I will own you in 3 seconds. Never do this!
ฝัง
- เผยแพร่เมื่อ 27 มิ.ย. 2024
- In only 3 seconds I will have access to your computer. Never do this!
Need help? Join my Discord: discord.davidbombal.com
Menu:
Overview: 0:00
Warning: 0:10
Don't do this! 0:39
USB demos: 1:15
Remote control demos: 1:55
Create a file: 4:40
Powershell: 5:18
3 second demo: 6:00
OMG cable: 7:22
Explanations: 8:00
Previous video: • Your WiFi is mine! (ha...
Get the USB from Hak5: shop.hak5.org/products/usb-ru...
Get the cable from Hak5: shop.hak5.org/products/o-mg-c...
================
Connect with me:
================
Discord: discord.davidbombal.com
Twitter: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
TH-cam: / davidbombal
================
Support me:
================
Join thisisIT: bit.ly/thisisitccna
Or, buy my CCNA course and support me:
DavidBombal.com: CCNA ($10): bit.ly/yt999ccna
Udemy CCNA Course: bit.ly/ccnafor10dollars
GNS3 CCNA Course: CCNA ($10): bit.ly/gns3ccna10
======================
Special Offers:
======================
Cisco Press: Up to 50% discount
Save every day on Cisco Press learning products! Use discount code BOMBAL during checkout to save 35% on print books (plus free shipping in the U.S.), 45% on eBooks, and 50% on video courses and simulator software. Offer expires December 31, 2020. Shop now.
Link: bit.ly/ciscopress50
ITPro.TV:
itpro.tv/davidbombal
30% discount off all plans Code: DAVIDBOMBAL
Boson software: 15% discount
Link: bit.ly/boson15
Code: DBAF15P
kali linux
wifi
kali linux 2020
hak5
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#kali #hak5 #mrrobot - วิทยาศาสตร์และเทคโนโลยี
![ความรักของยักษ์เขียว (ทศกัณฐ์) - เดี่ยว ไออุ่น [OFFICIAL MUSICVIDEO 4K]](http://i.ytimg.com/vi/yCCy-QVHqK8/mqdefault.jpg)
haha jokes on you, my laptop is so slow that it takes like 5mins to do the most basic and simplest tasks
I'm on an i3 iMac. Half the time my USB ports don't even work for benign devices!
Lol jokes on you my Mac doesn’t have usb interface
@@mrri8403 Jokes on you for using a Mac!🤣
@@colindaniels6218 You might be 'truly safe' from the internet but therefor possibly lack the opportunity from it's full potential.
JOKES ON YALL I DONT EVEN HAVE A HOUSE
David will throw millions of pendrive on street and follow his youtube channel from there🤣🤣🤣
but this is great idea🤣🤣
Bank ?
hahah u r really right.
Done it so many time when I took the CEH course, but never I imagined that you can program a USB to do this kind of backdoor connectivity. Awesome!!!
this guy is so underrated , keep it up mr.david its been 24 hours since i started to learn on your chanel and i already learned alot of stuff thank you for all this work you are doing god bless
Hello David. Just recently I discovered your channel and I really enjoyed how you explain networks, you make it sound like it is very easy :). I am finishing my networking certification which I can state that I have so many to learn. At the same time trying to make netacad certifications and watching people like you to expand my horizons and knowledge.
You gained a new sub. Thank you
can you tell which networking certification you are doing from where
Usually, when I find a USB drive on the floor I go to the Net Café and plug it into a random computer there just to find out if I can figure out its owner in order to contact them. But, it's interesting to know about this hack so thanks for sharing!
That's the beauty of it !
The original attack didn't work out, so it's nice you are helping to at least get some other data ☺️
I know what lengths some people will go to to get into someone’s computer, but imagine trying to do this as a prank, buying an expensive rubber ducky usb and dropping it in a car park, only for it to then be run over
No one would ever use a rubber ducky to begin with
David: “You should never just plug a random USB into your computer.”
Every Dark Web Mystery Box TH-camr: “Let’s see what this dark web hard drive will do to my PC”
Thanks for the heart David, I love ur vids
Do you know a channel where I could watch that?
@@Lindrios most are fake
@@ilulu3812 they’re actually all fake, mystery boxes aren’t sold there
@@Krimson44 u could probably find someone actually selling a mystery box but it's highly unlikely
Loved the Mr. Robot reference, truly and the only realistic series in terms of hacking. Needless to say, very precise and amazing video as always. Great work!
Thank you Abdul!
