Hi, this is Wayne again with a topic “Do NOT Plug This USB In! – Hak5 Rubber Ducky”.
While this may look like a perfectly ordinary USB drive, it is actually a tool of Chaos right, it’s known as the hack 5 rubber ducky, and while it can be used to perform silly pranks or to automate mundane office work, it can also be used for highly Illegal cyber crime – this ingenious little device here contains Hardware that can be used to grab passwords, open back doors for ransomware or even delete entire file systems in a matter of seconds, but rather than ignore it, hoping that aspiring narrow duels will remain ignorant of its existence. We are going to show all of you how it works demonstrate some of what it can do and give you the knowledge that you need to protect yourself from USB Bandits. Looking to compromise your precious data, you know what else we’re gon na do. Tell you about our sponsor build Redux, build Redux, makes it easy to configure your new build with support guides to help along the way. They also offer competitive pricing as compared to building a PC yourself head to build redux.com, Linus and start your new build today. The rubber ducky has existed for over a decade becoming a favorite tool of both real world hackers and it professionals alike, and it’s been featured on TV shows, like Mr Robot and Sesame Street. Are you sure about that last one? Well, there’s. Definitely, Mr Robot at least I’m doing a hacking with my rubber ducky USB and what makes the rubber ducky so Insidious is that compared to Media portrayals of hacking devices as full-on computer systems that can wreak havoc when connected to your network or gadgety. Looking keys that override decryption or authentication, it looks perfectly mundane, usb-a on one side, USBC with a little cap on the other.
It’S the kind of thing that you might plug into your machine just to find out what it does, but the second you do that it Springs into action executing its payload and it bypasses many malware scanners by disguising itself to your PC or Mac, or even your Phone as a human interface device or keyboard, I mean what virus scanner or firewall would think to check for a nefarious keyboard, not all, but actually more than you’d think it turns out rubber duckies do get detected by some of the higher end systems that know how To look for them, or rather they did get detected earlier this year, hack 5 released the rubber ducky 2.0, which included several features that make detection attempts now flow off it like water off a duck’s back previously rubber, ducky, payloads or programs. If you want to call them that had to be tailored to their specific Target, for example, a payload meant to run on Windows 7 might not work on Windows 11 and certainly wouldn’t work on Mac OS. But this latest iteration can detect the operating system detect when the device is set up and can even copy Hardware information from an already attached keyboard and spoof it to confuse any would-be security measures. It can’t even be detected by its input rate because it’s limited by default to the speed of an extremely fast yet still believable, human meaning.
It has the same level of system privilege as the logged in user terrifying and while a bit of programming skill is beneficial to make the most of the rubber ducky, I suspect the average Enthusiast could pick it up pretty quickly. The manual is just 32 pages and fits into the average pen or shirt pocket kind of like the kind you’d find on our excellent Workshop jacket available at lttstore.com. Ducky code is written in ducky script. A proprietary language from hack, 5 and simple commands are simple. To write, Attack Mode lets you set the device into hid and or storage mode string is used to type out letters. Delay is used to make the device wait for a number of milliseconds, perhaps for a program to launch and most other key presses or combinations are achieved by simply putting the name of the key onto a line. So here’s the Konami Code written in ducky script, once you’re done, building your instructions. They can be compiled into a ready-to-use payload using payload Studio.
It will highlight syntax Mark potential errors and give you suggestions for auto completion, while you’re typing automating, simple keyboard inputs is only so useful, though the command line is what really turns the target system into one big ducky, puddle playground there. It can write and run code to turn the volume all the way up: open 20 new Chrome windows with the same YouTube video over and over and over again, or put a little Dancing Duck on the screen truly groundbreaking stuff. To show you a real world use case, we wrote a payload to set up a new PC for benchmarking, it installs Chrome, 7-Zip and steam pauses to allow for login and then proceeds to install many of the games. We typically run with markbench, and this use case is notable because it’s actually the reason that hack5 founder Darren kitchen built the ducky in the first place to make repetitive tasks like fixing, printers or network shares faster and easier, but enough about its intended purpose.
