قالب وردپرس درنا توس
Home / Tips and Tricks / How to execute USB Rubber Ducky scripts on a super cheap Digispark board «Null Byte :: WonderHowTo

How to execute USB Rubber Ducky scripts on a super cheap Digispark board «Null Byte :: WonderHowTo



The USB Rubber Ducky is a famous attack tool that looks like a USB stick but works like a keyboard when it is connected to an unlocked device. The Ducky Script language used to control it is simple and powerful, and it works with Arduino and can run on boards such as the ultra-cheap Digispark board.

If you are not interested in some of the cool features of the USB Rubber Ducky, as well as the ability to change the firmware and the standard thumb drive look, the Digispark is a great way to start writing your own payloads. Whether you have experience with Arduino or write Ducky scripts, it is easy to build your payloads to do what you want with a target computer when it is connected to an open USB port.

Digispark vs. USB Rubber Ducky

While the $ 50 USB Rubber Ducky changed the way hackers thought about USB drives, the basic concept is relatively simple. By acting as an interface device and entering commands very quickly, we can take advantage of the fact that computer input via a & # 39; keyboard & # 39; trusts. This allows us to quickly type in a number of trusted commands, giving us a few seconds of physical access to everything we need to back most computers.

Image by Kody / Null Byte

The USB Rubber Ducky has another function that cannot be underestimated: stealth. It looks like a normal USB stick and can be integrated, making it the perfect device for when your tools are not noticeable. A huge and unmistakable difference between the Ducky and cheaper alternatives is the fact that, when placed in the right place, a target will likely connect the USB Rubber Ducky to its computer. The same cannot be said of cheaper solutions, and the Digispark board is no exception.

The Digispark is an ATtiny 85-based microcontroller development board, programmable in Arduino. A disadvantage is that, unlike a normal Arduino, it has to emulate many things that are usually arranged with a special hardware chip with software. This emphasizes the board to the limit, but allows us to do some pretty incredible things with a small package. A result of that stress is that we have to program it differently, which results in a five-second delay when we connect it for the first time.

The delay allows the bootloader to load new code into the Digispark, but can also mess with the timing of the Ducky Script. Another drawback is how suspicious the Digispark looks like. There is almost zero chance that someone would ever connect Digispark to their computer without being reassured many times. The device looks very sketchy compared to the slim simulation of a USB flash stick that pulls the Rubber Ducky.

On Amazon: 5 Digispark ATtiny85 Micro USB development boards for Arduino for $ 10.99

Hacking with Arduino [19659004] One thing to get used to when hacking with the Digispark versus the USB Rubber Ducky is that some of the functions of the Rubber Ducky developed by the community are not present. We do not use an SD card to store the load, so we cannot write to an SD card with special firmware such as the USB Rubber Ducky. In fact, none of the community firmware available for the USB Rubber Ducky is currently available for the Digispark, meaning that if you want to use the "Twin Duck" firmware, you are out of luck at the Digispark.

Digispark Shines is a simple human interface device attack, where we take advantage of a target that is gone for a short time to inject a lot of code. This can be anything from a simple Netcat back door to a ransomware payload – that is where many USB Rubber Ducky scripts can be converted and used as the basis for making other payloads.

For this to work, we can use the Arduino library to write payloads into Ardunio from scratch, or we can use a tool called Duck2Spark to convert the commands of existing Rubber Ducky payloads. Either way, it has become easy to write payloads for low-cost devices that use the same principles as the USB Rubber Ducky if you don't mind the lack of firmware options and the immediately suspicious appearance.

Image by Kody / Null Byte

What you need

You only need a Digispark board that can be purchased online for $ 2 to $ 4 each on Amazon or Walmart. AliExpress has even cheaper ones. From this moment on, Digistump, the official Digispark store, is sold out and will not be ready until the beginning of 2020.

Connecting to the Digispark can be a little different depending on the operating system you use. For more information and troubleshooting you can consult the Digispark Wiki documentation.

Step 1: Set up Arduino IDE

Before we can write code for the Digispark board, we must set up Arduino IDE to work with the board. To do this, copy the following URL and paste it into the Extra Boards Manager URL & # 39; s field of the "Preferences" menu.

  http://digistump.com/package_digistump_index.json 

If you need more space, you can click on the button next to this field to open a window to add more URLs. .

Once it's added, we can select the board and write programs for it. In the "Tools" menu, go to "Board" and then "Boards Manager" and search for "digispark" to find the Digistump AVR Boards package. Click on "Install" and the board and sample libraries will be added to your Arduino installation.

Now you can select the Digispark by selecting it from the Drop down menu & # 39; Signs & # 39 ;. Select the first option, Digispark (standard – 16 MHz), as the board we work with.

Once completed, we must be able to write to the Digispark board. It works a bit differently than a normal Arduino, and I will discuss that in the next step.

Step 2: Download and install Arduino IDE

First we will select a standard example of the board packages that we have just downloaded. Go to the "File" drop-down list, choose "Examples" and then "DigiSparkKeyboard" and open the "Keyboard" example.

