Building a BadUSB with Raspberry Pi Pico and CircuitPython

In this article, we explore the technical construction of a BadUSB device using Raspberry Pi Pico and Adafruit CircuitPython. This tool, resembling a USB Rubber Ducky, can automate keystrokes to execute commands on a target computer.

Hardware Requirements

• Raspberry Pi Pico Board: A versatile microcontroller board for building various electronic projects. Official Link | Amazon Link
• Micro USB Cable: Essential for connecting the Pico to a computer. Official Link | Amazon Link

Software Requirements

• Adafruit CircuitPython: A Python-based framework for microcontrollers. Official Site | Mirror
• CircuitPython Library Bundle: Includes necessary libraries for HID (Human Interface Device) functionalities. Official Site | Mirror
• Pico-Ducky Script: Converts Ducky Script into Python for the Raspberry Pi Pico. Official Site | Mirror
• Hak5 Rubber Ducky Payloads: A collection of pre-written scripts for the USB Rubber Ducky. Official Site

Step-by-Step Construction Guide

Security Implications and Ethical Considerations

Discuss the ethical use of such devices, emphasizing their potential for both security testing and malicious activities.

Defending Against BadUSB Attacks

Offer strategies and best practices for protecting systems against BadUSB threats.

Hardware Requirements:

• Raspberry Pi Pico board – official link – Amazon.de link
• Micro USB cable – official link – Amazon.de link

Step-by-Step detailed tutorial

Software Requirements:

• Adafruit CircuitPython 6.3.0.uf2 – official site – mirror
• Adafruit Circuitpython Bundle-6.x-mpy-2021.01.30 – official site – mirror
• dbisu pico-ducky code – official site – mirror
• hak5darren – USB-Rubber-Ducky – official site – mirror

HowTo:

1. connect the Raspberry Pi Pico board to your computer using the Micro USB cable. It will get recognized as a mass storage device with the name: “RPI-RP2”
2. copy the file “adafruit-circuitpython-raspberry_pi_pico-en_US-6.3.0.uf2” from your computer to the Raspberry Pi Pico board in the root directory. The Raspberry Pi will disconnect and then immediatelly reconnect with a new name: “CircuitPy”
3. In order to allow the Raspberry Pi Pico board to present itself as a HID (Human Interface Device) device towards the target computer we need to extract the file: “adafruit-circuitpython-bundle-6.x-mpy-20210130.zip” and browse to “lib” directory and copy the “adafruit_hid” directory to “CircuitPy” under the location “lib”
4. extract “pico-ducky-main.zip” and copy the file: “duckyinpython.py” to the root of the “CircuitPy” mass storage device
5. inside the “CircuitPy” mass storage device delete the original file: “code.py” and rename the “duckyinpython.py” into “code.py”
6. upload to the already prepared badUSB the custom code from hak5darren, choose the desired code, copy it from github and paste it in a txt file and rename it to: payload.dd, then copy the file in the root directory of the “CircuitPy” mass storage device. Done.