The USB Rubber Ducky is a keystroke injection tool disguised as a generic flash drive. Computers recognize it as a regular keyboard and automatically accept its pre-programmed keystroke payloads at over 1000 words per minute.
Since 2010 the USB Rubber Ducky has captured the imagination of hackers with its simple scripting language, formidable hardware and covert design.
Nearly every device from desktop to smartphone accepts human input from keyboards. The ubiquitous USB HID standard makes this possible. When the USB Rubber Ducky is plugged it, it’s detected as a keyboard and it’s pre-programmed keystrokes are accepted by modern operating systems. From Windows and Mac to Linux and Android – the Keyboard is King.
By taking advantage of this inherent trust, the USB Rubber Ducky executes scripted keystrokes at over 1000 words per minute. Seconds of physical access are all it takes to deploy some of the most advanced pentest attacks or IT automation tasks.