A Keystroke Injection Attack Tool (sometimes called a "Rubber Ducky") is a specially designed USB device, often disguised as a thumb drive, that automatically runs code on any host computer into which it is plugged. It does so by appearing to the computer as a USB HID ('Human Interface Device') keyboard and/or mouse, and then “typing” in keyboard shortcuts and commands.
This can be a vector for malicious code, and is potentially dangerous and destructive! This project aims to educate you and your “victim” on the dangers of these devices. Nothing is quite so memorable a lesson in security as plugging in an innocent looking device and being met with a flurry of terminal windows and text popping up, and receiving an automatically deployed desktop background that says “You just go PWND, be more careful next time!"
One very powerful feature of the Gemma M0 (and other ATSAMD21 ARM Cortex M0-based microcontrollers) is its ability to appear as a keyboard or mouse when plugged into a computer’s USB port.
By using a small CircuitPython program, you can tell the Gemma M0 to begin “typing” commands as soon as it is plugged into USB.
The Gemma M0 can also pretend to be a USB mouse, so we also have a project where you can program it with MakeCode to wait dormant for long periods of time, and then jiggle the cursor for a few seconds!
Optional Parts
While programming the Foul Fowl, it's handy to have a short jumper cable to disable the keystroke injection, such as this one:
The short USB cable is a great way to connect the Foul Fowl to a host computer. For an even more compact solution, you can use a tiny OTG USB adapter:
If you want to seal up your Foul Fowl to make it a bit more discreet, you can insert it into a short length of 3/4" diameter heat shrink tubing.
Next, let's take a look at coding the Foul Fowl with CircuitPython for keystroke injection attacks.
