Hak5's "Rubber Ducky" is a very powerful tool that allows the user to perform quick keystroke attacks, which is basically an elegant way of saying that the device can type fast. Capable of entering text at over 1000 WPM, Mavis Beacon has nothing on this $ 45 gadget. Within a few seconds of connecting it, a properly programmed script can do all sorts of damage. Think of all the chaos that can be caused by an attacker who types commands on the local computer, and now the image is also Flash.
But unless you're a professional pentester, $ 45 might be a bit more than what you're trying to spend. Fortunately for budget-conscious hackers, [Tomas C] has published a guide to using open source software to create a DIY version of the Hak5 tool for $ 3 a pop. At that cost, you do not even have to worry about recovering things when you distribute them; hold on tight to the ski mask and escape.
The hardware side of this hack is the Digispark based on Attiny85, whose clones can be purchased from $ 1.50 USD depending on how long it is willing to wait for shipping from China. Even the official ones are only $ 8, although at the moment they are not available at the moment. The encapsulation of the thing in the black shrink tube prevents a short circuit from occurring and, as an added bonus, confers that legitimate side to the hackers. Obviously, it would not be great if you could just buy one of these little guys and install the Rubber Ducky firmware on it.
In an effort to make it easier to use, the official Rubber Ducky runs scripts written in a scripting language similar to BASIC. [Tomas C] used a tool called duck2spark of [Marcus Mengs], which allows you to take a Rubber Ducky script (which was released by Hak5 as an open source) and compile it into a binary file for flashing at the Digispark.
Not quite as comfortable as copying the script on the original Ducky microSD card, but what do you want for less than 1/10 of the original price? As we saw in previous do-it-yourself builds inspired by Hak5 products, compromise is often at the cost of ease of use.[Thanks to Javier for the tip.]