Month 5 Box - Cyber Security

Lesson 5 - Open Source USB Rubber Ducky Setup (T-Dongle S3)

Lesson 5: USB Rubber Ducky 101 (T-Dongle + USB Army Knife Intro)


Today, you're diving into one of the most legendary tools in the world of ethical hacking: the USB Rubber Ducky — or in our case, an open-source version using the T-Dongle S3 running USB Army Knife firmware.


This small device may look like an ordinary USB stick, but it’s actually a powerful HID (Human Interface Device) injector — capable of pretending to be a keyboard and typing out commands blazingly fast.


🎯 What You’ll Learn Today:


  • How HID injection works and why it’s a powerful technique
  • What the USB Army Knife firmware is and how to flash it
  • How to write and deploy a simple script that performs an action on your computer


🔍 What Is HID Injection?


Most operating systems trust keyboards and mice automatically. So when a device pretends to be a keyboard, the system just listens—no security prompt, no driver needed.


The T-Dongle S3 uses this to its advantage by typing preprogrammed scripts faster than a human ever could. This is why HID injection is a powerful vector for ethical hacking, education, and defense testing.


💻 Meet the USB Army Knife Firmware:


This firmware turns your T-Dongle into a highly customizable scripting tool with extended features beyond traditional DuckyScript.


You can:

  • Write scripts directly in your browser
  • Control the device over Wi-Fi
  • Launch payloads using a simple web interface


GitHub page: USB Army Knife on GitHub


(A Rickroll example is available if you want to explore a fun test script.)


⚙️ How to Flash USB Army Knife (No Code Required):


  1. Remove SD Card
  2. Press and HOLD the button on your T-Dongle S3, then WHILE CONTINUING TO HOLD,
  3. Plug in your T-Dongle S3 to your PC.
  4. Download the firmware from the Github Repo under Releases:
  5. https://github.com/i-am-shodan/USBArmyKnife/releases/tag/v1.0.2
  6. Make sure to select the T-Dongle Option
  7. Download boot_app0.bin from:
  8. https://github.com/espressif/arduino-esp32/blob/master/tools/partitions/boot_app0.bin
  9. Open your browser and visit the Web Installer
  10. https://esp.huhn.me/
  11. Click on Connect
  12. Select the T-Dongle that is connected to your PC
  13. Add your .bins in the following order:
  15. MAKE SURE TO CHANGE THE BOOTLOADER FROM 0x1000 to 0x0000!
  16. Click Program and flash it :).
  17. Let it finish and done!


🛠️ Troubleshooting Tips:

  • Script not running? Recheck your syntax—USB Army Knife may handle some commands differently from traditional DuckyScript
  • Web interface not loading? Refresh the browser or reconnect to the T-Dongle's Wi-Fi
  • Notepad doesn’t open? Add longer DELAY values to support slower devices


📚 Homework Assignment:

  • Write your own harmless prank script (e.g., type a funny sentence, open a meme URL)
  • Test it only on your own device
  • Share your best idea in the #tdongle-pranks thread on Discord!



✅ By the End of This Lesson, You’ll Have:

  • Flashed your T-Dongle with USB Army Knife
  • Written and deployed your first HID payload script
  • Gained a deeper understanding of how trust-based device vectors can be exploited or defended against


Up next in Lesson 6, we’ll explore wireless tools and protocols using the T-Embed (Flipper clone). Get ready to sniff, spoof, and analyze your digital surroundings—always ethically, of course.