Open this example and view the code. As you can see, it is very simple. With the DigiKeyboard we can easily write commands. In the standard code we tell the Digispark to "Hello Digispark!" Typing. again and again, with a five-second delay.

To upload this, you need to know how the Digispark works. Because it lacks a number of hardware components that process USB communication and would make it more expensive, it emulates the same functions with software.

That means it is limited on resources, so it only listens for the first five seconds after it is started for an upload. To upload a program, we first have to press the upload button (the green top left arrow) in Arduino IDE and then connect the Digispark to our computer within 60 seconds.

If everything works, you should start seeing "Hello Digispark!" appear on your screen as the Digispark types it over and over.

Success! We can type out payloads. Now let's try loading a Ducky Script load.

Step 3: Convert or write your own load

The language that the Digispark uses to send keyboard presses is fairly simple and easy to understand. If you want to take an existing Ducky Script payload and translate it for the Digispark, you can use tools such as Duck2Spark to do the work for you.

We are trying out a pre-made script today, which we will download from CedArctic's GitHub repo. To download the payloads, open a new terminal window and clone the repo.

  ~ $ git clone https://github.com/CedArctic/DigiSpark-Scripts.git

Cloning in & # 39; DigiSpark Scripts & # 39; ...
remote: list objects: 15, done.
external: objects count: 100% (15/15), ready.
external: compress objects: 100% (13/13), ready.
external: Total 195 (delta 3), reused 6 (delta 1), pack reused 180
Receiving objects: 100% (195/195), 46.42 KiB | 1.08 MiB / s, ready.
Delta & # 39; s solution: 100% (89/89), ready. 

Then go to the folder DigiSpark-Scripts and display the content. The following scripts should be arranged in folders:

  ~ $ cd DigiSpark-Scripts
~ / DigiSpark Scripts $ ls

_config.yml LICENSE Wallpaper_Changer
CONTRIBUTING.md Rapid_Shell Wallpaper_Prank
Create_Account README.md WiFi_Profile_Grabber
& # 39; DNS Poisoner & # 39; Reverse_Shell WiFi_Profile_Mailer
Execute_Powershell_Script RickRoll_Update Window_Jammer
Fork_Bomb Talker 

Let's do the Rickroll. Type cd Rickroll_Update and then to open RickRoll_Update.ino to navigate to that folder to open the script. You should see a window that looks like this:

  ~ / DigiSpark-Scripts $ cd RickRoll_Update
~ / DigiSpark-Scripts / RickRoll_Update $ open RickRoll_Update.ino 

If the open command did not work for you, simply open the Arduino IDE, press "File" and then "Open" and find the file "RickRoll_Update.ino" to open it immediately.

As you can see, the script is programmed to navigate to the best video on YouTube and then fullscreen a fake update page to make the user think his computer crashes when updating.

  // This DigiSpark script opens Rick Astley & # 39; s - Never Gonna Give Up and also a fake Windows update screen and then maximizes it with F11
# include "DigiKeyboard.h"
void setup () {
//empty
}
void loop () {
DigiKeyboard.delay (2000);
DigiKeyboard.sendKeyStroke (0);
DigiKeyboard.sendKeyStroke (KEY_R, MOD_GUI_LEFT);
DigiKeyboard.delay (600);
DigiKeyboard.print ("https://youtu.be/dQw4w9WgXcQ?t=43s");
DigiKeyboard.sendKeyStroke (KEY_ENTER);
DigiKeyboard.delay (5000);
DigiKeyboard.sendKeyStroke (KEY_R, MOD_GUI_LEFT);
DigiKeyboard.delay (3000);
DigiKeyboard.print ("http://fakeupdate.net/win10u/index.html");
DigiKeyboard.sendKeyStroke (KEY_ENTER);
DigiKeyboard.delay (2000);
DigiKeyboard.sendKeyStroke (KEY_F11);
for (;;) {/ * empty * /}
} 

With this open in Arduino we follow the same procedure and upload the sketch by pressing the "Upload" button (the arrow to the right) and then connecting the Digispark. After a second or two, the micronucleus bootloader deletes the old data on the Digispark and uploads the new code.

You can connect this and view the results. After a five-second delay, your load should be executed. You can watch the video above to see what this looks like in action!

The Tiny DigiSpark can run DuckyScripts at the cost of being suspicious

No one will ever be socially built to connect a Digispark to their computer that thinks it's a normal USB stick. It looks very alarming. That said, the price is so cheap that you can probably put some fishing wire on it, walk over it and plug it into an open USB port while someone is in the toilet, and then take it out at the last minute as they come back. If it fails, just leave. You've lost a few dollars. However, don't forget to drop the fishing line.

I hope you enjoyed this guide to setting up the Digispark to perform DuckyScript payloads! If you have questions about this tutorial about hacking with Arduino or you have a reaction, feel free to reach me below in the comments or on Twitter @KodyKinzie .

Don't miss it: Detect and classify Wi-Fi interference packages with the NodeMCU

Cover photo, screenshots and GIF by Kody / Null Byte




Source link