The best Rubber ducky scripts to hack or mess with windows computer systems within seconds
The USB Rubber Ducky is a product designed and Sold by Hak5. Essentially its a USB keyboard without any keys that you can pre-program a set of keystrokes on to. When the device is plugged in, its installed as a generic keyboard and will then type whatever you have scripted it to use.
Since 2010 the USB Rubber Ducky has been a favorite amongst hackers, penetration testers and IT professionals. With origins as a humble IT automation proof-of-concept using an embedded dev-board, it has grown into a full fledged commercial Keystroke Injection Attack Platform. The USB Rubber Ducky captured the imagination of hackers with its simple scripting language, formidable hardware, and covert design.
The programming language, dubbed DuckyScript, is a simple instruction-based interface to creating a customized payload. However, it runs independently from the microcontroller that installs the drivers to the machine. On some older models running Windows XP, the device took upwards of 60 seconds to install the drivers. On newer machines running Windows 7, it took anywhere from 10-30. And if the drivers take longer to install than the delay you put at the beginning of your payload, it will begin firing off anyways.
What is digispark?
The bootloader is the code that is pre-programmed on your Digispark and allows it to act as a USB device so that it can be programmed by the Arduino IDE.
The Digispark runs the “micronucleus tiny85” bootloader version 1.02, an open source project: https://github.com/micronucleus/micronucleus originally written by Bluebie: https://github.com/Bluebie
What is rubber ducky?
The USB Rubber Ducky is a Human Interface Device programmable with a simple scripting language allowing penetration testers to quickly and easily craft and deploy security auditing payloads that mimic human keyboard input. The source is written in C and requires the AVR Studio 5 IDE from atmel.com/avrstudio. Quack!
In short, it is a very promising and effective tool, but seriously lacks versatility. In some machines it may take 5 seconds to load the drivers, in others maybe longer than 60. Then you have to account for how long it will take to deliver your payload in accordance to how fast the machine can handle keystrokes.
The USB Rubber Ducky isn’t your ordinary HID (Human Interface Device). Coupled with a powerful 60 MHz 32-bit processor and a simple scripting language anyone is able to craft payloads capable of changing system settings, opening back doors, retrieving data, initiating reverse shells, or basically anything that can be achieved with physical access — all automated and executed in a matter of seconds.

The best rubbery ducky and Digispark USB scripts
- Payload – Hello World
- Payload – WiFi password grabber
- Payload – Basic Terminal Commands Ubuntu
- Payload – Information Gathering Ubuntu
- Payload – Hide CMD Window
- Payload – Netcat-FTP-download-and-reverse-shell
- Payload – Wallpaper Prank
- Payload – YOU GOT QUACKED!
- Payload – Reverse Shell
- Payload – Fork Bomb
- Payload – Utilman Exploit
- Payload – WiFi Backdoor
- Payload – Non-Malicious Auto Defacer
- Payload – Lock Your Computer Message
- Payload – Ducky Downloader
- Payload – Ducky Phisher
- Payload – FTP Download / Upload
- Payload – Restart Prank
- Payload – Silly Mouse, Windows is for Kids
- Payload – Windows Screen rotation hack
- Payload – Powershell Wget + Execute
- Payload – mimikatz payload
- Payload – MobileTabs
- Payload – Create Wireless Network Association (AUTO CONNECT) PINEAPPLE
- Payload – Retrieve SAM and SYSTEM from a live file system
- Payload – Ugly Rolled Prank
- Payload – XMAS
- Payload – Pineapple Assocation (VERY FAST)
- Payload – WiFun v1.1
- Payload – MissDirection
- Payload – Remotely Possible
- Payload – Batch Wiper/Drive Eraser
- Payload – Generic Batch
- Payload – Paint Hack
- Payload – Local DNS Poisoning
- Payload – Deny Net Access
- Payload – RunEXE from SD
- Payload – Run Java from SD
- Payload – OSX Root Backdoor
- Payload – OSX User Backdoor
- Payload – OSX Local DNS Poisoning
- Payload – OSX Youtube Blaster
- Payload – OSX Photo Booth Prank
- Payload – OSX Internet Protocol Slurp
- Payload – OSX Ascii Prank
- Payload – OSX iMessage Capture
- Payload – OSX Grab Minecraft Account Password and upload to FTP
- Payload – OS X Wget and Execute
- Payload – OSX Passwordless SSH access (ssh keys)
- Payload – MrGray’s Rubber Hacks
- Payload – Copy File to Desktop
- Payload – Youtube Roll
- Payload – Disable AVG 2012
- Payload – Disable AVG 2013
- Payload – EICAR AV test
- Payload – Download mimikatz, grab passwords and email them via gmail
- Payload – Hotdog Wallpaper
- Payload – Android 5.x Lockscreen
- Payload – Chrome Password Stealer