I have recently got a raspberry pi zero w. I did this to try and use its USB slave functionality and do things like HID attacks and grab cookies and such with poison tap. I cannot, no matter how hard i try, get duck berry pi to work. I would be very grateful if someone could make a guide on how to do it, or provide an image that I could use. Thanks in advance, m4r10
- Hot
- Active
-
Forum Thread: How to Hack Android Phone Using Same Wifi 22 Replies
6 hrs ago -
Forum Thread: How to Find Admin Panel Page of a Website? 14 Replies
14 hrs ago -
Forum Thread: Hack Instagram Account Using BruteForce 207 Replies
1 mo ago -
Forum Thread: Metasploit reverse_tcp Handler Problem 47 Replies
1 mo ago -
Forum Thread: How to Train to Be an IT Security Professional (Ethical Hacker) 22 Replies
1 mo ago -
Metasploit Error: Handler Failed to Bind 41 Replies
1 mo ago -
How to: HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide] 177 Replies
2 mo ago -
How to: Crack Instagram Passwords Using Instainsane 36 Replies
2 mo ago -
Forum Thread: How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More 5 Replies
2 mo ago -
Forum Thread: How Many Hackers Have Played Watch_Dogs Game Before? 13 Replies
2 mo ago -
Forum Thread: How to Hack an Android Device with Only a Ip Adress 55 Replies
3 mo ago -
How to: Sign the APK File with Embedded Payload (The Ultimate Guide) 10 Replies
3 mo ago -
Forum Thread: How to Run and Install Kali Linux on a Chromebook 18 Replies
4 mo ago -
Forum Thread: can i run kali lenux in windows 10 without reboting my computer 4 Replies
5 mo ago -
Forum Thread: How to Hack School Website 11 Replies
5 mo ago -
Forum Thread: Make a Phishing Page for Harvesting Credentials Yourself 8 Replies
5 mo ago -
Forum Thread: Creating an Completely Undetectable Executable in Under 15 Minutes! 38 Replies
6 mo ago -
Forum Thread: Hacking with Ip Only Part [1] { by : Mohamed Ahmed } 5 Replies
7 mo ago -
Forum Thread: Problem with Airmon-Ng and VM 3 Replies
7 mo ago -
Forum Thread: Which one is Animal Picture Is Inside in Kali Linux Wallpaper 3 Replies
10 mo ago
-
How To: Scan for Vulnerabilities on Any Website Using Nikto
-
How To: Dox Anyone
-
How To: Find Passwords in Exposed Log Files with Google Dorks
-
How to Hack Wi-Fi: Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
Hack Like a Pro: How to Conduct a Simple Man-in-the-Middle Attack
-
How To: Create a USB Mouse Jiggler to Keep a Target Computer from Falling Asleep (& Prank Friends Too)
-
How To: Exploit EternalBlue on Windows Server with Metasploit
-
How To: Enumerate SMB with Enum4linux & Smbclient
-
How To: Gain SSH Access to Servers by Brute-Forcing Credentials
-
How to Hack Wi-Fi: Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To: Hack Coin-Operated Laudromat Machines for Free Wash & Dry Cycles
-
How to Hack Wi-Fi: Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To: Write an XSS Cookie Stealer in JavaScript to Steal Passwords
-
How To: Hunt Down Social Media Accounts by Usernames with Sherlock
-
The Hacks of Mr. Robot: How to Spy on Anyone's Smartphone Activity
-
How To: Hijack Chromecasts with CATT to Display Images, Messages, Videos, Sites & More
-
How To: Hack a Site Knowing a Bit of HTML (hackthissite.org) Part 1
-
How To: Fix "Network Is Down" on Airodump-Ng
-
How To: Add Proxies to Your ProxyChains Config File the Lazy Way ;)
-
How To: Crack SSH Private Key Passwords with John the Ripper
6 Responses
I've wanted to ask the same question! You beat me to it!
I'm glad i'm not alone! How have you tried to install raspbian? I could not get a basic install to work, so i had to use NOOBS. I think that might be the source of the problem.
I have been attempting to execute duckberry payloads with a PI0W over the course of the last week with limited success. Below are a few tutorials (none of which were written by me) that may be of use. In the end, I used P4wnP1 on the PI0W and got a regular old Pi 0 for duckberry (flashed the minbian image) and had immediate success.
So, why do this? Duckberry images flash almost immediately, giving one the ability to launch a very quick and discrete attack with limited functionality. P4wnP1 is a bit slower and complex but, as a result, can execute much more complex attacks on locked computers for example which makes the time on the target machine more easy to come by.
I eventually used P4wnP1 to send more complex attacks which is more along the lines of the functionality of the Hak5 Bash Bunny. I got the default payload to fire and have not yet experimented with running rubber ducky payloads but I imagine it will work.
https://github.com/mame82/P4wnP1/blob/master/README.md
I also attempted to use the below link which allows one to switch between arming and attack mode and makes editing payloads a cinch. I did however, run into issues when switching into attach mode (device unrecognized and left the project for a later day). Someone with more knowledge would likely have more success. That said, there is much more development going on with P4wnP1 so I recommend that route over this one but a mashup to include the switch would be cool.
https://github.com/tholum/PiBunny
Lastly, here is a tutorial which I also attempted and it includes a link to set up the pi as a network server so you can send commands and/or files via your phone or computer. I had moderate success but was still unable to sort out how to actually execute the payload.
https://www.aidanwoods.com/blog/building-a-wifi-enabled-usb-rubber-ducky/
Thank you very much for this! I will have a look and see if i can get P4wnp1 to work.
Hi, I'm the developer of P4wnP1. Thx for mentioning the project.
Indeed the project can do much more than a RubberDucky, but is still under heavy development.
Here are some features according USB keyboard attacks:
An example for most of these keyboard features is in devel branch and will maybe pushed into master. SEE here
Forgot to mention, of course with a Pi Zero W keyboard attacks could be fired via WiFi. P4wnP1 spawns an access point for that purpose... and if you wamt more, no problem - a full covert communication channel could be brought up through the HIiD device, allowing to run a remote shell through it
Walkthrough is here
Share Your Thoughts