{"id":47277,"date":"2022-08-16T19:42:05","date_gmt":"2022-08-16T19:42:05","guid":{"rendered":"https:\/\/harchi90.com\/the-new-usb-rubber-ducky-is-more-dangerous-than-ever\/"},"modified":"2022-08-16T19:42:05","modified_gmt":"2022-08-16T19:42:05","slug":"the-new-usb-rubber-ducky-is-more-dangerous-than-ever","status":"publish","type":"post","link":"https:\/\/harchi90.com\/the-new-usb-rubber-ducky-is-more-dangerous-than-ever\/","title":{"rendered":"The new USB Rubber Ducky is more dangerous than ever"},"content":{"rendered":"
\n

The USB Rubber Ducky is back with a vengeance.<\/p>\n

The much-loved hacking tool has a new incarnation, released to coincide with the Def Con hacking conference this year, and creator Darren Kitchen was on hand to explain it to The Verge<\/em>. We tested out some of the new features and found that the latest edition is more dangerous than ever.<\/p>\n

What is it?<\/strong><\/h2>\n

To the human eye, the USB Rubber Ducky looks like an unremarkable USB flash drive. Plug it into a computer, though, and the machine sees it as a USB keyboard \u2014 which means it accepts keystroke commands from the device just as if a person was typing them in.<\/p>\n

\u201cEverything it types is trusted to the same degree as the user is trusted,\u201d Kitchen told me, \u201cso it takes advantage of the trust model built in, where computers have been taught to trust a human. And a computer knows that a human typically communicates with it through clicking and typing.\u201d<\/p>\n

\n <\/p>\n

<\/p>\n<\/p>\n

<\/source><\/picture>\n

<\/span><\/p>\n

<\/span><\/p>\n

Darren Kitchen with his creation, the USB Rubber Ducky<\/em><\/figcaption>Photo by Corin Faife \/ The Verge<\/cite><\/p>\n

<\/span><\/p>\n<\/figure>\n

The original Rubber Ducky was released over 10 years ago and became a fan favorite among hackers (it was even featured in a Mr. Robot<\/em> scene). There have been a number of incremental updates since then, but the newest Rubber Ducky makes a leap forward with a set of new features that make it far more flexible and powerful than before.<\/p>\n

What can it do?<\/strong><\/h3>\n

With the right approach, the possibilities are almost endless.<\/p>\n

Already, previous versions of the Rubber Ducky could carry out attacks like creating a fake Windows pop-up box to harvest a user’s login credentials or causing Chrome to send all saved passwords to an attacker’s webserver. But these attacks had to be carefully crafted for specific operating systems and software versions and lacked the flexibility to work across platforms.<\/p>\n

\n
\n <\/p>\n

<\/p>\n\"\"<\/p>\n

<\/source><\/picture>\n

<\/span><\/p>\n

<\/span><\/p>\n

A new guidebook explains the subtleties of DuckyScript 3.0<\/em><\/figcaption>Photo by Corin Faife \/ The Verge<\/cite><\/p>\n

<\/span><\/p>\n<\/figure>\n<\/div>\n

The newest Rubber Ducky aims to overcome these limitations. It ships with a major upgrade to the DuckyScript programming language, which is used to create the commands that the Rubber Ducky will enter into a target machine. While previous versions were mostly limited to writing keystroke sequences, DuckyScript 3.0 is a feature-rich language, letting users write functions, store variables, and use logic flow controls (ie, if this… then that).<\/p>\n

That means, for example, the new Ducky can run a test to see if it’s plugged into a Windows or Mac machine and conditionally execute code appropriate to each one or disable itself if it has been connected to the wrong target. It also can generate pseudorandom numbers and use them to add variable delay between keystrokes for a more human effect.<\/p>\n

Perhaps most impressively, it can steal data from a target machine by encoding it in binary format and transmitting it through the signals meant to tell a keyboard when the CapsLock or NumLock LEDs should light up. With this method, an attacker could plug it in for a few seconds, tell someone, \u201cSorry, I guess that USB drive is broken,\u201d and take it back with all their passwords saved.<\/p>\n

How much of a threat is it?<\/strong><\/h3>\n

In short, it could be a big one, but the need for physical device access means most people aren’t at risk of being a target.<\/p>\n

According to Kitchen, the new Rubber Ducky was his company’s most in-demand product at Def Con, and the 500 or so units that Hak5 brought to the conference sold out on the first day. Safe to say, many hundreds of hackers have one already, and demand will likely continue for a while. <\/p>\n

It also comes with an online development suite, which can be used to write and compile attack payloads, then load them onto the device. And it’s easy for users of the product to connect with a broader community: a \u201cpayload hub\u201d section of the site makes it easy for hackers to share what they’ve created, and the Hak5 Discord is also active with conversation and helpful tips.<\/p>\n

At a price of $59.99 per unit, it’s too expensive for most people to distribute in bulk \u2014 so it’s unlikely that someone will leave a handful of them scattered in your favorite cafe unless it’s known to be a hangout place for sensitive targets. That said, if you’re planning to plug in a USB device that you found lying out in a public place, think twice about it…<\/p>\n

