USB Rubber Ducky devices have gained attention for their deceptive appearance as harmless flash drives, concealing their true capabilities from unsuspecting users. However, Unit 72784 has taken this concept further with their creation, Diabolic Drive, which not only injects keystrokes but also seamlessly functions as a genuine USB drive. The cleverly designed printed circuit board of Diabolic Drive adheres to the standard form factor of a "universal" USB drive, allowing it to be easily concealed within a commercially available or inconspicuous flash drive enclosure.
When inserted into a computer, Diabolic Drive presents itself as a USB keyboard, virtual COM port, and a mass storage device. The COM port permits reprogramming through the Arduino IDE, although this feature can be removed to enhance its covert operation. When operating as a 64 GB flash drive, Diabolic Drive delivers performance comparable to a genuine device. On average, USB 2.0 drives have a read speed of up to 25 Mbps and a write speed of up to 10 Mbps, and Diabolic Drive supports read speeds of up to 20 Mbps and write speeds of up to 10 Mbps, effectively masking its true nature as a fully functional USB mass storage device.
The heart of Diabolic Drive is a Microchip ATmega32U4 microcontroller, which connects to an ESP8266 Wi-Fi SoC via I2C and Serial interfaces. The ESP8266 has 4MB of available memory for storing the injection "payload." Additionally, equipped with an onboard antenna, the ESP8266 enables Wi-Fi connections and supports over-the-air software updates. Thanks to this hardware combination, Diabolic Drive is compatible with various open-source firmware options. Prominent examples include WIFI DUCK, WIFI DUCKY, ESPloitV2, WHID, supremeDuck, and others, as indicated by Unit 72784.
In the spirit of open collaboration, Unit 72784 intends to release the hardware files for Diabolic Drive as open source on their GitHub repository. Although currently in the pre-launch phase, interested individuals can visit the Crowd Supply campaign page to receive notifications about its official release.
