Dive into Ducky Script: An Introduction for All Platforms

Ronald Farrer
3 min readJun 12

--

Photo by Brett Jordan on Unsplash

If you’re interested in the fascinating world of penetration testing and cybersecurity, chances are you’ve come across a device called a Rubber Ducky. Despite its innocent appearance, this device is a formidable tool in the arsenal of any penetration tester. It emulates a keyboard and automates keystroke injections into a machine, potentially making the computer execute a range of commands. It can do this at an extraordinarily high speed, which makes it a significant force to reckon with. The language used to program these keystrokes is what we call Ducky Script.

Ducky Script is a simple, robust, and intuitive scripting language created by Hak5, a global leader in developing network devices for professionals.

This blog post aims to introduce you to the basics of writing Ducky Script and provide some examples on various operating systems — Linux, macOS, Windows, Android, and iOS. So, let’s dive in!

Understanding Ducky Script

Before getting into the examples, it’s important to understand the basic structure of a Ducky Script. Essentially, each line of a Ducky Script translates to a specific command. The most commonly used commands are:

  1. REM: Used for commenting, so you can explain what each part of your script is doing.
  2. DELAY: Pauses the execution of the script for a specified number of milliseconds.
  3. STRING: This is followed by any text that you want the "keyboard" to type.
  4. ENTER/RETURN: Mimics the enter key being pressed.
  5. GUI: This command is equivalent to pressing the Windows key on Windows, the Command key on macOS, or the Super key on Linux.

Now that we’ve covered the basics, let’s see how it looks in practice on different operating systems.

Linux

REM -- This script opens a terminal and types a simple echo command
DELAY 1000
STRING gnome-terminal
ENTER
DELAY 500
STRING echo 'Hello, World!'
ENTER

macOS

REM -- This script opens a terminal and types a simple echo command
DELAY 1000
GUI SPACE
DELAY 500
STRING Terminal
ENTER
DELAY 500
STRING echo 'Hello, World!'
ENTER

Windows

REM -- This script opens Notepad and types a simple message
DELAY 1000
GUI r
DELAY 500
STRING notepad
ENTER
DELAY 500
STRING Hello, World!
ENTER

These examples cover traditional desktop/laptop operating systems. Let’s also consider mobile platforms like Android and iOS. These platforms usually require OTG (On-The-Go) adapters to connect a Rubber Ducky, and the success of an attack heavily depends on the specific device and its settings.

Android

REM -- This script opens Chrome and types a URL
DELAY 1000
STRING chrome
ENTER
DELAY 1000
STRING www.example.com
ENTER

iOS

It’s important to note that due to the heightened security measures on iOS devices, script execution via Rubber Ducky is largely restricted. Certain automated actions might be possible (like opening apps) but user approval will typically be required for executing any commands.

In conclusion, Ducky Script is a versatile and efficient scripting language that is simple to learn and use. It can be applied across various platforms with minor differences, and its utility in penetration testing and ethical hacking is immense.

Remember, the power of a tool lies in how you use it. Always use such tools responsibly and ethically, and make sure you’re always working on systems where you have explicit permission to do so. Happy hacking!

I Love Coffee! https://ko-fi.com/canutethegreat

--

--

Ronald Farrer

I am interested in various Computer Science topics. I Love Coffee! https://ko-fi.com/canutethegreat