@@davidbombal Hey uhh so on some comments there is a person called onion tv official saying "...you can learn more from my channel..
thanks" and their channel is very fishy, im not sure if it's a bot but just letting you know.
Trust has been a major issues in my relationship till i was referred to the best hacker on Instagram called @Vikehacks. He gave me total access into my wife's Snapchat efficiently and swiftly. Contact @Vikehacks on Instagram to get all hacking services done and remember to tell him who referred you. 💯
I never thought I would be able to recover my account until I met Hacker_Fmt on Instagram,I tried him and recommend 💯 💯💯!
@Jamie Indeed, I'll try adding them on LinkedIn haha
This is great! Thank you! Thank you for not going so fast! Really appreciate this!
You're welcome Max!
Hi David, Can you personally develop exploits, Trojan’s, Bots, Worms. As well as perform Buffer-overflows, and Ram-scraping, etc. Or can you only use prebuilt tools????
Great info! Thank you for sharing. I'm writing a short article on account security and gave me some more food for thought for the article.
Thanks for this very helpful Demonstration;)
This would be a great way to rickroll someone
That is what i was thinking
got a script for that it basicly makes the computer unusable it keep turning the sounds to 100% on the speakers every second and play never gonna give you up
@@__jonko_with_johnko__ send script
Duuude.
@@denisbronskii5629 it is ez to make a one using python
Love the intro with the zebra and the video!
Keep it up!
Thank you Aldo!
I would be thanking million times ,if I could get to see his full tutorials..
He genuinely seems too smart and knowledgeable,it's my first video hence,new subscriber and I'm surely going to try to watch all of his other videos 👍👍
thank you greatly for warning people about this, and thank you greatly for slightly teaching me how to do this.
Bro imagine hacking a computer and forcing the computer to run a rickroll for every 10 minutes
While I find this idea intriguing, I did install a script that changed all the keys on my friends computer. Every time he pressed F, it said something nasty, and every time he tried to press delete, it wrote, "Haha, did you try to delete now?"
@@kebman INGENIOUS!
@@kebman I wrote a script that does something similar too, i called it "keyboard jammer"; it kept track of what keys were being pressed while inserting random characters instead. It wouldn't stop unless you gave it the actual correct key-combination
-I just finished my 128 pages essay. Can you check it to see if it's ok?
-Sure, just let me re-write it on my laptop.
-But I can pass it to you on my thum--
-LET. ME. RE. WRITE IT.
😂😂🤣
copy and paste the text into an email for me, please. Then, I'll copy and paste into word document for reading. Thx
😂
well thats why jsu tnot plug something in isnt a good security concept.
with today electronics it could be in any cable, hell already within the electronics in the laptop itself.
thats why we backup, encrypt, and overwatch processes, multifactor auth and so on.
in this case this is midly a hack itself. you aint get admin privileges so damage is contained as long he cant run a privilege escalation hack.
i doutb he can even autorun that thing as powershell is notorious limited by default. that why he wrote a file like that, he aint have fileaccess with that and he cant use it to install a backdoor to gain such thing that easy.
if ur system is uptodate the attacker would need a zero day exploit. if that thing is already on the thumbdrive it could be worth millions.
@@woswasdenni1914 There are plenty of known vulnerabilities that aren’t patched.
why didn't i see this channel earlier until today, @david , interesting content you have have here and spreads a wide knowledge, time to check every video you've uploaded thanks
This is a very important and revealing video. Thanks for sharing
Super Clear Voice , Super Easy Explains , Simply "SUPERMAN"
Thank you Sushant! much appreciated :)
Trust has been a major issues in my relationship till i was referred to the best hacker on Instagram called @Vikehacks. He gave me total access into my wife's Snapchat efficiently and swiftly. Contact @Vikehacks on Instagram to get all hacking services done and remember to tell him who referred you. 💯
Great Video. Thank You for the wonderful content. Please consider making videos to counter attacks like these i.e. what can one do when they realise they are attacked.
Great suggestion Vyas!
Send a dm to Holtlan_94 on lG sir. He’s such a great help
Excellent video. I'm taking beginning classes for cyber security and had to learn about rubber ducky and this is the best video I found so far. Thank you!
Hey dude, is Rubber ducky among the course unit in Cyber security class??
my rubber ducky is on the way! great info i really like your videos & networkchuck!
Thank you for putting out great content
Thank you Alan
Very informative and scary!
