# rubber ducky Using these devices we can inject keystrokes. A device which looks like an innocent flash drive to humans — abuses this trust to deliver powerful payloads, injecting keystrokes at superhuman speeds. **ATMEGA32U4**

``` The equipment we provided for the use of the test, not for illegal purposes, or peril. Microcontroller: ATmega32u4 Clock Speed: 16 MHz Operating Voltage: 5V DC Digital I/O Pins: 10 PWM Channels: 4 Analog Input Channels: 5 UART: 1 I2C: 1 Micro USB: 1 Flash Memory: 32 KB of which 4KB used by bootloader SRAM: 2.5 KB EEPROM: 1 KB Package Included: 1 * BadUsb Beetle USB ATMEGA32U4 Development Board Module HiLetgo BadUsb Beetle Bad USB Microcontroller ATMEGA32U4 Development Board Virtual Keyboard for Arduino Leonardo R3 DC 5V 16MHz ``` **Attiny85 digispark**

## Install Arduino IDE {% embed url="" %} Run the following command to add your user to the `dialout` group: ``` sudo usermod -aG dialout $USER ``` ## Download and install board specifications ## **ATMEGA32U4:** Arduino Leonardo

**Script to open a page (Ubuntu):** ``` #include void setup() { // Begin the keyboard Keyboard.begin(); // This delay gives you time to switch focus to the target machine delay(5000); // Open Terminal using the shortcut Ctrl+Alt+T Keyboard.press(KEY_LEFT_CTRL); Keyboard.press(KEY_LEFT_ALT); Keyboard.press('t'); delay(100); // Wait for key press to register Keyboard.releaseAll(); delay(1000); // Wait for the terminal to open // Type the command to open Firefox Keyboard.print("firefox xxxx.pt"); Keyboard.press(KEY_RETURN); delay(100); // Wait for key press to register Keyboard.releaseAll(); } void loop() { // The loop function is empty since the task is completed in setup() } ``` Windows: ``` #include void typeCharacter(char c) { switch (c) { case '/': Keyboard.press(KEY_LEFT_SHIFT); // Pressiona SHIFT Keyboard.press('7'); // Pressiona 7 para obter "/" delay(100); Keyboard.releaseAll(); break; case ':': Keyboard.press(KEY_LEFT_SHIFT); Keyboard.press('.'); delay(100); Keyboard.releaseAll(); break; case '.': Keyboard.write('.'); break; case ' ': Keyboard.write(' '); break; default: Keyboard.write(c); break; } } void setup() { Keyboard.begin(); // Atraso para garantir que o sistema esteja pronto delay(2000); Keyboard.press(KEY_LEFT_GUI); // Tecla Win delay(100); Keyboard.press('r'); delay(100); Keyboard.releaseAll(); delay(1500); const char command[] = "firefox https://xxxx.com/aaaa.php"; for (int i = 0; i < sizeof(command) - 1; i++) { typeCharacter(command[i]); } // Atraso antes de pressionar Enter delay(1000); Keyboard.press(KEY_RETURN); delay(100); Keyboard.releaseAll(); Keyboard.end(); } void loop() { } ``` **Attiny85 digispark** Install digispark board

{% embed url="" %} **Install Digistump AVR Baords.**

Go to the tools and select: * Board > Digistump > Digispark (Default - 16.5 mhz)

**Script to open a page (Ubuntu):** ``` #include "DigiKeyboard.h" void setup() { // This delay gives you time to switch focus to the target machine DigiKeyboard.delay(5000); // Open Terminal using the shortcut Ctrl+Alt+T DigiKeyboard.sendKeyStroke(KEY_T, MOD_CONTROL_LEFT | MOD_ALT_LEFT); DigiKeyboard.delay(1000); // Type the command to open Firefox // The 'firefox &' command should be the same, but you might need to adjust based on the keyboard layout DigiKeyboard.print("firefox xxxxx.pt"); DigiKeyboard.sendKeyStroke(KEY_ENTER); } void loop() { // The loop function is empty since the task is completed in setup() } ``` ## Troubleshooting #### Check Serial Port Permissions (Linux) 1. Open a terminal. 2. Check the permissions of the serial port: ```sh ls -l /dev/ttyACM0 ``` Ensure the output shows that the `dialout` group has read and write permissions: ```plaintext crw-rw---- 1 root dialout 166, 0 Jun 15 12:00 /dev/ttyACM0 ``` #### Udev Rules (Linux) If you still encounter issues, you may need to add a udev rule to set the correct permissions automatically. 1. Create a new udev rules file: ```sh sudo nano /etc/udev/rules.d/99-arduino.rules ``` 2. Add the following line to the file: ```plaintext SUBSYSTEM=="tty", ATTRS{idVendor}=="2341", ATTRS{idProduct}=="8036", MODE="0666", GROUP="dialout" ``` 3. Save the file and exit the editor (in nano, press `CTRL + O` to save, then `CTRL + X` to exit). 4. Reload the udev rules: ```sh sudo udevadm control --reload-rules sudo udevadm trigger ``` #### Reboot the Computer Sometimes a simple reboot can resolve issues with USB devices and permissions. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://gitbook.seguranca-informatica.pt/pwnage/rubber-ducky.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.