The programming language, dubbed DuckyScript, is a simple instruction-based interface to creating a customized payload. However, it runs independently from the microcontroller that installs the drivers to the machine. On some older models running Windows XP, the device took upwards of 60 seconds to install the drivers. On newer machines running Windows 7, it took anywhere from 10-30. And if the drivers take longer to install than the delay you put at the beginning of your payload, it will begin firing off anyways.



There is a firmware release you can flash onto your Ducky that will additionally act as a USB flash drive where executable binaries can be hosted. In this case, it would be significantly faster to open the drive and load the file into memory. The benefits to this include

Don’t miss: How To — Get Your Mac Ready for Hacking?

the ability to potentially avoid dropping any files to the machine

quicker than remotely retrieving a payload

no internet connectivity required for additional payload

but remotely retrieving a payload is a viable method if you absolutely have to do it that way.

In short, it is a very promising and effective tool, but seriously lacks versatility. In some machines it may take 5 seconds to load the drivers, in others maybe longer than 60. Then you have to account for how long it will take to deliver your payload in accordance to how fast the machine can handle keystrokes. This becomes a huge bummer during official penetration testing scenarios where you are required to enter the office physically, because the variety of machine setups can be drastically different. Otherwise, exactly what it says on the tin: emulates a keyboard and mouse set up to deliver instructions.