ATTACKMODEis a DuckyScript command which specifies which devices to emulate. The ATTACKMODE command may be issued multiple times within a given payload. For example, a payload may begin by emulating Ethernet, then switch to emulating a keyboard and serial later based on a number of conditions.
ATTACKMODE HID STORAGE ECM_ETHERNETis valid while
ATTACKMODE RNDIS_ETHERNET ECM_ETHERNET STORAGE SERIALis not. Each attack mode combination registers using a different USB VID/PID (Vendor ID/Product ID) by default. VID and PID can be spoofed using the VID and PID commands.