Run different payload depending on mobile phone model?

[0phoi5]

Hi all,

Is there a way to load multiple payloads for different mobile phones on to one Rubber Ducky, and then get the payload to recognise the model of the phone it has been plugged in to and run the appropriate payload?

Thank you,

Haze

[0phoi5]

No one? Not possible?

[White Light]

The ducky is just a keyboard, the interaction can only go one-way. There is no way to detect version number automatically with it.

[Mr-Protocol]

The ducky is just a keyboard, the interaction can only go one-way. There is no way to detect version number automatically with it.

^ That

[0phoi5]

Ah, good point. That's a huge shame. Maybe something for a future update to the Ducky?

I guess it would be a case of carrying multiple mini-SD cards for different tasks and using some tip-ex to mark them etc.

[barry99705]

I keep multiple infusions on my ducky. They're named by what they do. I just plug it into my phone before deployment and copy one into inject.bin.

[overwraith]

Some firmware can react to different things, such as caps lock, I think probably num lock, pressing the button, simply inserting, pressing multiple times, etc. You basically just rename the script inject2.bin ... etc. So there is really no reason you couldn't manually say, hey execute this payload. There are also some people who have worked on things like Bad USB (was this the one, i don't remember), which from what I hear has actually determined what it is connected to via the USB stack/protocol features. Basically the USB protocol is implemented differently on different systems. The thing about this however, is that you would essentially need to be in a position to be able to sniff the USB port you connected your USB rubber ducky to, and you would need to program the code (C-code) in order to do the detection. There is no reason you can't sniff USB ports, there are actually programs for this utility, but make sure you use a normal dell usb keyboard to type on your computer, otherwise you could essentially make your razer keyboard unresponsive during install. Determining the code to do the detection would probably be an intensive process since from what I remember, the person who actually did write the detection code I am thinking about is not releasing the source code for it.

Another thing you would have to determine is whether the ducky has enough memory for the firmware in question. I have had issues before with small devices, such as Lego-NXT bricks not having enough room to run my programs. (Lego NXT is not related to ducky, my point being is that small devices have limited memory with which you can play with)

Now the thing about this type of detection is that all android phones will essentially emit the same usb protocol. All the IOS phones will also have the same USB protocol. So you can't actually determine which version of an apple device you are plugging into, you just know you are plugging into an apple device.

Edited October 20, 2015 by overwraith

[0phoi5]

I keep multiple infusions on my ducky. They're named by what they do. I just plug it into my phone before deployment and copy one into inject.bin.

Ah, nice idea! That's closer to what I was looking for, thank you

[0phoi5]

Some good advice.

Thanks overwraith :) Good info.