loading...

Using the Digispark as a cheap USB Rubber Ducky

petereysermans profile image Peter Eysermans Originally published at eysermans.com ・4 min read

Disclaimer: This post is for fun, learning and experimenting. Use these tools wisely, in no way am I encouraging malicious use of them.

Originally posted on the 5th of april 2019 on my own blog.

Last week I came across an interesting device, the USB Rubber Ducky. It looks like a normal USB stick but when you plug it into a computer, it emulates a keyboard. You can load a script onto the Rubber Ducky and it will execute them as keystrokes on the computer where the stick is plugged in. Because it executes more than 1000 words per minute, the possibilities are endless from running pentest task to malicious things like installing a backdoor.

I wanted to play around with it but unfortunately shipping the stick to Europe/Belgium costs almost as much as the stick. Luckily there is a post on Hackernoon on how to make your own USB Rubber Ducky with a Digispark. The Digispark is similar to the Arduino but it's cheaper, smaller and less powerful. The end result actually looks better because it is much smaller than the Rubber Ducky. One drawback, the Digispark does not have a micro SD slot so there is no disk space to use.

Digispark up close

Here is it next to a pen. I'm still amazed how small it is.

Digispark VS pen

Buying these low budget components can be challenging. I have the impression that they are much easier and cheaper to get in the States. In some cases there are alternatives on Amazon Germany. But the Digispark was too cheap and shipping costs were too high. Eventually I found them on a local webshop for 6,49 €. I needed some other things so I could reduce the shipping costs.

To get started there are a lot of resources on the internet. But most of the scripts and blog posts are targeted for Windows. However I found an excellent blog post with a hello world example on how to set up the Digispark as a Rubber Ducky on Mac OS X. This is the hello world script that will be used:

#include "DigiKeyboard.h"

boolean didRun = false;

void setup() {}

void loop() {
  while (didRun == false) {
    DigiKeyboard.sendKeyStroke(KEY_SPACE, MOD_GUI_LEFT);
    DigiKeyboard.delay(500);
    DigiKeyboard.println("terminal");
    DigiKeyboard.delay(500);
    DigiKeyboard.println("say Hello World");
    didRun = true;
  }
}

This script uses the default shortcut to activate Spotlight, types terminal and hits enter. This should open the terminal, after waiting half a second it types and executes the command say Hello World. When I tried uploading this script via the Arduino IDE, it could never find my Digispark.

Apple USB tp USB-C adapter

I was using an Apple USB to USB-C adapter to connect the Digispark to my Macbook pro. After some googling I discovered that the middle pins in the USB connector of the Digispark are quite short and that in some cases it won't connect properly. After digging up a USB extension cable the Digispark connected and the script uploaded.

USB extension cable

So if the device is now inserted in a target machine, the script will run. While testing the hello world script I realized there is quite a lot that can go wrong:

  • What if the Spotlight key shortcut has been changed?
  • On my laptop, when typing terminal in Spotlight another file was the top result. As a result, the script did absolutely nothing.
  • When testing the script in computer with an azerty keyboard layout, the characters were typed with a qwerty keyboard layout.

But in the end, it did work. The script ran within seconds from a device similar in size as a coin. Pretty cool. While doing some research, I found quite a lot of other resources and example scripts. Making a laptop saying Hello World is just the tip of the iceberg. Some more resources:

Posted on by:

petereysermans profile

Peter Eysermans

@petereysermans

I'm a full stack developer not bound to one technology stack. I love technical challenges and am interested in all parts of development: analysis, architecture, coding, testing, deployment, ...

Discussion

markdown guide