USB Rubber Ducky – Part 3: Crypto Duck
The USB Rubber Ducky is an extremely powerful and versatile device. Sadly, the potential is missed, and this is probably due to its high price tag (from an initial small development production run). Since its release mid-late 2011, the Ducky has grown in popularity and the Hak5 Team have more than doubled their production run, meaning costs have been slashed in half. Potentially with enough interest and investment the price can fall even further, and be comparable to the Teensy?
Today we will cover the Crypto Duck…
When Midnitesnake(@midnitesnake) open-sourced the code for Mass-Storage support, everyone thought it was a joke. Why pay for such a device that can only act as a storage device / sdcard reader. But one such follower known as TheBlueMatt(@TheBlueMatt) saw something special…
Potentially, an Open Source Cryptographic USB Mass Storage Device (many closed-source proprietary products are available on the web).
The Ducky’s chipset can support AES Crypto:
- USB High speed device mass storage on SD/MMC card with optional AES
If you are interested you can find TheBlueMatt’s project in Github:
TheBlueMatt has integrated AES into the Ducky’s initial Mass Storage library. Though in its early days, and source-code is out there, to be forked and further developed. Currently the Proof of Concept (PoC) is designed around a static key. But the potential is there to progress further. The chipset can support multiple USB classes, and can encompass memory from flash storage in addition to the sd-card.
We could develop this idea to have a portion of memory pretend to be a CD-ROM, containing an .exe, or .bin that can talk to the Ducky’s micro-controller; The program could interact with the micro-controller to potentially perform the following actions:
- Correct Password – Decrypts the card & Unlocks the partition
- Incorrect Password:
- Does nothing, prevents decryption, prevents unlocking the card
- Several incorrect attempts will format the card, rendering data recovery useless
So we urge you to jump on board, pick up your rubber ducks and get coding! QUACK!