Digispark Attiny85 Scripts (Cheap Rubber Ducky alternative)

We’ve all heard about the Rubber Ducky. A USB device made by hak5 that allows you to run scripts just by plugging the stick in. It works by spoofing itself as an HID (Human interface device) and just executes keystrokes and more. They are an amazing toy for pentesters and aspiring devs to mess around with however they are quite expensive so people have come up with a cheaper solution.

The Digispark Attiny85 microcontroller is a super small & cheap board available to pretty much everyone that lets you do the exact same stuff and technically even more. As you can see with the schematic on the right, it has quite a few pins you can connect various stuff to, to make wonderful stuff.

Apart from that, you can easily push the “DigiKeyboard” library onto it to create your own Rubber Ducky. This is all done via the Arduino language and only requires one piece of software. Technically you can also just use VSC or whatever your IDE of choice is but I’m not sure these have a way to push your files onto the stick.

The use-case¬†of these is obvious. In-person attacks or “funny pranks” on your target. The digispark is an amazing pentesting tool for physical attacks on (server) hardware running Windows, macOS and possibly even Linux.

Our Scripts

We have been working on quite a few of these Scripts that do various stuff from simple “trolling” (Change the wallpaper or rickroll people) all the way to opening an RDP connection or sending you their Wifi credentials via email. Have a look at our work below. If you have any questions, feel free to go to our contacts page and message us.

File Dropper

A simple file dropper. Change the URL in the code where it says "URL_HERE" and enjoy it. Scripts will be opened using PowerShell to bypass simple Windows Defender detections.

Wallpaper Prank #1

This Script generates a screenshot of your desktop, flips it on its head and sets it as your wallpaper. Afterward, it just hides your desktop icons and taskbar. Makes an amazing prank.

Mouse Messer

Why is this damn mouse doing weird stuff? Probably because someone used our script on you. This script ruins your mouse settings by switching the buttons, changing speed, enabling trails, and more.

WiFi Mailer

Sends you the WiFi credentials of all saved networks via email in a CSV file. Just change "GMAIL_USERNAME" and "GMAIL_PASSWORD" to your details and plug it in somewhere

Wallpaper Prank #2

Another Wallpaper Changer. This time it downloads an image from the internet and sets it as your wallpaper. Not sure what its use-case may be. Just change "link-here.jpg"

Fake Update

This is another super simple script to prank your friends with. It simply opens a Rickroll in the background and then displays a fake update screen in fullscreen mode.

DNS Poisoning

A more useful script. Changes certain websites' DNS entries to an IP you pick. Currently all links to our favorite website on the Internet, CloudFlare. Just change to your needs

Startup Forkbomb

Forkbomb, my beloved. I don't think there's much that needs to be said. It creates a startup script that forkbombs you. I don't recommend testing it on your machine.

RDP Backdoor

A script for unattended access to the machine. Creates a new user with RDP (Remote Desktop Protocol) enabled. The possibilities are endless after this one has been used.