1$ Rubber Ducky – Hack any PC within seconds MR.Robot style using Attiny85

We all have seen the hacking scenario in movies where the hacker plugs a USB and the whole system gets pwned. That scene is now possible. Hack5 have released their specially customized USB hardware called rubber ducky or bad USB for this plug and hack method. It can be loaded with codes to run pretty much any shell scripts. It costs around 35$ – 40$ which i believe is too much for a rubber ducky. Here i have found a solution, with little bit of Arduino programming you can achieve the same thing within One dollar.

 

What is a Rubber Ducky?

Before getting into the main sessions let me explain the concept of ducky (for noobs). Traditional malware attack is done via USB storage device where the malware get copied to the system. In this process the malware can be easily detected by the anti virus scanners and firewalls. A lot of encoding and obfuscation is needed to get the payload undetected. Still some scanners can get the signatures and block it. Here a rubber ducky can evade every single malware scanners. I can assure this because these scanners wont scan the Ducky at all. Ducky mask itself as a HID (Human interface device) or simply keyboard and not as a mass storage device. Keyboard firmware is loaded into the device and it can manipulate the keystrokes. It actually fools the pc that computer thinks its a keyboard and accepts all key inputs. Here we can send the key stokes for example, pressing a start button and opening CMD to run commands.

Attiny85 is an Arduino based chip by digispark which can be used as rubber ducky. Attiny85 have 8KB of programmable flash memory. To program this you need a little bit knowledge in arduino programming. If you are new to arduino don’t worry i will give you the complete guide. So lets get started.

Note: In India its not exactly 1$ its around 4$ (260 Rs)

BUY IT NOW

Video Demo

Step 1

Download all the necessary software and drivers.

First download arduino IDE. Thats where we are going to write, Compile and upload our program to the chip. Download it from the official link.

Arduino IDE https://www.arduino.cc/en/main/software

Download digispark drivers, make sure you install the right version 32bit or 64bit based on your system.

Digispark Drivers:  https://github.com/digistump/DigistumpArduino/releases/download/1.6.7/Digistump.Drivers.zip

Step 2

If everything is done as in step 1, we are good to go. Open Arduino ide and you have adjust some setting to make it work with Attiny85 board.

  1. Add additional board manager url: Files>Preferences> in the additional board manager filed just paste this url as it is http://digistump.com/package_digistump_index.json and click OK.
  2. Now goto: Tools>board>board manager change the “type” to Contributed Now you can see some packages coming up select the package Digistump AVR Boards by Digistump version 1.6 click on install, the package will be downloaded and installed.
  3. After installation goto Tools>Board> select Digispark (Default 16.5Mhz)
  4. Change programmer type Tools>Programmer> select USBtinyISP 

 

Step 3

Now moving on to programming session, ( C language is used to program arduino)

here is a sample scipt to print “hello world” evry 5 seconds

 

#include "DigiKeyboard.h"

void setup() {
  // don't need to set anything up to use DigiKeyboard
}


void loop() {
  // this is generally not necessary but with some older systems it seems to
  // prevent missing the first character after a delay:
  DigiKeyboard.sendKeyStroke(0);
  
  // Type out this string letter by letter on the computer (assumes US-style keyboard)
  DigiKeyboard.println("Hello World");
  
  // It's better to use DigiKeyboard.delay() over the regular Arduino delay()
  // if doing keyboard stuff because it keeps talking to the computer to make
  // sure the computer knows the keyboard is alive and connected
  DigiKeyboard.delay(5000);
}

Just copy paste the code to the IDE. (NOTE: You should not plug the chip, have to wait until the sketch is compiled). Click upload button (Bold RIGHT ARROW button at the top). The sketch will be compiled and ask the user to plug in the device now. At this point you have to plug the chip to upload the code.  Once everything is done after few seconds the board will act as a USB keyboard and send “hello world” keystrokes every 5 seconds.  Ok, we have confirmed that the board is working perfectly alright. We have to craft our payload and digispark script.

Step 4

There are multiple ways to create a malicious duky. Its up to you and your creativiy.  All you have know is the syntax and functions used. check out the digispark keyboard header file here

Here are some basic examples.

  1. sending a string  > DigiKeyboard.print(“your string here”);
  2. send ENTER keystroke > DigiKeyboard.sendKeyStroke(KEY_ENTER);
  3. send START keystroke  > DigiKeyboard.sendKeyStroke(0,MOD_GUI_LEFT);
  4. send ALT + F4 > DigiKeyboard.sendKeyStroke(KEY_F4|MOD_ALT_LEFT); 
  5. delay > DigiKeyboard.delay(1000); Value must be in micro seconds. before each keystroke there must be a delay of 800ms other wise it may not work properly

Refer the header file for more info on keys .

with this info you can create pretty much everything that can be done with a keyboard. want to learn more check out How to get meterpreter shell with a Rubber ducky – attiny85. Any doubts or questions? post it on the comment section below. If you like this blog give me a like on facebook and add me on google plus. Subscribe my youtube channel for video tutorials.

susmith HCK

susmith HCK

I’m a computer enthusiast basically and i love to write blogs on tech issues and cyber security. I started penetration testing at the age of 16 and i would like to explore security vulnerabilities and latest tech news and wanna share with you. If you like all these stuffs add me on Facebook and Google plus.

You may also like...

3 Responses

  1. mohammed says:

    thanks
    please
    can explain Eternalblue Doublepulsar Metasploit and danderspritz

  2. Fiorenzo says:

    does this works on every pc without further driver installing? I mean I have a micro pro and when I plug it in a new PC it’s recognized as Arduino Leonardo and before I can send keystrokes I need to wait 5 minutes for the shitty driver install.

Leave a Reply

Your email address will not be published. Required fields are marked *