I have recently got a raspberry pi zero w. I did this to try and use its USB slave functionality and do things like HID attacks and grab cookies and such with poison tap. I cannot, no matter how hard i try, get duck berry pi to work. I would be very grateful if someone could make a guide on how to do it, or provide an image that I could use. Thanks in advance, m4r10
- Hot
- Active
-
Forum Thread: When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen. 8 Replies
2 days ago -
Forum Thread: HACK ANDROID with KALI USING PORT FORWARDING(portmap.io) 12 Replies
1 wk ago -
Forum Thread: Hydra Syntax Issue Stops After 16 Attempts 2 Replies
1 mo ago -
Forum Thread: Hack Instagram Account Using BruteForce 208 Replies
1 mo ago -
Forum Thread: Metasploit reverse_tcp Handler Problem 47 Replies
2 mo ago -
Forum Thread: How to Train to Be an IT Security Professional (Ethical Hacker) 22 Replies
2 mo ago -
Metasploit Error: Handler Failed to Bind 41 Replies
3 mo ago -
Forum Thread: How to Hack Android Phone Using Same Wifi 21 Replies
3 mo ago -
How to: HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide] 177 Replies
3 mo ago -
How to: Crack Instagram Passwords Using Instainsane 36 Replies
3 mo ago -
Forum Thread: How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More 5 Replies
3 mo ago -
Forum Thread: How Many Hackers Have Played Watch_Dogs Game Before? 13 Replies
3 mo ago -
Forum Thread: How to Hack an Android Device with Only a Ip Adress 55 Replies
4 mo ago -
How to: Sign the APK File with Embedded Payload (The Ultimate Guide) 10 Replies
4 mo ago -
Forum Thread: How to Run and Install Kali Linux on a Chromebook 18 Replies
5 mo ago -
Forum Thread: How to Find Admin Panel Page of a Website? 13 Replies
6 mo ago -
Forum Thread: can i run kali lenux in windows 10 without reboting my computer 4 Replies
6 mo ago -
Forum Thread: How to Hack School Website 11 Replies
6 mo ago -
Forum Thread: Make a Phishing Page for Harvesting Credentials Yourself 8 Replies
6 mo ago -
Forum Thread: Creating an Completely Undetectable Executable in Under 15 Minutes! 38 Replies
7 mo ago
-
How To: Crack Shadow Hashes After Getting Root on a Linux System
-
How To: Exploit EternalBlue on Windows Server with Metasploit
-
How To: Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To: Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How To: Hack Coin-Operated Laudromat Machines for Free Wash & Dry Cycles
-
How To: Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
How To: Scan for Vulnerabilities on Any Website Using Nikto
-
How To: Find Identifying Information from a Phone Number Using OSINT Tools
-
How To: Use SQL Injection to Run OS Commands & Get a Shell
-
The Hacks of Mr. Robot: How to Spy on Anyone's Smartphone Activity
-
How To: Dox Anyone
-
How To: Crack SSH Private Key Passwords with John the Ripper
-
How To: Find Vulnerable Webcams Across the Globe Using Shodan
-
BT Recon: How to Snoop on Bluetooth Devices Using Kali Linux
-
How To: Brute-Force Nearly Any Website Login with Hatch
-
How To: Spy on Traffic from a Smartphone with Wireshark
-
How To: Brute-Force FTP Credentials & Get Server Access
-
How To: Hack Wi-Fi Networks with Bettercap
-
How To: Phish for Social Media & Other Account Passwords with BlackEye
-
How To: Use Kismet to Watch Wi-Fi User Activity Through Walls
6 Responses
I've wanted to ask the same question! You beat me to it!
I'm glad i'm not alone! How have you tried to install raspbian? I could not get a basic install to work, so i had to use NOOBS. I think that might be the source of the problem.
I have been attempting to execute duckberry payloads with a PI0W over the course of the last week with limited success. Below are a few tutorials (none of which were written by me) that may be of use. In the end, I used P4wnP1 on the PI0W and got a regular old Pi 0 for duckberry (flashed the minbian image) and had immediate success.
So, why do this? Duckberry images flash almost immediately, giving one the ability to launch a very quick and discrete attack with limited functionality. P4wnP1 is a bit slower and complex but, as a result, can execute much more complex attacks on locked computers for example which makes the time on the target machine more easy to come by.
I eventually used P4wnP1 to send more complex attacks which is more along the lines of the functionality of the Hak5 Bash Bunny. I got the default payload to fire and have not yet experimented with running rubber ducky payloads but I imagine it will work.
https://github.com/mame82/P4wnP1/blob/master/README.md
I also attempted to use the below link which allows one to switch between arming and attack mode and makes editing payloads a cinch. I did however, run into issues when switching into attach mode (device unrecognized and left the project for a later day). Someone with more knowledge would likely have more success. That said, there is much more development going on with P4wnP1 so I recommend that route over this one but a mashup to include the switch would be cool.
https://github.com/tholum/PiBunny
Lastly, here is a tutorial which I also attempted and it includes a link to set up the pi as a network server so you can send commands and/or files via your phone or computer. I had moderate success but was still unable to sort out how to actually execute the payload.
https://www.aidanwoods.com/blog/building-a-wifi-enabled-usb-rubber-ducky/
Thank you very much for this! I will have a look and see if i can get P4wnp1 to work.
Hi, I'm the developer of P4wnP1. Thx for mentioning the project.
Indeed the project can do much more than a RubberDucky, but is still under heavy development.
Here are some features according USB keyboard attacks:
An example for most of these keyboard features is in devel branch and will maybe pushed into master. SEE here
Forgot to mention, of course with a Pi Zero W keyboard attacks could be fired via WiFi. P4wnP1 spawns an access point for that purpose... and if you wamt more, no problem - a full covert communication channel could be brought up through the HIiD device, allowing to run a remote shell through it
Walkthrough is here
Share Your Thoughts