Could I use it myself?<\/strong><\/h3>\n

The device is fairly simple to use, but if you don’t have any experience in writing or debugging code, there are a few things that could trip you up. In testing on a Mac, for a while, I couldn’t get the Ducky to enter the F4 key to open the launchpad, but I fixed it after making it identify itself with a different Apple keyboard device ID.<\/p>\n

From that point, I was able to write a script so that, when plugged in, the Ducky would automatically launch Chrome, open a new browser window, navigate to The Verge<\/em>‘s homepage, then quickly close it again \u2014 all with no input from the laptop user. Not bad for just a few hours’ testing and something that could be easily modified to do something more nefarious than browse technology news.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

The USB Rubber Ducky is back with a vengeance. The much-loved hacking tool has a new incarnation, released to coincide with the Def Con hacking conference this year, and creator Darren Kitchen was on hand to explain it to The Verge. We tested out some of the new features and found that the latest edition …<\/p>\n

The new USB Rubber Ducky is more dangerous than ever<\/span> Read More »<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[4],"tags":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":56220,"url":"https:\/\/harchi90.com\/the-o%e2%80%a4mg-elite-cable-is-a-scarily-stealthy-hacker-tool\/","url_meta":{"origin":47277,"position":0},"title":"The O\u2024MG Elite cable is a scarily stealthy hacker tool","date":"August 25, 2022","format":false,"excerpt":"I didn't think I would be scared of a USB cable until I went to Def Con. But that's where I first learned about the O.MG Cable. Released at the notorious hacker conference, the Elite cable wowed me with a combination of technical prowess and its extremely stealth design. Put\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":47875,"url":"https:\/\/harchi90.com\/all-the-ports-you-need-we-review-the-ugreen-usb-c-triple-display-13-in-1-docking-station\/","url_meta":{"origin":47277,"position":1},"title":"All the Ports You Need: We Review the Ugreen USB-C Triple Display 13-in-1 Docking Station","date":"August 17, 2022","format":false,"excerpt":"Laptops are more powerful than ever, easily capable of replacing a desktop for many creatives. However, when it comes to the needs of creatives, the ports on most laptops simply aren't enough to cover everything. Enter the docking station. In this review, we take a look at the Ugreen USB-C\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/cdn.fstoppers.com\/styles\/full\/s3\/media\/2022\/08\/08\/ugreen_usb-c_docking_station_2.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":48013,"url":"https:\/\/harchi90.com\/das-keyboard-launches-premium-mactigr-low-profile-mechanical-keyboard-hands-on\/","url_meta":{"origin":47277,"position":2},"title":"Das Keyboard launches premium MacTigr low-profile mechanical keyboard [Hands-on]","date":"August 17, 2022","format":false,"excerpt":"Das Keyboard is out with its latest high-end mechanical creation for Mac. The all-new MacTigr keyboard features a premium build with a low-profile design, Cherry MX switches, a handy volume knob, USB-C hub, and more. Read on for all the details and our hands-on look. Das Keyboard launched the sleek\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"Das Keyboard MacTigr low-profile","src":"https:\/\/i0.wp.com\/9to5mac.com\/wp-content\/uploads\/sites\/6\/2022\/08\/das-keyboard-mac-tigr-low-profile.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":11007,"url":"https:\/\/harchi90.com\/apples-lockdown-mode-why-theres-a-new-level-of-security-for-your-iphone\/","url_meta":{"origin":47277,"position":3},"title":"Apple’s Lockdown Mode: Why There’s a New Level of Security for Your iPhone","date":"July 11, 2022","format":false,"excerpt":"This story is part of Focal Point iPhone 2022CNET's collection of news, tips and advice around Apple's most popular product. What's happening Apple will be offering a new \"Lockdown Mode\" for its iPhones, iPads and Mac computers this fall. It's designed to fight advanced hacking and targeted spyware like the\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"apple-iphone-11-9340","src":"https:\/\/i0.wp.com\/www.cnet.com\/a\/img\/resize\/beef5e30c94597a19f08b65e68d9635bf9c406ee\/2020\/03\/20\/2583af82-5e6d-4f56-9e35-ee648c3bc5ae\/apple-iphone-11-9340.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":37003,"url":"https:\/\/harchi90.com\/why-is-my-phone-charger-hot-and-should-i-worry\/","url_meta":{"origin":47277,"position":4},"title":"Why Is My Phone Charger Hot, and Should I Worry?","date":"August 6, 2022","format":false,"excerpt":"apple If you've ever noticed that your iPhone or Android phone charger is warm or hot to the touch after using it, you may be wondering why this is happening and if it's something to worry about. Here's what you need to know. Normally, Electronics Produce Some Heat Some warmth\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"A warm or hot smartphone charger on a blue background","src":"https:\/\/i0.wp.com\/www.howtogeek.com\/wp-content\/uploads\/2022\/08\/hot_charger_2_hero.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"fifu_image_url":"https:\/\/cdn.vox-cdn.com\/thumbor\/_ZzK3o21DMQsObCztdNrDJO2wOY=\/0x146:2040x1214\/fit-in\/1200x630\/cdn.vox-cdn.com\/uploads\/chorus_asset\/file\/23949203\/226141_rubberDucky.jpg","_links":{"self":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/47277"}],"collection":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/comments?post=47277"}],"version-history":[{"count":0,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/47277\/revisions"}],"wp:attachment":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/media?parent=47277"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/categories?post=47277"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/tags?post=47277"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}