLOCK/etC) a button to activate the payload. The S002 firmware requires that the user press the Ducky's button to kick off the firmware. Unfortunately my engagement means there will be zero engagement with the Ducky apart from the usb unknowingly plugging it in to the machine in the first place - so they won't be pressing random keys themselves. So my question is: Is there a firmware out there that will let me use the Ducky as BOTH a USB mass storage device AND a HID keyboard, which will mount the USB AND kick off the inject.bin upon insertion without requiring any keys or buttons to be pressed? My only other option is to run the Ducky in 'classic' mode and connect another USB storage device to the victim machine as well...but I'd rather not have to do anymore soldering.. :( Many thanks! Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.