Duckyscripting

Ash

Threat Intel Report

HID

What Does HID Mean?

Human Interface Device
Inherently Trusted Hardware
- Keyboards
- Mice

    %%{init: {'theme': 'dark', 'themeVariables': { 'darkMode': true }}}%%
    flowchart LR
        subgraph AP["Attack Process"]
            direction LR
            A("USB Device<br/> *Appears as Keyboard*"):::fragment --> B("Computer<br/>Automatically Trusts HID"):::fragment
            B --> C("Device Types Commands<br/>*Very Fast Rate*"):::fragment
            C --> D("System Executes<br/>Commands"):::fragment
        end
        
        style A fill:#db3838,stroke:#000000,color:#000000
        style B fill:#dcdf25,stroke:#000000,color:#000000
        style C fill:#26adde,stroke:#000000,color:#000000
        style D fill:#264bde,stroke:#000000,color:#000000
        style AP fill:#225649,stroke:#42c394,color:#42c394

Scripting

Duckyscript

# Hello World Example Script
DEFAULTDELAY 200
DELAY 2000
GUI R
STRING notepad
ENTER
STRING Hello World!

    %%{init: {'theme': 'dark', 'themeVariables': { 'darkMode': true }}}%%
    flowchart LR
        subgraph HW["Hello World"]
            direction LR
            A("Wait 2 Seconds") -- 200ms --> B("Win+R")
            B -- 200ms --> C("Type notepad")
            C -- 200ms --> D("Enter")
            D -- 200ms --> E("Type Hello World")
        end

        style HW fill:#225649,stroke:#42c394,color:#42c394

Usage

Try it yourself!

duckify.huhn.me
Docs > Arduino Setup

Challenges

Open the terminal
Fake update webpage (updatefaker.com)
ASCII Art
Rotate the screen with xrandr
“Backup” the command history