Really enjoyed it, very insightful
Hey David. Great channel about computer knowledge! keep the good work up
I really love the thought of all the power and opportunities you can have from knowing how this stuff works.. Made it through the basics and making my own website for practice, I'm not even close to scratching the surface lol overwhelming but that's exactly what the thousands of other people are thinking and quit. Wont be me, downloaded Wireshark and today my pc refused to connect to my router. Ran a troubleshoot and it fixed it, still scared me enough to uninstall but thats what pucci's do?
Now my SCHOOL is going to pay for not selecting me for the hacking competition
Oh my
Great video! Would love to see some of the books you are reading. Just recently stumbled into your channel.
That’s mean if my task manager running poweshell I’m being hacked.
Thank you. Great content.
I love the series Mr Robot it's insane 😁...
When displaying the blue screen of death, put a qr code which, when scanned: downloads a payload on a mobile device?
YES
that is nasty hahahaha but i like it
Jeez that's genius
just what i was thinking
so you're hacking hacking now 😂
Superb, Easy to understand and I'm learning it for educational purpose.
Thanks David for sharing your ideas I am not a skilled user of gadgets am still learning how to navigate. It's a big lesson on my part.
first thing to do, 1, disconnect internet cable, 2, disconnect hard drive, 3 boot a live disc of any linux distro, then insert thumb drive to find out whats on it. then go into usb format and wipe the thumb drive. ..
it can be just a usb killer, so it will melt your pc without any software
@@maxxxxiors that's why you test it with a library pc :)
Or you can just..... not plug it in?
@@bigchungus27 nah that seems logical, stay away from it
" Let's have some fun " --- I'm scared
😂
now I'm curious how to prevent that, Its a good thing a found this channel looking forward to your new videos
I love how you stay on topic and any tangents are short, clear, concisely explained as to how they are a part of the subject under discussion.
Many channels are unnecessarily long winded with very little, if any, useful information.
I like just the facts. If I don't understand, I ask questions or research things myself.
Very impressive format and layout.
Love your workshop.
Amazing 👽, next video use it on mac and linux, i really want to see them how it works 🙏
Glad you liked the video :) Thanks for the suggestion.
He won't, it won't
@@ner0p dude do you really think this is true? Put video on 7:01 and slow it down and you will notes screen cut when he "triggers on chrome on laptop" this guy is just trolling with you all :D :D :D
@@davidbombal nice scene cut on 7:01 which have made be believe you 110%, our hand tells it all ;)
@@metalsnake00 Well spotted.
Perfect recommdation does exist... I will never pick up unknown pen drive or plug it.
Good advice :)
Well.....that's where social engineering enter the equation. Given the right incentive, you WILL plug something in. Doesn't have to look like a pen drive. Could be a USB powered desk fridge, a USB charging cable, a usb vibrator, you name it....
Actually, a novelty "usb dildo" may be worth making. You sneek into premises, leave the dildo in the canteen. I can guarantee someone just will have to see what happens......
finally a channel that undersands me
Great video. Thanks for this information.
David, thanks for another great video. It’s an important knowledge, indeed. Nevertheless, you didn’t tell how to prevent such USB stick attacks, how to secure USB interface so even if somebody else will plug a USB stick we still can remain safe.
In the end, the video is only halfway useful to me.
Cheers!
Windows OS, open AutoPlay from search menu. Either disable the defaults or change them to Ask me every time. For my clients, we use security software to push these settings out and also for some devices like computers that are near people not from the business like a patient encounter room, we fully disable the USB ports. No end user can override this either. There is also methods with software that require an encryption key to exist on the USB storage device, before the computer will allow access. Meaning, only Trusted USB storage devices are allowed. I once had a doctor's office fill his USB ports with superglue to block patients from trying to insert USB sticks. I was very polite and showed how his keyboards had a USB port on their back and I would just unplug his mouse or keyboard and use those ports...
I think here though, the device is emulating a keyboard, rather than autoplaying from usb storage. So as far as the computer is concerned it's just an innocent keyboard
Hi David - great video as always. One thing i would love to know is the defense against these sorts of attack!
If the victim was suspicious after finding a thumbdrive- would they be able to view remote connections currently running on their machine for example? To see if any remote connection sessions were happening on your computer?
I think just ending power shell helps
Hi David, that was 😲😲😲😲, thanks for the Tip!!
I'm glad my Sinclair Spectrum does not have a USB port , so I do not get tempted.😊
Great video David.
Great job .. will you show us the steps what did u do to control other pc . Love all your videos .
Thank you Yaser!
@@ainvondegraff5233 It's actually very basic hacking stuff. But it's not in the scope of this video. I feel like the goal is really to educate people about plugging unknown USBs rather than teaching how to run a simple reverse shell.
