Diabolic Drive Stealthily Injects Keyboard Strokes While Being a Functional USB Drive

USB Rubber Ducky devices appear to humans as innocent-looking flash drives. But to a computer, they present themselves as more. For example, inserting one acts as a keyboard that quickly "types" or injects pre-determined keystrokes. However, Unit 72784 took the idea a couple of steps further. Diabolic Drive performs the same keystroke injection and stealthily functions as an actual USB drive!

Diabolic Drive's printed circuit board design attempts to conform to a "universal" USB drive form factor. This size means you can hide the injection tool inside a commercially available or plain-looking flash drive enclosure.

When a user inserts Diabolic Drive, the host computer sees a USB keyboard, virtual COM port, and a mass storage device. The COM port allows for re-programming via the Arduino IDE, but you can remove that feature before deployment for additional stealthiness.

When acting as a 64 GB flash drive, the performance is similar to a "real" device. According to USB Memory Direct, the average USB 2.0 drive reads up to 25 Mbps and writes up to 10 Mbps. The Diabolic Drive should support up to 20 Mbps read and 10 Mbps write, effectively masking its true nature as a fully functional USB mass storage device.

A Microchip ATmega32U4 is the USB interface IC. It connects to an ESP8266 via I2C and Serial. The ESP8266 has 4 MB of memory available for the injection "payload." In addition, with the onboard antenna, the ESP8266 allows Wi-Fi-based connections and supports OTA software updates.

This hardware combination makes Diabolic Drive compatible with many open source firmware. For example, Unit 72784 says it should work with WIFI DUCK, WIFI DUCKY, ESPloitV2, WHID, supremeDuck, and others.

Unit 72784 plans to release the hardware files as open source on this GitHub repository. Currently, Diabolic Drive is in a pre-launch phase. Visit the Crowd Supply campaign page to sign up for notifications for when it goes live!