Forum Thread: How to Make the Raspberry Pi Zero W into a Usb Rubber Ducky?

I have recently got a raspberry pi zero w. I did this to try and use its USB slave functionality and do things like HID attacks and grab cookies and such with poison tap. I cannot, no matter how hard i try, get duck berry pi to work. I would be very grateful if someone could make a guide on how to do it, or provide an image that I could use. Thanks in advance, m4r10

6 Responses

I've wanted to ask the same question! You beat me to it!

I'm glad i'm not alone! How have you tried to install raspbian? I could not get a basic install to work, so i had to use NOOBS. I think that might be the source of the problem.

I have been attempting to execute duckberry payloads with a PI0W over the course of the last week with limited success. Below are a few tutorials (none of which were written by me) that may be of use. In the end, I used P4wnP1 on the PI0W and got a regular old Pi 0 for duckberry (flashed the minbian image) and had immediate success.

So, why do this? Duckberry images flash almost immediately, giving one the ability to launch a very quick and discrete attack with limited functionality. P4wnP1 is a bit slower and complex but, as a result, can execute much more complex attacks on locked computers for example which makes the time on the target machine more easy to come by.

I eventually used P4wnP1 to send more complex attacks which is more along the lines of the functionality of the Hak5 Bash Bunny. I got the default payload to fire and have not yet experimented with running rubber ducky payloads but I imagine it will work.

I also attempted to use the below link which allows one to switch between arming and attack mode and makes editing payloads a cinch. I did however, run into issues when switching into attach mode (device unrecognized and left the project for a later day). Someone with more knowledge would likely have more success. That said, there is much more development going on with P4wnP1 so I recommend that route over this one but a mashup to include the switch would be cool.

Lastly, here is a tutorial which I also attempted and it includes a link to set up the pi as a network server so you can send commands and/or files via your phone or computer. I had moderate success but was still unable to sort out how to actually execute the payload.

Thank you very much for this! I will have a look and see if i can get P4wnp1 to work.

Hi, I'm the developer of P4wnP1. Thx for mentioning the project.

Indeed the project can do much more than a RubberDucky, but is still under heavy development.

Here are some features according USB keyboard attacks:

  • ability to handle DuckyScript embedded in bash like payload
  • ability to react on signals from targets native keyboard (triggering keyboard payloads by pressing NUM LOCK on real keyboard)
  • output raw ASCII with pipes to virtual keyboard, for example writing out log files as keystrokes
  • there's no need to delay the keyboard payloads, as they're executed in a callback which only fires if the target host has finished installing the keyboard driver
  • multi language support via global payload variable

An example for most of these keyboard features is in devel branch and will maybe pushed into master. SEE here

Forgot to mention, of course with a Pi Zero W keyboard attacks could be fired via WiFi. P4wnP1 spawns an access point for that purpose... and if you wamt more, no problem - a full covert communication channel could be brought up through the HIiD device, allowing to run a remote shell through it

Walkthrough is here

Share Your Thoughts

  • Hot
  • Active