Let’S talk about how it can be used to get around doors and locks that were meant to stay closed. All it takes. Is one user performing one careless action to compromise the system and it only takes one compromised system to compromise an entire network common practice for troublemakers looking to access a specific network is to invest in a small flock of duckies or similar devices. Those waterfowl get configured with a malicious payload. Then they get taken out to sea to go wailing. Whaling is a type of fishing attack that specifically targets a wealthy or a powerful person.
A whale and any City’s business district is full of such aquatic mammals. Like Executives, politicians or celebrities who have predictable daily routines and might not know very much about computer security, a few armed duckies then dropped into a parking lot or in the stairwell of an office. Building can be an extremely dangerous thing. Its capabilities are limited only by the creativity of the programmer and, as you know, there is no such thing as a perfect luck, let’s say, for example, a bad actor wanted to download data from a Target system to a ducky device. Well, many well-protected systems completely block external storage devices, but there’s a solution for that.
Using a script that reads a Target file then flashes. The caps lock and number lock keys. The duck can read those flashes as binary bits and then quack that Loop directly onto its internal micro SD card, the ducky 2.0, isn’t all powerful, though seasoned programmers may find that duckyscript 3.0 lacks the same quality of life tools of typical languages among other common issues.
It’S difficult to perform string concatenation, for example, and the ecosystem leaves a lot of room for improvement while lots of completed payloads can be found online and simply copied to your rubber ducky. Many of them require modifying the code yourself and lack the documentation that a novice user might need. So, if you didn’t already understand most of the ducky script, complaints that we scrolled through you could find yourself having issues early on. The biggest issue, though, is running your code there’s a light to indicate the status of any code, that’s running and there’s a button that allows you to stop at Midstream, but there’s not really a great way to test your payloads. Unless you have an extra machine that you don’t mind doing whatever it is you’re doing two, and even if you’re, okay with that, there’s no guarantee that other systems will function exactly the same as yours. It could even be something as simple as whatever delay.
You’Ve programmed for a chrome window to launch might be longer on a Target system. Additionally, if you’ve already run a payload on a machine once some of the changes that payload made Might persist, making it difficult to track how your code changes are affecting your payloads function. If there was an included way, for example, to run it on a virtual machine that could be restored with a single button press, that would be a lot more user friendly. If you do have machines to test on and the patience to learn your way around.
The small issues of the ducky script language – you too, though, could be doing Mr Robot level infosec exfiltration data, busting door crashing and output inputting. But that brings us to an important question. Should you be able to, as I said earlier, a small flock of unattended armed duckies can be a very dangerous thing, as it only takes one to expose an entire network.
That’S what almost happened to the multinational chemical firm DSM back in 2012., thankfully, for them, instead of checking the contents themselves, the person that found the mystery USB stick took it directly to it. People following protocol is truly the only way to keep a network secure and even though many people are not aware of how dangerous physical media can be attacking with it is not a New Concept. The brain computer virus from 1986 used floppy disks to travel between machines and in 2010 stuxnet, famously cloned itself and traveled by any means possible to hit a single offline Target in Iran. However, in any given year, Society is robbed of far more using crowbars and bolt cutters, and yet they still sell those at every hardware store.
So the mere fact that a tool like the rubber ducky can be used by evildoers shouldn’t be a cause for Banning it. Just make sure that you and your loved ones can recognize it for what it is and always practice safe computer use, just like I always safely segue to our sponsor Squarespace. If you’re building your brand online in 2022, you need a website and if you need a tool to help, build that brand.
Look no further than Squarespace Squarespace is the all-in-one platform to help expand your brand online. Make a beautiful website engage with your audience and sell anything and everything from products to content. We love Squarespace, so much. We use it here at lmg. It’S custom templates make it easy to stand out with a beautiful website that fits your needs. You can maximize your visibility thanks to a suite of integrated SEO features and their analytic insights help you optimize for performance. You can see what’s going well and What needs a little work so get started today and head to squarespace.com forward, slash LTT to get 10 off.
Your first purchase, if you guys enjoyed this video, you might also enjoy our video on the password reset key 2. socks and sandals really go well with the ninja mask. It turns out. .