QUACK
The Bash Bunny inherits the original DuckyScript commands from the USB Rubber Ducky. Keystrokes can be injected from DuckyScript text files, or inline using the QUACK command. The ATTACKMODE must contain HID for keystroke injection.
Examples:
Injects keystrokes from the specified ducky script text file.
Injects the keystrokes “Hello World”
Injects the keystroke combination of ALT and F4
ALT CODES
Firmware version 1.5 added the QUACK ALTCODE command. This allows the printing of alt-codes on Windows system only.
Caveats
When writing payloads for the bash bunny be mindful that when using QUACK and other DuckyScript commands you are passing arguments to a script.
If you are using variables in your payload, and injecting keystrokes, avoid variable naming collisions!
URL="example.com"
QUACK STRING <some code we are injecting onto a system> $URL
Will inject:
<some code we are injecting onto a system> example.com
This can be very useful for adding easily configurable parameters to your payload for others to use similar to the DEFINEpattern introduced in DuckyScript 3 on the USB Rubber Ducky. However, if the code you're intending to inject on a system uses a variable $URL (and so does your bash bunny payload) you will not get the intended results because bash will have resolved it rather than injecting it.
You may find that there may be other, similar caveats when building complex payloads with the power of Bash+DuckyScript.
Last updated