Overview

A Keystroke Injection Attack Tool (sometimes called a "Rubber Ducky") is a specially designed USB device, often disguised as a thumb drive, that automatically runs code on any host computer into which it is plugged. It does so by appearing to the computer as a USB HID ('Human Interface Device') keyboard and/or mouse, and then “typing” in keyboard shortcuts and commands.

This can be a vector for malicious code, and is potentially dangerous and destructive! This project aims to educate you and your “victim” on the dangers of these devices. Nothing is quite so memorable a lesson in security as plugging in an innocent looking device and being met with a flurry of terminal windows and text popping up, and receiving an automatically deployed desktop background that says “You just go PWND, be more careful next time!"

ALERT: do not use this knowledge for evil. Never use such a device on a computer that plays a critical role in safety, health, or security environments. This is best used a prank when you are nearby to prevent the user from smashing their machine to bits in frustration!

One very powerful feature of the Gemma M0 (and other ATSAMD21 ARM Cortex M0-based microcontrollers) is its ability to appear as a keyboard or mouse when plugged into a computer’s USB port.

By using a small CircuitPython program, you can tell the Gemma M0 to begin “typing” commands as soon as it is plugged into USB.

The Gemma M0 can also pretend to be a USB mouse, so we also have a project where you can program it with MakeCode to wait dormant for long periods of time, and then jiggle the cursor for a few seconds!

You can code this project up using any 'M0 board that MakeCode supports, including the Metro M0, Trinket M0, even the Circuit Playground Express!

Parts

All you'll need to pull off this prank is a Gemma M0 and a short USB cable.

1 x Gemma M0
Powerful yet small microcontroller
1 x USB Cable
A/Micro B - 6"

Optional Parts

While programming the Foul Fowl, it's handy to have a short jumper cable to disable the keystroke injection, such as this one:

The short USB cable is a great way to connect the Foul Fowl to a host computer. For an even more compact solution, you can use a tiny OTG USB adapter:

1 x Tiny OTG Adapter
USB Mircro to USB

If you want to seal up your Foul Fowl to make it a bit more discreet, you can insert it into a short length of 3/4" diameter heat shrink tubing.

Next, let's take a look at coding the Foul Fowl with CircuitPython for keystroke injection attacks.

Last updated on Mar 20, 2018 Published on Mar 12, 2018