Hacking Like Mr Robot

Hacking like Mr. Robot Part 6 – Rubber Ducky

In an episode of Mr. Robot, Mobley gives Angela a Rubber Ducky. If she does not get the femtocell up and running, Mobley says she can simply plug in the USB flash drive, wait a few seconds and then pull out. What’s it all about?

The USB Rubber Ducky is a keystroke injection tool disguised as a normal USB stick. Computers recognize a Rubber Ducky as a keyboard, but with the big difference that a Rubery Ducky automatically enters keystrokes. With more than 1000 words per minute you can execute very large commands and there are no limits to creativity.

Hak5 Rubber Ducky

Payloads can be created with a fairly simple scripting language. The payloads can be used to delete inverted shells, insert binaries, brute force codes, and many other automated attacks.

In the episode of Mr. Robot, Rubber Ducky is programmed to run a real tool called Mimikatz. Mimikatz reads out all hashes and passwords from the available memory. That’s not all the hackers can achieve with the femtocell, but it’s a lot and therefore the perfect plan B.

Since 2010, the Rubber Ducky is a favorite among hackers, penetration testers and IT professionals. The USB Rubber Ducky by hak5 is available for about 50 Euro. However, there are several cheaper options on how to build a rubber ducky yourself. How to build a Rubber Ducky for about 5 Euro from the developer board DigiSpark ATtiny85 from Arduino I show you here – Link to the DigiSpark Rubber Ducky Tutorial (cooming soon)

DigiSpark ATtiny85 by Arduino

Buy Digispark ATtiny85 – Link to Amazon