Woow It's really amazing thank you 👌👍❤
I'm glad you like it Mamoune!
That was soo cooool!
Thank U Sir.
just amazing what you can do remotely, also it is kind of dangerous if some one track your bank account info. I will never plug unknown USB. thanks it is very useful video
thanks for the info...now, is there a video on what steps to take before you insert a usb drive?
3 minutes into the demonstration:
"Notice, I am controlling this laptop"
Ohhh, I hadn't noticed... lmao
Good demos tho
This is excellent stuff.
Very educational video, even non-techky should watch it 👏
This attack vector can be partially mitigated (on any OS) by using your computer in user and not local administrator/root context -- which is good practice to start with anyways.
Plugging a usb stick that you found on the carpark into your computer is like drinking from an opened and half consumed bottle of Coke you found on the carpark
i agree lol
Nah it's like finding a bag of coke on the street only to snort it and find out its fentanyl.
Thx for making an informative video
good video, very nice way to introduce this devices, thank you
I like how he has to tell us that he is controlling this laptop every 2.687 seconds.
PLOT TWIST : I will connect that pendrive to my car's dvd
Wow it extremely interested thanks boss
Good tips and video
LOL I think I am studying too hard, I though David just called me out to an Internet brawl lol
lol... I'm too old for a fight :)
@@davidbombal Me too David
Are we just going to ignore the fact that he says 'the movie mr. robot'
yup he must have missed the series
It's just South African vernacular.
I'd trust a usb drive more than him after that
Scrolled to check for this comment before I typed the same thing. That glaring error completely made me lose interest
He speaks a lot of Mistakes
Thanks for the tutorial.
Awesome content, but I think it would’ve been great if you showed us how this is done from 2 separate networks instead of doing it internally which makes it easier to get into the “remote” machine.
"don't just plug any device" - Don't use any computer at all
I would love just a tiny drop of Dave's knowledge, he's got so many weapons in is arsenal to use were and when he wants. Thank you for your videos. I recently purchased a usb win 10 boot pen drive, so I could put windows 10 on my Lenovo yoga, but keep my files ect. It now will not boot from bios to windows loading screen. I've tried Legacy mode and still now joy. Any help would be greatly appreciated. Thank you.
Never quit and learn something new every day
I actually use a couple of those Ducky drives to help me enroll Chromebooks. Quite useful when you have to enroll a couple pallets of 300 devices all by your lonesome onesies.
I'M SO GLAD YOU GUYS ARE REAL HACKERS. YOU SEEM IN SUCH A BETTER SKILL *BRAVE CYBER* IT'S GREAT TO SEE IT
Okay, now i hope you make a video explaining how to kill or avoid the powerllshell process that is running on the infected laptop after pluging in the usb.
i just need to type on my kali and plug the usb on the pc target and that's it???
There are several ways you easily can safeguard yourself. But the average user is clueless.
Disable autostart from USB. Simple
@@Trantarok ohh ok thanks
@@Trantarok How can I disable it? Help a brother out?
Awesome as always David!
Got Rubber Ducky, however I wouldn't 'toss it' on the street for someone to pick it up. Not at $45 a piece..:)
If I may suggest, it would be batter to show your audience how to use an ordinary (inexpensive) 'stick' and set it up as 'Rubber Ducky'.
Keep up the good work!
Thats y i made my own piece worth 5$ but still cant drop it on the street as I am not able to host Kali Linux Server as would be a huge cyber crime and my Public IP Address will get traced in no time by the ISP :(
@@rasheedmalik6594 no comment..:)
Plus, you would have to provide written instruction on how to disable Windows Defender before plugging the Rubber Ducky in, something David clearly forgot to mention.
@@ner0p Windows Defender does not flag the Rubber Ducky. It abuses the HID trust relationship with most OS
Awesome!
👏🏾👏🏾👏🏾👏🏾👏🏾
Note: I counted how many seconds it takes to hack when the USB drive is plugged in. 5 seconds.
but did you notice that he is controlling that laptop?
Why are so many robloxians watching this video?
Cool, I will never trust a USB drive again!
Not until one labelled "Wages 2021" is dropped in the car park at your workplace 😅
Great demo and PSA.
Mr. Robot is a TV series, not movie.
Mr. David bombal your amazing man!
😁Just discovered that the kid is wearing a South African t-shirt, my home country 😊
Not only is it important not to use a USB device from an unknown source the same discipline should be applied to USB cords and power supplies that connect to a USB-C or other interface like a phone. It is crazy that nefarious actors actually will PWN your machine in this manner, but it happens everyday. Constantly practice EXCELLENT Cyber-Security OP=SEC. Be aware that these people do not care about you or your cause, they only care about there capabilities to make money off of your gullibility and vulnerabilities.
