You might have heard about USB rubber ducky. A Rubber ducky is a programmed USB HID device, often a pen drive, to send a programmed sequence of keystrokes and mouse events to a computer. It is a powerful device that can unlock a PC or login credentials by inserting a USB stick. Even a rubber ducky can be used to automate tasks on a computer.
The 32u4 or SAMD micro-based Arduino boards like Arduino Leonardo, Pro Micro, Zero, Due, Esplora, and MKR family can be configured to appear as USB HID devices on a computer. The Keyboard library can send keystrokes to a computer, and the Mouse library can trigger mouse events. With the help of these libraries, 32u4 or SAMD micro-based Arduino boards can be programmed to run as USB Rubber Ducky even without any USB programming involved.
Typically, USB Rubber Ducky is created by compiling a ducky script or payload and transferring the executable payload to the USB HID device like a pen drive. In the case of Arduino, ducky scripts are converted to Arduino sketch using a specific IDE or online converter. The converted sketch is uploaded to a suitable Arduino board to run as a USB Rubber Ducky.
In this project, first, we will directly code Arduino Leonardo to operate as USB Rubber Ducky using the Keyboard library. There are two ducky sketches demonstrated in this project. The first ducky sketch shows automating tasks on a computer. The second ducky sketch automatically logins to a Gmail account as the Arduino Leonardo is plugged into the computer.
Components required
- Arduino Leonardo or any SAMD-based Arduino board x1
- Micro USB Cable x1
Circuit connections
There are no circuit connections required. You simply need to upload the ducky sketch to Leonardo. When you connect Leonardo to a computer via a micro-USB cable, the ducky sketch automatically plays its part on the target computer.
Automating tasks on a computer
The first ducky sketch we demonstrate here automates tasks on a target computer. As Arduino Leonardo is plugged into a computer, the sketch opens NotePad on the target Windows PC and starts typing an automated message. Any other application can be automated similarly using a USB rubber ducky. Check out the video below.
How it works
The sketch uses the Keyboard.h library. The library only works with 32u4Â or SAMD Micro-based Arduino boards. A function typeKey() is defined as inserting keystrokes, exceptional ones like Tab, Enter, Shift, Ctrl, etc. It is important to wrap keystrokes in a function; otherwise, the emulated keystroke will remain pressed after a call to Keyboard.press() until Keyboard.realease() is called. This can cause Arduino to constantly push the same keystroke to the computer leading to unpredictable behavior.
All the remaining code is written in the setup() function because we want the automated tasks to run only once. In the loop function, the script would continue executing infinitely, actually rendering the target computer in an unpredictable state.
In the setup() function, USB HID Keyboard is initiated from Arduino Leonardo by calling Keyboard.begin(). After some delay run command is executed on Windows by sending keystrokes for GUI and ‘R.’ The keystrokes are sent by calling the Keyboard.press() function. In the run command, Windows Powershell is launched by typing “powershell” and sending the keystroke for ENTER. The text is typed by calling the Keyboard.print() function. From Windows PowerShell, notepad is launched by typing “notepad.exe” and sending a keystroke for ENTER. Sufficient delay is provided to wait for the notepad to launch. As the notepad is launched, keystrokes to type a predetermined message are sent, followed by a keystroke for carriage return after each message multiple times. Finally, the USB HID Keyboard from Arduino is turned off by calling Keyboard.end().
In the same way, we can automate any application on the target computer. Now, let us see some real-life use of automating tasks on a computer by configuring a USB rubber ducky to automatically login credentials.
Automatic Gmail login
Arduino-based Rubber Ducky can even automatically log in to an email account or social media platform. The following video shows how Arduino-based USB Rubber Ducky is used for logging in to Gmail.
Arduino Sketch
How it works
The same Keyboard.h library is utilized to create this USB Rubber Ducky. The typeKey() function is defined as sending keystrokes from Arduino to the computer. Since this USB rubber ducky is used for logging in to a Gmail account, the sign-in must be only once. Therefore, the entire code is written in the setup() function.
The sketch sends keystrokes to execute the run command on Microsoft Windows. The link for Gmail login is automatically typed through the sketch and executed by sending a keystroke for ENTER. The Gmail opens in the default browser of the target computer. The Arduino automatically typed the Gmail username, followed by a keystroke for ENTER. Next, the Arduino automatically typed the Gmail password, followed by a keystroke for ENTER to implement sign-in. In the sketch, you need to replace GMAIL-USERNAME and GMAIL-PASSWORD with your Gmail username and password.
Filed Under: Arduino Projects, Electronic Projects
Questions related to this article?
👉Ask and discuss on EDAboard.com and Electro-Tech-Online.com forums.
Tell Us What You Think!!
You must be logged in to post a comment.