Jump to content
Hak5 Forums
nik321

Can I get my Rubber Ducky to do this?

Recommended Posts

nik321   

Hello fellow Hak5 enthusiasts! 

I just wanted to run a quick question by you.

Would it be possible to set the rubber ducky up in such a way that...

When you plug the ducky in, it runs a script to check for the IP in the ipconfig in windows CMD, and then save the ip to a file within the USB?

While also, the ducky acting as a USB drive? So as its doing its thing with ipconfig, you can also browse to files on the ducky that I have saved... Possibly an Image file?

So it tricks the target into thinking this is just an ordinary usb drive with a picture on it... But in the back ground, grabbing the IP?

Share this post


Link to post
Share on other sites

What you are describing is the Twinduck firmware (have a look at the wiki).

It will mount your Ducky as a USB Drive and as a HID. So it will execute keystrokes while being mounted as a USB Drive.

You can of course write the output ofthe ipconfig command to your usb drive. will look something like (in cmd):

for /f %a in ('wmic logicaldisk get volumename^,name ^| find "DUCKY"') do ipconfig > %a/ip.txt

Note that your sdcard must be labeled DUCKY for this to work.

Share this post


Link to post
Share on other sites
b0N3z   

you can also change the VID and PID to make it look like a completely different device, like say a bluetooth dongle, webcam, mouse, keyboard, just about any device you want.

Share this post


Link to post
Share on other sites
nik321   
14 hours ago, ThoughtfulDev said:

What you are describing is the Twinduck firmware (have a look at the wiki).

It will mount your Ducky as a USB Drive and as a HID. So it will execute keystrokes while being mounted as a USB Drive.

You can of course write the output ofthe ipconfig command to your usb drive. will look something like (in cmd):


for /f %a in ('wmic logicaldisk get volumename^,name ^| find "DUCKY"') do ipconfig > %a/ip.txt

Note that your sdcard must be labeled DUCKY for this to work.

This sounds very promising. Thank you very much.

Share this post


Link to post
Share on other sites
nik321   
6 hours ago, b0N3z said:

you can also change the VID and PID to make it look like a completely different device, like say a bluetooth dongle, webcam, mouse, keyboard, just about any device you want.

Oh ok interesting! Thanks for this little info. Might come in handy!

Share this post


Link to post
Share on other sites
haze1434   
11 hours ago, b0N3z said:

you can also change the VID and PID to make it look like a completely different device, like say a bluetooth dongle, webcam, mouse, keyboard, just about any device you want.

I'm guessing this could circumvent some security programs that use a whitelist for devices? Using the same VID/PID as a device that is whitelisted, it would allow the ducky to run?

Interesting.

Share this post


Link to post
Share on other sites

can this be done also with the arduino atmegau34 leonardo pro micro ?    i tried to run  the ducky code thru duckuino converter   and therese too many errors for me to figure out

lol  i would like to execute a .exe   ( " payload.exe" ) for example  by pluging in a plash drive along with the 32u4 leonardo  and have it execute  my .exe file off the flash drive 

what i had in mind if this would work is they make a single male to double usb female adapter i would like to see if this can be done im sure it can but my programming skills are limited lol  in other words im a dummy  .. but if any of you all has example code  that i can have that would be great ...

i have already asked this question  on here but no replies yet  here is the link  the code i tried is there too  thanks in advance

 

Share this post


Link to post
Share on other sites
b0N3z   
6 hours ago, haze1434 said:

I'm guessing this could circumvent some security programs that use a whitelist for devices? Using the same VID/PID as a device that is whitelisted, it would allow the ducky to run?

Interesting.

exactly :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.

×