Case in point, I asked a major hotel hosting a conference in Anaheim California I was attending if they had any USB power bricks or cords that I could use. The Front Desk is only happy to oblige and came out from the back room with a clear plastic bin containing dozens of cords and power-bricks that had been left and never retrieved by the owners. Two of those cords that I tested and one power-brick ran scripts when plugged into a Windows 10 laptop. When I dual booted into Linux one of those cords and the power-brick both ran scripts in Linux.
It is crazy that people will blindly trust a connection device that is not theirs while on the road simply out of need and urgency. Always be vigilant, always verify then trust when it comes to these devices. Always use a trusted VPN when on the road. Do not plug into LAN ports in the room as these are notoriously points that can be hacked and the evidence hidden behind the wall-plate.
Thanks for sharing! That is a great example :)
Or, much more convenient, whenever on the road, use whatever connection you can find. Just consider it as being likely comprised. Anyway, it doesn't help you much using the hotel WiFi rather than LAN....Because I'm in the room next door to yours.
The simple fact is, most people don't even know that these types of devices exist. It's not really "crazy that people will blindly trust a connection device that is not theirs while on the road simply out of need and urgency." I mean, you said it yourself...need and urgency. If you're in a hurry it is pretty easy to get a little careless. Especially if you're unaware of the dangers that you face. The ignorance of the average person is the main reason scams and script kiddies are successful.
thank you very much sir
8 minute video with two sentences on autorepeat. Just lovely
I'd put it into an old laptop, yes. Especially if that old laptop is disposable to me.
can u do a step by step including everything plz i'm new
Great video proud of you
I can tell that accent from a mile away, howzit from Aoteroa New Zealand. We are allowed to use USB's at my polytechnics' library. I thought that they were risking it but its a pretty honest country.
: NEVER JUST PLUG A USB into your computer!
: Watch me OWN this system in SECONDS!
: Want to buy a USB from ME? 😉
🤔😂🤣😅
Hahah it sounds like scam 😅
Am I the only one who would like a in depth review of this “hacking technique” ???
No am here too
Me as well
Just buy the rubber ducky from Hak5 and load a script... that is just what he did
Hack the box's beginner boxes teach reverse shell
I meant starting points. The first 2 starting points end in two styles of reverse shell scripts, one vs Linux, one vs windows
It's like: "Hey, wow. There's a bag of pills here. Let's take one."
But I'm asking my boss to try this in the place I work in.
See if our users, and probably visitors, do.
This is so cool!
It took me 4 minute to realise that he is using his left hand for mouse and right hand for keyboard
probably had to use left hand because he placed that laptop on his right side
Both handed?
Last time I plugged in a random thumb drive, my centrifuges started vibrating and spinning faster... weird coincide
Let me guess you work in some nuclear facility
@@arthurmaciel9893 I did but the facility fell apart
Thanks this is best info
Excellent !!!
I guess you could still just test the USB on Kali Linux live.
Using a VM would be a smarter idea ;-)
David sir........i am from india....love from india....truely i am saying that sir u and network chuck(i don't know the name) and the biggest reasons for which i am fascinated for IT.....i want to become a cybersecurity guy...can u help me sir.........i have not seen teachers like u and network chuck.......hope i be a student of yours forever.....😍😍😍
Don't you want a son from him?
Thank you! Never give up on your dreams!
@@serviodiaz4425 Why you have one son from him? WOW! THAT'S NICE. WHAT IS THE NAME OF YOUR SON?
CONGRATS!! HAPPY FOR YOU
FROM INDIA
David has some amazing courses on Udemy. U might have to check them out.
I have been following him for sometimes now.
@@davidbombal thank u sir.....for such beautiful words.......🙏🙏
Good job david
Good you know this stuff. 👍
Will the attacker continue to have access even when the user restarts the laptop? Can the powershell be run automatically after startup?
You can make it do whatever a user with a keyboard can do.
You surely heard about Task Scheduler. Attacker can create a new task which is enable with start of Windows.
So yes, its possible to have an access even after restart.
and how the person get out of this?
@@georgedelgado8403 well, you can list all of the scheduled tasks with command "schtasks query", check for unusual folders and task names. Once you detect that task you can delete. In addition to that if you want to know the attacker's ip address, you can use wireshark to observe your outgoing network requests
@@Omer-tq3op Pretty sure if someone is picking up random USB drives, they don't know wireshark