Skip to content
Spacehuhn Docs
Blog

Make your own BadUSB with a Digispark

How to make your Digispark run BadUSB Scripts using Duckify!

What is a Bad USB

Section titled “What is a Bad USB”

A Bad USB is a USB device that acts as a USB keyboard to run a keystroke injection attack, which can be used to open a terminal and run commands on the target computer.

Because these attacks are scripted, they can happen incredibly fast. It’s crazy how a BadUSB with the right script can take over an unlocked computer in just 3 seconds!

We’ve covered this in more detail in a previous blog post How Bad USBs work

What is the Digispark

Section titled “What is the Digispark”

Digispark Development Board

The Digispark is a very simplistic development board based on the ATTiny85. It’s popular due to the Arduino compatibility, built-in USB-A plug (so no dangling cables!), the affordable price, and the fact that it can act as a keyboard.

Buy a Digispark (affiliate link): https://amzn.to/3v69bU0

How to run Bad USB Scripts on your Digispark

Section titled “How to run Bad USB Scripts on your Digispark”

Duckify Website

Ok now, how do we turn the Digispark into a BadUSB?

I made an online converter that makes this process incredibly easy!

  1. Visit duckify.spacehuhn.com

  2. Enter your Bad USB script on the left (it’s Ducky Script compatible)

  3. Select your keyboard layout and hit convert

  4. Now you have an Arduino sketch that you can download and flash onto your digispark

Further Documentation

Section titled “Further Documentation”

Check out https://duckify.spacehuhn.com/docs/digispark/getting-started for a more in-depth tutorial on the Digispark and a reference to the scripting language

Once you have Arduino setup, it’s really straightforward.