How To Create A $6 hacking Bad USB , Rubber Ducky setup tutorial

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello and welcome to it security labs and today we're going to create a six dollar bed USB drive rubber ducky and this is only for educational purposes in most cases when attackers are trying to deliver their payloads they have to come up with different ways of doing things for example they might do some phishing campaigns where they're send phishing emails with links and things like that and sometimes they can drop USB drives just like the one that I'm going to show you how to create here and this is going to cost you maybe six dollars or a little bit more compared to the hundred dollars plus that you can buy somewhere else on the internet so let me show you how you can do this so first you can buy a pre-made rubber ducky for about maybe 79 or 69 as you can see here or you can go on Amazon and just search for Amazon Pico W that's the one that I was looking for and you can also buy it directly from adafruit.com for six US dollars with different options what I did was I just went to Amazon bought several of these and as you can see for a two pack you can get one for 12 so when you get them from Amazon they will look they'll come in a package something like this and the real device the Pico device is this little guy it's just a Raspberry Pi this one is a Pico W that means it supports Wireless but as you can see we have this nice little USB C port so what you need to do is get any phone charger for Androids in this case I just have this one and I just picked somewhere I don't know what it's for and plug it in so now that it's plugged in this is now going to go to a computer so we can set it up to be a bad USB rubber ducky again it's six dollars compared to the 69 or 70 dollar one so this cable is kind of ugly I suggest that you print 3D print maybe a case and narrow it down there's probably a way to do that but for now this is going to be our bed USB rubber ducky okay so next you can go uh and install the software you can follow this GitHub repo here it's very detailed as you can see you can go through all these steps and you end up with a Pico docking but if you want I know this repo has been archived but that's what I used last year to do this and it still works so go ahead and clone this repo I have a link to it so here I have git bash I can say git clone if you do not have gitbash on your Windows machine go ahead and download get bash so you can run this or use Powershell so as you can see it says um file already exists on my directory because I already called it but that's the command that I ran and after you clone it you end up with a folder like this let's go through this for a second before we run it because we need to know what we're setting up right so as you can see we have two scripts a Linux one and a Windows one so we'll be using the windows Pi we also have a readme.md which you need to open and in the readme it tells you like hey in order for you to use this make sure that you mount your pico in your media folder and you just need to know the drives for that and then we run Python 3 Pi ducky and it will ask us for what we want to do so one thing that we can do let's also check the folders for the payloads because we need to choose a payload your payload is going to be in the source here and we also have the circuit Android fruit software that we need and as you can see here's the second pi encoded pie that who run to install a Pico in our scripts when we are being asked to choose we're going to choose reverse.dd so let's open that and I'll show you what I changed to make this one work for us so here I left the instructions but it's the Creator for this also is a YouTube channel please go and check it out but the only thing that I changed was I am getting my own netcat 64 so that I can get my own reverse shell from my Kali so this is going to be my attacker machine where I need to host my own netcat you can point this to one from GitHub but I don't want to get in the habit of pointing people to public GitHub where I cannot control that so get your netcat that's what this wget is going to do and also put the IP address of the attacker and the port where you want to get your revision and that's pretty much how we will get the reverse.d okay with that in mind now we just need to follow these instructions we have our Pico it needs to be plugged in our Windows machine right now if we look we we don't see anything right here so what we're going to do is we're going to plug it in and then run our script so first open command prompt I don't actually need to run it as administrator so just open command prompt go to a desktop Pi ducky and once you get there we just need to wait plug this one in and then run our script all right so coming back I plugged in my circuit which this is how your Pico will show up circuit Pi so I know that the letter is d then come here run python3 in this case we want to run one for Windows It'll ask you like hey what do you want to do in this case we want to set up a reverse shell and it says to hold the button I already plugged mine so I don't need to hold any button hit enter it should ask you for a letter the drive later we want d okay the letter is good now it's going to format our Pico copy all the files and set up everything so we can either do it manually or using this way so let's just wait for it to do its thing and after it's done we'll see if we have a working pickle okay so while I was building let's go to our attacker Kali okay so here's my attacker Kali first I need to host my netcat 64. most Kali Linux instances will come with netcat so what you can do is you can lock it netcat 64. put it somewhere where you want to host it then you can just copy it like what I did here once you copied I'm going to use the same python simple HTTP server I wish you as you can see it's already running where is it running right here okay why are we hosting python simple HTTP server we told our Pico to reach out to us so we need to host that in the same folder where our netcat 64 payload is the port that we're going to be listening on is going to be 444 again we defined that port in our payload folder somewhere okay so now that preparation is done it says modify the script reverse DD we already modified it but if you need to modify it you can do so so I just hit enter let's see if it works okay your pico is ready to go but please do not use this for malicious purposes okay so now that our Pico is set up and it's good to go I have a laptop here where I'm just going to plug it in and if it works the victim should reach out to us and download our netcat and immediately we should also get a device shell so let's watch our netcat while we plug it this thing in all right as you can see our victim reached out back to us and we got a reverse show let's check who was dumb enough to plug in our bed USB there and as you can see we're in a folder somewhere OS name it's a Dell laptop and that's this Dell laptop that I have right here that's plugged in so that's how we can make a picodaki a Raspberry Pi ducky whatever you want to call it okay one thing that I didn't mention is that that machine is actually being watched this Dell laptop here is joined to a elastic Sim and in future videos we're going to see how we can disable USB drives and also how we can detect this right now as you can see my agent is unhealthy for whatever reason he doesn't want to be healthy right now and we'll probably see some Outlets here but we don't have any detection yet and that's our main goal so if you subscribe like this video and in the future you'll be able to see something about detection on USB drives so thanks for joining and I hope to see you next time

Info

Channel: I.T Security Labs

Views: 22,728

Rating: undefined out of 5

Keywords:

Id: Hjsy1xd2XKU

Channel Id: undefined

Length: 9min 16sec (556 seconds)

Published: Sun Sep 03 2023