Payload Triggering Tricks - USB Rubber Ducky Mods for Red Team Engagements - Hak5

preview_player
Показать описание
Can we trick our target into triggering a payload on their own computer, while logged in and working? We find out with some crafty payload tricks -- this time on Hak5!

0:00 - Intro
2:03 - Setup
3:17 - Payload Writing
4:22 - Cloning USB devices with ATTACKMODE
5:51 - Passive Windows Detection Extension
9:08 - Activity Detection with DuckyScript 3
12:08 - SMB Canary Keystroke Injection
15:10 - Payload Arming
15:45 - Testing the Payload
17:22 - USB Rubber Ducky Mouse Implant Tips
17:53 - Thank you Hak5 community
18:21 - Review

____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
  1. Hak5
  2. hak5
  3. hack
  4. technology
  5. darren kitchen
  6. shannon morse
Рекомендации по теме
Payload Triggering Tricks 0:21:49

Payload Triggering Tricks - USB Rubber Ducky Mods for Red Team Engagements - Hak5

2023 Hacker Tip 0:00:58

2023 Hacker Tip #16 O.MG you shouldn't trust USB cables!

Locally control Flipper 0:00:27

Locally control Flipper Zero using Android to trigger Rubber Ducky scripts on connected device

bad-usb just got 0:00:30

bad-usb just got 1000x better on flipper zero

hacking USB inject 0:00:27

hacking USB inject Payload in phone #hack #digispark

Creating payloads in 0:00:21

Creating payloads in Hak5 Payload studio in 20 seconds #hak5 ak5

Stealth Payload Tips 0:26:30

Stealth Payload Tips - Obfuscation & Lock key triggers - Hak5

Kiosk mode Bruteforce 0:00:40

Kiosk mode Bruteforce Evasion with Flipper Zero

Grab and upload 0:00:30

Grab and upload stored Wi-Fi passwords with Android Rubber Ducky #shorts

Don't Trust Your 0:24:33

Don't Trust Your USB! How to Find Bugs in USB Device Drivers

Hacked Android by 0:00:30

Hacked Android by injecting Payload(Trojan/Rat/Worm)🔓🛠️using HID attack#Metasploit #shorts #ytshorts...

USB Power Bank 0:06:12

USB Power Bank Hack

rubber ducky bruteforce 0:00:41

rubber ducky bruteforce and send payload android

Introducing HIDX StealthLink 0:01:59

Introducing HIDX StealthLink

Flipper zero open 0:00:32

Flipper zero open the all of hotel doors

Autorun Programs With 0:01:39

Autorun Programs With USB! *ANY PC*

Flipper Zero Alternative? 0:00:24

Flipper Zero Alternative? - m5stickC plus 🤯 #shorts

3 HACKING gadgets 0:19:34

3 HACKING gadgets you have to TRY!!

Flipper Zero Vs. 0:00:59

Flipper Zero Vs. Walmart

He made a 0:01:00

He made a credit card trick at the atm #shorts

Advanced DuckyScript 3.0 0:10:40

Advanced DuckyScript 3.0 Features [PAYLOAD]

NEVER buy from 0:00:46

NEVER buy from the Dark Web.. #shorts

When you first 0:00:32

When you first time install Kali linux for hacking 😄😄 #hacker #shorts

aktifasi ps4 hen 0:00:39

aktifasi ps4 hen 9.00 tanpa cabut buka flashdisk

Комментарии
Автор

Good to see Darren back. Always love his presentation style.

rationalbushcraft
Автор

We're all so lucky this potential criminal mastermind is actually just a totally wholesome dude

supernerd
Автор

Daren is back. 🤝 Very welcome back. Nice to watch your tutorials. ✅️

stanislavsmetanin
Автор

To improve the payload I would drop a cobalt strike payload etc into memory so that each time the user turns on their computer we get a useable shell back. Seems like a lot of effort to go to for an NTLM hash. I could see this type of attack being super useful in shared open plan offices where loads of different people will use the same mouse over the course of a week.

Jango
Автор

Absolutely awesome, I really hope pen testing can become my career some day

ogzsxftw
Автор

Omg yes! 🙌 thank you glytch and Darren for this. Please make many more videos like this going over attack scenarios and payloads fully described. I’m new to the pentest world and just used your devices for basic stuff but I could think of thousand real world ways to use it just couldn’t figure out how to use the duckyscript and payload structure to make it work. @hak5 and Darren is there more advanced lessons and deep overviews like this in the duckyscript advanced course?? I have the book but it’s just the basic how tos of everything.

pentesterpif
Автор

I wasn’t expecting Darren to be down there not gonna lie.

MorrWorm
Автор

17:19 LAN Manager (LM) hash.LAN Manager (LM) hash of your password in Active Directory and local Security Accounts Manager (SAM) databases.

mathbc
Автор

How to improve ideas:
- set check KBM idle timer for 4 min 59, then auto execute
- use system proxy and passthrough current user credential
- multiple vulnerable protocols (http, imap, pop3, smtp, rdp)
- on fail, collect info like trust site settings, edge ie enterprise compatibility list, office suite trusted location, EDR exclusion list...

accrevoke
Автор

Never underestimate the power of self preservation! Even if an employee suspects something fishy about a fast pop-up on their screen that typed in a bunch of stuff, or if they suspect something after plugging in a random flash drive, or whatever, they will almost never tell management or I.T. what happened for fear of getting in trouble because maybe they did something wrong (even if they didn't) or they should've realized their mistake before doing it, or some other guilty feeling reason.

bluegizmo
Автор

Great video thanks for this very interesting.

kapzvara
Автор

Seriously though like I love hak5 gear. Unfortunately 50% of inventory is out of stock it seems. I haven’t confirmed those numbers. It just feels that way. I’ve been wanting a coconut for so long

MorrWorm
Автор

i wonder if you can spawn a topmost window maybe two that will coverup the script running shell, thats tim delaYED 15mins in so that they dont suspect the mouse asap but have it work during work

saviorvx
Автор

How do you stop Windows from enabling USB devices automatically?
Is there a service which can be set to "manual"?

leoac
Автор

God, you were just a kid when I first started watching...

binaryglitch
Автор

better question, what was Darren doing under that desk before?

TalkingSasquach
Автор

If the password happens to be an integer, that CAPSLOCK may not be triggered at all, and if it is, it may take a while. In addition, that IF is not taking into account the possibility of CAPSLOCK already being TRUE, for whatever reason.

leoac
Автор

it would of been easier for you and for glitch . to just use a OMG cable and solder it the new mouse . then it would just be a simple cable replacement . which you could of done to any mouse . rubber ducky is just so big and bulky and they are so many third party products that are smaller . I just don't get it

themodesttraveler
Автор

users nowadays are very specific with their mouse and mouse preferences in the workplace. they will notice if their real mouse is replaced with a crappy generic mouse. you may have to research which user has a feasible mouse to mod to appear identical to their existing one.

iblackfeathers
Автор

if they use old logitech wireless mouse why not just nrf24 mousejack it ?

myname-mzlo