Staged and non-staged payloads for the USB Rubber Ducky [PAYLOAD]

Рет қаралды 24,068

Жыл бұрын

In this episode, Darren Kitchen digs into the cApS-Troll payload for the USB Rubber Ducky by Atomiczsec to discuss the workings and best practices of staged and non-staged payloads.
cApS-Troll by Atomiczsec: hak5.org/blogs/payloads/caps-...
PayloadStudio: payloadstudio.hak5.org
Discover Payloads: payloads.hak5.org
Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → www.hak5.org
Shop → shop.hak5.org
Discord → / discord
Subscribe → kzfaq.info...
Support → / threatwire
Contact Us → / hak5
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong.

Пікірлер: 31

@rationalbushcraft Жыл бұрын

Great to see you back Darren. I always enjoy your enthusiasm.

@prithvirajghorpade5538 Жыл бұрын

Thank you sir thanks a lot for your great contribution to the free education content of cyber security I am here with you and gonna watch all your upcoming and recent videos.

@CliffordMiller-fu7nu Жыл бұрын

Finally! Darren is back! What happened to van life?????

@azoicxx Жыл бұрын

Very cool payload to troll friends, but then how do you remove it?

@georgecole9190 3 ай бұрын

How do you stop the payload from continuing tho? how would we stop the caps lock from happening? is there a timer of how long the payload runs before it shuts down or somert?

@squiddymute Жыл бұрын

do these work with an older version of rubber ducky ? i bought mine back in 2016

@christopheradrift5058 Жыл бұрын

Now what would it take so when the caps lock being pressed it will drop a L

@AdnanKhan-sc6hh Жыл бұрын

Hay Darran, nice to see you back.. I have Question how would one stop this script?

@RDog1732 8 ай бұрын

idk

@Rob_Turner_UK Жыл бұрын

Glad to see Darren back, will be a regular viewer again

@69nunyabidness Жыл бұрын

This would be a great troll on someone trying to type a password. I know, all of you use Keypass or something similar to aggregate your passwords, but I'm kinda old school.

@ElbowNi1 Жыл бұрын

All well and good till someone looses an eye! So how does the victim stop it from blinking, is the hidden PS running somewhere visible?

@Braddeman Жыл бұрын

Not to mention only allowing signed powershell script so it might not run anyway. Might not be able to use a script and use keystroke injections instead is preferred for that reason.

@geroffmilan3328 Жыл бұрын

So many ways round script signing & execution policy, yet I see almost as many determined fools on reddit who are certain they're useful defences 😁

@Braddeman Жыл бұрын

@@geroffmilan3328 yes you are right but it is called defense in depth. It is one part of the many process that should be implemented and as this current payload stands it will not get around the powershell execution policy. EDR is more than likely going to pick up your techniques anyway. They have gotten pretty good at that.

@user-zw8xt5dm8g Жыл бұрын

What's the name of your book

@Counterhackingsafe Жыл бұрын

I really like the video, very insightful

@EyeseeUriP 10 ай бұрын

These things are why I don't trust buying USBs off of Amazon anymore lol.

@geroffmilan3328 Жыл бұрын

I'm not sure why this script persistently creates a New-Object every 2 lines - the one it made first time around hasn't gone anywhere if this is all 1 script or session?

@bestelevated 6 ай бұрын

Any telemetry?

@bnk28zfp Жыл бұрын

darren is come back 😮 wow great to see you back!!!!

@deucekiller022 Жыл бұрын

Why was he missing from all the other videos

@itzusmanidrees5916 Жыл бұрын

It bypass windows 10 / 11 defender

@m.m.m.c.a.k.e Жыл бұрын

Lolz

@brand_hacker Жыл бұрын

1st

@FutureWarCultist Жыл бұрын

His heart is still kickin! 🎉

@UNcommonSenseAUS Жыл бұрын

Bwahaha he believes things go to "space" 🤣🤣

@minchy83 Жыл бұрын

Well he said Atlas V but showed a picture of a Falcon 9 so we really can’t trust his space expertise 😉.

@geroffmilan3328 Жыл бұрын

And what, you believe NASA & the Chinese are *co-operating* to hide the flat earth from us all? How's JFK Junior doing, & ya wanna buy this bridge off me? Need a quick sale