infosecwriteups.com Open in urlscan Pro
162.159.153.4  Public Scan

Form analysis
0 forms found in the DOM

Text Content

Sign in
Open in app
Get started
 * Archive
 * ABOUT US
 * Bug Bounty
 * CTF
 * Discord Server
 * Write-up Submissions
   
 * Discord Group




RESPONSES (1)



What are your thoughts?

Cancel
Respond

Also publish to my profile

There are currently no responses for this story.

Be the first to respond.


MAKE A USB RUBBER DUCKY WITH LESS THAN $3

Febi Mudiyanto
Follow

Jan 8 · 3 min read


USB Rubber Ducky is like USB flash drive, but it’s different. Because it will
inject keystrokes with some payload to hack your computer. The best thing is,
USB Rubber Ducky is not detected as a flash drive, but as a keyboard.

Hack5 sell this kind of USB for $49.99.


https://shop.hak5.org/products/usb-rubber-ducky-deluxe

So, how to make USB Rubber Ducky with less than $3?

Digispark is the answer.


Digispark Attiny 85

I was bought this Digispark Attiny 85 for $2.94 in marketplace. Digispark is a
programmable board with 6kb memory. It’s like a super tiny Arduino.

For making USB Rubber Ducky, you just need this stuff:
1. Digispark Attiny 85 ($2.94)
2. Arduino IDE
3. A glass of coffee with music.

Setup the environment [Linux]

 * Download and Install the latest Arduino software at
   https://www.arduino.cc/en/software. For this project, I use Arduino IDE
   1.8.19 for Linux 64 bits. And In this tutorial, I will skip for installation
   of the Aduino IDE.


Arduino IDE download page
 * Run Arduino IDE and go to File menu, and select Preferences. Then in the
   Additional Boards Manager Urls, put this link

http://digistump.com/package_digistump_index.json

And click ok.


Preference window
 * Go to Tools menu, then the Boards submenu, select Board Manager. In the Type
   field, select Contributed and install Digistump AVR Boards.


Boards Manager window
 * After the installation is finished, close the Boards Manager window.
 * The last step, select Digispark (Default — 16.5mhz) as your main board.
   Go to Tools menu, then Boards submenu, Click Digistump AVR Board and select
   Digispark (Default — 16.5mhz).

You have been finished setup the Digispark Environment.

Testing with Example Code

 * Try with testing code from File > Example > DigisparkKeyboard > Keyboard.

#include "DigiKeyboard.h"void setup() {
  // don't need to set anything up to use DigiKeyboard
}void loop() {
  DigiKeyboard.sendKeyStroke(0);
  DigiKeyboard.println("Hello Digispark!");
  DigiKeyboard.delay(5000);
}

Verify the code, and if it’s okay click the upload button at the right side of
the verify button.



And Then plug in your Digispark.


Digispark plug into the laptop

Arduino upload success log

After upload complete, unplug your Digispark and congratulation you have made a
USB Rubber Ducky with less than $3.

Testing


Testing in Android

Testing in PC (Linux Mint)

Troubleshoot

 * If you get an error like this:



In my Linux Mint, just install libusb-dev.

sudo apt install libusb-dev

 * If your Digispark not detected after you upload the code, and your dmesg info
   say like this:



just run this code:

sudo udevadm control --reload-rules

and run dmesg again, if your terminal show like this you can reupload again with
Arduino IDE.



For the other troubleshoot >
https://digistump.com/wiki/digispark/tutorials/linuxtroubleshooting

Conclusion

USB Rubber Ducky will be a powerful tool for an automated keyboard input to help
your job. If you are a bad guy, this USB can be a tool for hacking someone’s PC.

Learn something today?
Your welcome :D


INFOSEC WRITE-UPS

A collection of write-ups from the best hackers in the…

Follow

26

1





SIGN UP FOR INFOSEC WRITEUPS


BY INFOSEC WRITE-UPS

Newsletter from Infosec Writeups Take a look.

Get this newsletter
 * Usb Rubber Ducky
 * Digispark
 * Arduino
 * Hack Tool

26 claps

26

1



Written by


FEBI MUDIYANTO

Follow


Just a Learner and CTFs Player on a quite night.

Follow



INFOSEC WRITE-UPS

Follow

A collection of write-ups from the best hackers in the world on topics ranging
from bug bounties and CTFs to vulnhub machines, hardware challenges and real
life encounters. In a nutshell, we are the largest InfoSec publication on
Medium.

Follow

Written by


FEBI MUDIYANTO

Follow


Just a Learner and CTFs Player on a quite night.


INFOSEC WRITE-UPS

Follow

A collection of write-ups from the best hackers in the world on topics ranging
from bug bounties and CTFs to vulnhub machines, hardware challenges and real
life encounters. In a nutshell, we are the largest InfoSec publication on
Medium.


MORE FROM MEDIUM


HOW TO CREATE A SYNTROPY NETWORK WITH A PLEX SERVICE

Luciano Bruna



HOW MANY EMPLOYEES DOES IT TAKE TO CHANGE A LIGHT BULB?

Making Sense



[DAY 13] NETWORKING THEY LOST THE PLAN! | ADVENT OF CYBER 3 (2021)

Febi Mudiyanto



WHERE IS 5 16 ON A TAPE MEASURE?

Francis W Bangayan



SCRAPER PAYSLIPS WITH PYTHON | SELENIUM

Alan Stocco



TRIP TO ANDROID DEVELOPER

Pharid Ali



USING KUBERNETES IMPERSONATE (SUDO) FOR LEAST-PRIVILEGE

Bernd Malmqvist



NINE USEFUL TIPS ON DEBUGGING THAT HELPED ME IMPROVE IN PYTHON

Timur



LEARN MORE.

Medium is an open platform where 170 million readers come to find insightful and
dynamic thinking. Here, expert and undiscovered voices alike dive into the heart
of any topic and bring new ideas to the surface. Learn more


MAKE MEDIUM YOURS.

Follow the writers, publications, and topics that matter to you, and you’ll see
them on your homepage and in your inbox. Explore


WRITE A STORY ON MEDIUM.

If you have a story to tell, knowledge to share, or a perspective to offer —
welcome home. It’s easy and free to post your thinking on any topic. Start a
blog

About

Write

Help

Legal

Get the Medium app


To make Medium work, we log user data. By using Medium, you agree to our Privacy
Policy, including cookie policy.