ATTACKMODE
is a DuckyScript command which specifies which devices to emulate. The ATTACKMODE command may be issued multiple times within a given payload. For example, a payload may begin by emulating Ethernet, then switch to emulating a keyboard and serial later based on a number of conditions.SERIAL
ECM_ETHERNET
RNDIS_ETHERNET
AUTO_ETHERNET
STORAGE
HID
ATTACKMODE HID STORAGE ECM_ETHERNET
is valid while ATTACKMODE RNDIS_ETHERNET ECM_ETHERNET STORAGE SERIAL
is not. Each attack mode combination registers using a different USB VID/PID (Vendor ID/Product ID) by default. VID and PID can be spoofed using the VID and PID commands.