The USB Rubber Duck - Why?



  • 0_1491059015442_d1[1].jpg

    About the USB Rubber Ducky#
    The Original Keystroke Injection Tool

    Since 2010 the USB Rubber Ducky has been a favorite amongst hackers, penetration testers and IT professionals. With origins as a humble IT automation proof-of-concept using an embedded dev-board, it has grown into a full fledged commercial Keystroke Injection Attack Platform. The USB Rubber Ducky captured the imagination of hackers with its simple scripting language, formidable hardware, and covert design.


    Drifting around youtube I stumbled upon this thing,.. it's been around for a bit, and others may know about it... But as I look at this thing, I wonder how it could be used in the IT Professionals tool box...

    I would expect @IRJ has heard of these - maybe even used one. But what use would they have for the 'lay person' if any.



  • Hak 5 always talks about these. Ive seen a similar use where a business card had an emulated keyboard that would type in a URL and open it in a browser for you. Other than that I can't think of a non pentesting use.



  • This is why USB control is so important. It's isn't too difficult to make your own malicious USB drives, and even easier to use one like this.





  • @IRJ said in The USB Rubber Duck - Why?:

    This is why USB control is so important. It's isn't too difficult to make your own malicious USB drives, and even easier to use one like this.

    It's disabled on our machines and we have dedicated employees to bring media on the network on certain machines.



  • @IRJ said in The USB Rubber Duck - Why?:

    This is why USB control is so important. It's isn't too difficult to make your own malicious USB drives, and even easier to use one like this.

    Yup, and if you're evil...

    http://usb-killer.com/


Log in to reply
 

Looks like your connection to MangoLassi was lost, please wait while we try to reconnect.