Staged and non-staged payloads for the USB Rubber Ducky [PAYLOAD]
ฝัง
- เผยแพร่เมื่อ 31 ม.ค. 2023
- In this episode, Darren Kitchen digs into the cApS-Troll payload for the USB Rubber Ducky by Atomiczsec to discuss the workings and best practices of staged and non-staged payloads.
cApS-Troll by Atomiczsec: hak5.org/blogs/payloads/caps-...
PayloadStudio: payloadstudio.hak5.org
Discover Payloads: payloads.hak5.org
Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → www.hak5.org
Shop → shop.hak5.org
Discord → / discord
Subscribe → th-cam.com/users/Hak5Darr...
Support → / threatwire
Contact Us → / hak5
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong. - วิทยาศาสตร์และเทคโนโลยี
Great to see you back Darren. I always enjoy your enthusiasm.
How do you stop the payload from continuing tho? how would we stop the caps lock from happening? is there a timer of how long the payload runs before it shuts down or somert?
do these work with an older version of rubber ducky ? i bought mine back in 2016
Thank you sir thanks a lot for your great contribution to the free education content of cyber security I am here with you and gonna watch all your upcoming and recent videos.
Finally! Darren is back! What happened to van life?????
Very cool payload to troll friends, but then how do you remove it?
Glad to see Darren back, will be a regular viewer again
All well and good till someone looses an eye! So how does the victim stop it from blinking, is the hidden PS running somewhere visible?
Now what would it take so when the caps lock being pressed it will drop a L
What's the name of your book
Hay Darran, nice to see you back.. I have Question how would one stop this script?
idk
This would be a great troll on someone trying to type a password. I know, all of you use Keypass or something similar to aggregate your passwords, but I'm kinda old school.
Not to mention only allowing signed powershell script so it might not run anyway. Might not be able to use a script and use keystroke injections instead is preferred for that reason.
So many ways round script signing & execution policy, yet I see almost as many determined fools on reddit who are certain they're useful defences 😁
@@geroffmilan3328 yes you are right but it is called defense in depth. It is one part of the many process that should be implemented and as this current payload stands it will not get around the powershell execution policy. EDR is more than likely going to pick up your techniques anyway. They have gotten pretty good at that.
I'm not sure why this script persistently creates a New-Object every 2 lines - the one it made first time around hasn't gone anywhere if this is all 1 script or session?
I really like the video, very insightful
These things are why I don't trust buying USBs off of Amazon anymore lol.
Any telemetry?
darren is come back 😮 wow great to see you back!!!!
Why was he missing from all the other videos
It bypass windows 10 / 11 defender
Lolz
1st
His heart is still kickin! 🎉
Bwahaha he believes things go to "space" 🤣🤣
Well he said Atlas V but showed a picture of a Falcon 9 so we really can’t trust his space expertise 😉.
And what, you believe NASA & the Chinese are *co-operating* to hide the flat earth from us all?
How's JFK Junior doing, & ya wanna buy this bridge off me? Need a quick sale
This will be so fun lol 😂