A two second HID attack against Windows and Mac that launches the website of your choosing. That's by far the most effective security awareness payload for the USB Rubber Ducky.
Cyber security awareness building is important, and developing an effective security awareness program - or at least raising eyebrows that one is even necessary - doesn't need to be difficult.
As a keystroke injection attack tool capable of mimicking both a USB keyboard and mass storage, the USB Rubber Ducky excels at autonomously exfiltrating documents – or what we like to call performing an involuntary backup. In this article I will briefly outline the steps necessary to turn your USB Rubber Ducky into a document exfiltration machine, as described on Hak5 episodes 2112, 2113 and 2114.
In this tutorial we’ll be setting up a Reverse Shell payload on the USB Rubber Ducky that’ll execute in just 3 seconds.
A reverse shell is a type of shell where the victim computer calls back to an attacker’s computer. The attacking computer typically listens on a specific port. When it receives the connection it is then able to execute commands on the victim computer. In essence it’s remote control of a computer.
Using a USB Rubber Ducky and this simple payload, Windows password hashes can be captured for cracking in less than two seconds.
This technique works against almost all versions of Microsoft Windows and only requires a 5 line Ducky Script and an open source server setup on the target network.
Pilfering Passwords with the USB Rubber Ducky
Can you social engineer your target into plugging in a USB drive? How about distracting ’em for the briefest of moments? 15 seconds of physical access and a USB Rubber Ducky is all it takes to swipe passwords from an unattended PC.
In honor of the USB Rubber Ducky appearance on a recent episode of Mr Robot, we’re recreating this hollywood hack and showing how easy it is to deploy malware and exfiltrate data using this Hak5 tool.