Search the Community
Showing results for tags 'mass storage'.
Found 3 results
Introducing the latest Composite Firmware - Codename : The Twin Duck The Ducky primarily acts as a USB Mass Storage Device, and on a click of the button will start emulating a Keyboard. Its multi-OS, multi-lingual and comes in three flavours: c_duck_v2.hex - Supports DuckyScript as HID payload, triggered automatically and on GPIO (limited instructions) c_duck_v2_S001.hex - Triggered on CAPS/NUM/SCROLL LOCK c_duck_v2_S002.hex - Triggered on Ducky's GPIO only! Depending on your circumstances, you may want to use either one of these available firmwares. Downloads http://code.google.c.../downloads/list Please test and post feedback here. Snake
Hey guys, New to the forums, I have been playing with the bash bunny and so far I really think it rocks! One feature I would like to have is the option for a three device attack; HID, Mass Storage and RO Mass Storage. 1- HID for attack execution 2- Mass Storage for logging of attack result 3- RO Mass Storage for tools, such as installers etc Is this possible?
VincBreaker posted a topic in Bash BunnyHi there, I got my bunny today and while developing a payload to drop my meterpreter onto the computer, it actually got detected by my AV and deleted from the storage. At that point, I remembered a pretty boring defcon talk I once saw showing a device able to block every write / delete on an usb stick. Further it allowed to filter the data to get passed to the os so you can ultimatively hide any files until you need them which can be especially useful when you have a stick with multiple exploits / payloads on it and some of them may trigger the AV but are not necesserily needed at one stage or your usb stick get's checked when walking into a facility while pentesting (actually happened to me once :/). So I'm kindly requesting an extension to the API which: Allows to block every write to the usb stick. Allows to filter every read / write from / to the storage. I would suggest the visitor pattern, but I guess it is not compatible to bash :( Yours sincerely, VincBreaker