Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/flock4h/neoducky
Rubber Ducky powered by NeoKey
https://github.com/flock4h/neoducky
adafruit badusb badusb-payloads cheap-badusb circuitpython cybersecurity evil-pendrive hacking-tools hid hid-attacks hid-keyboard neoducky pentesting rubber-ducky security-tools
Last synced: 2 months ago
JSON representation
Rubber Ducky powered by NeoKey
- Host: GitHub
- URL: https://github.com/flock4h/neoducky
- Owner: FLOCK4H
- Created: 2024-03-09T03:48:51.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2024-06-03T18:31:33.000Z (7 months ago)
- Last Synced: 2024-09-26T09:22:04.252Z (3 months ago)
- Topics: adafruit, badusb, badusb-payloads, cheap-badusb, circuitpython, cybersecurity, evil-pendrive, hacking-tools, hid, hid-attacks, hid-keyboard, neoducky, pentesting, rubber-ducky, security-tools
- Language: Python
- Homepage:
- Size: 242 KB
- Stars: 18
- Watchers: 1
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
> [!WARNING]
> The author is not responsible for any malicious use of the software. Users are advised to employ NeoDucky strictly for educational, ethical hacking, and security research purposes.# NeoDucky
NeoDucky is a highly compact, efficient, and multiplatform BadUSB/RubberDucky device powered by Adafruit NeoKey Trinkey, but the code can be optimized to work with nearly every device that supports HID and CircuitPython (just remove pixel references as not every device has a Pixel LED).
## What NeoDucky can do?
Click to expand
1. Execute Keyboard Payloads
- Store/gather small amount of data
- Loop option
- Easy Payload Syntax
- Speed of light execution2. Distinguish MacOS from other distros
3. Switch between Storage/ Stealth modes**TODO:**
- Config '.json' very soon## Introduction to NeoDucky
NeoDucky is designed as the most cost-effective BadUSB device in its class, focusing on providing a powerful tool for security professionals and ethical hackers.
Components:
1. Adafruit NeoKey Trinkey ATSAMD21E18
- Price as of 2024: ~8-10$
2. Any USB-A port and a machine (PC/Laptop) to plug in the NeoKey## Before we continue
> NeoDucky is an open-source CircuitPython implementation of an HID payload injection device.
> Its use is intended solely for educational purposes.
> Any misuse outside of this context may result in legal consequences, for which the author disclaims responsibility.### Legal considerations
Click to expand
---- Make sure you have explicit authorization before using NeoDucky on any device
- Incorporate time delays between actions to prevent potential damage
- Use the tool responsibly to avoid causing harm or chaos---
# Setup
Recipe for NeoDucky- Download project files as .zip and unpack
or `$ sudo git clone https://github.com/FLOCK4H/NeoDucky`
- Open the directory NeoDucky or NeoDucky-main
- Plug in the NeoKey Trinkey to USB-A
- TRINKEYBOOT drive should appear
![image](https://github.com/FLOCK4H/NeoDucky/assets/161654571/8d8c108c-e0b7-443a-b6a6-ce85e83c83e5)In case nothing happens just double press the reset button on the board
- Mount the drive (double-click) if it isn't already
- Drag and drop the 'adafruit-circuitpython-adafruit_neokey_trinkey_m0-en_US-8.2.10.uf2' from NeoDucky folder to the TRINKEYBOOT drive
- Voila, you should now have a drive named CIRCUITPY so access it
- Move project files there so only: code.py; boot.py; /tools/; /lib/;> If you run into any "there is not enough space" just remove all files from CIRCUITPY drive, and then move the project files freely. In order to remove all files you must remove all hidden files too (".fseventsd", > ".Trash-1000", ".metadata_never_index").
- Transform NeoKey into NeoDucky by pressing the Reset button on the back of the board
Easy Payload Syntax
- To manage NeoDucky's payload just edit payload.txt in tools folder inside CIRCUITPY drive1. Introduction
Let's try to write a simple payload that will type in "Hello World!" after NeoDucky boots up`payload.txt`
```
Hello World!
```Simple.
Now let's run it in loop:
```
Hello ;
World!;
;
```
(Notice the semicolon use, it has to be at the end of the line in multi-line payloads)One line is also fine:
```
Hello World
```- 'timeX' - where X is the amount of time to sleep (can be float e.g. 0.1 or XXX number like 360)
- 'LOOP' - as one of special tags, when used will repeat the operation over and over, it has a near second cooldown to reduce eventual damage2. Keycodes
Keycodes are mostly single character format so "A" = "A" but there are exceptions:- "\n" is used as 'jump into newline' or RETURN key
- "\t" a tab or four spaces are taken as a TAB key and will return four spaces, use tag instead to simulate its press3. Tags
Used to perform specific actions in the payload, there are two types of tags:
1. Single
- The button that was pressed is automatically released before the next payload character is sent
```
- ESCAPE,
- BACKSPACE,
- TAB,
- PRINT SCREEN,
- SCROLL LOCK,
- PAUSE,
- INSERT,
- HOME,
- PAGE UP,
- PAGE DOWN,
- ARROW RIGHT,
- ARROW LEFT,
- ARROW DOWN,
- ARROW UP,
- NUMLOCK,
- APPLICATION,
- macOS only,
- WINDOWS KEY,
- WINDOWS KEY,
- WINDOWS KEY,
- LEFT CONTROL,
- SPACEBAR
```2. Multi
- Button is only released when it meets a sibling tag ("<LSHT>a<LSHT>a" will output 'Aa')
```
- Left Control
- Left Alt
- Right Control
- Right Alt
- GUI/Command
- Left Shift
- Right shift
- Capslock
- Run in loop
- sleep for X time
```### Example Payload
```
chrome\nwww.youtube.com/nw~
```# Usage
Click to expand
Ducky will detect the operating system itself basing on files structure.
After analyzing the payload, it will start execution at a high speed, so consider using time breaks.On Linux/ Windows devices to hide the Ducky's storage and enter Stealth mode just uncomment the line
`storage.disable_usb_device()` In `boot.py` file.
To turn off the Stealth mode, enter REPL session with the NeoDucky using any serial terminal and type
`storage.enable_usb_device()`
# Conclusion
> While NeoDucky is a powerful device, it shouldn't be used in any harmful way, HID Payload Injection is a form of an attack that will result in legal consequences.