android or usb (rubber ducky) or similar to login to pc?

[Martinus101]

As I get myself familiair to hacking topics (just for the sake of knowledge), I was wondering what is the preffered way to login to any pc.

I have read articles about the usb rubber ducky, which can act as a keyboard to bypass security if USB ports are not blocked. A cool topic and possibility by the way. But I could not find this in the Netherlands, where I live.

I also read up about normal usb, but since autorun is not always enabled, any script on it is not foolproof.

Now I installed USB Cleaver just to test it and it let me bypass the windows 7 login because I just have to control it from the android phone, which is cool.

I started to read about Backtrack from usb as well. Some cool things you can do form there. But is all of the things explained not possible from the command prompt in windows?

Also I would like to get some info why the USB rubber ducky, or for that reason, any other program or device is more usefull and better.

Love to hear your responses.

[digip]

Thing to understand about the Ducky, is its not a thumb drive in the typical sense of a storage device, such as a regular USB drive that you might install something such as BackTrack on for example, or store all your pictures on. It does have storage, in the form of a small, micro SD card, which is used to house your payloads, since the Ducky, is seen by the PC as a HID device, or basically, a Human Interface Device, such as a keyboard, mouse, wacom pen or other cursor moving device or keyboard input type of device.

So with respect to payloads, what you can do, is write Ducky scripts. These are basic, plain text codes, that mimic keystrokes, and the syntax and language is very user friendly and easy to learn. By putting your payload on the Duck, and then inserting it into a USB port, you press a button on the Duck, that tells it to type. It then just sends the sequence of keystrokes to the machine, so even if Auto-Run is disabled, it just sends the give key strokes you tell it to.

Lets see how this works in as an attack vector. On your micro-sd card of the Duck, you may have a payload for Windows, Mac OSX, or Linux. With some usb OTG cables you can even target tablets and phones. Now, when plugged into a machine, you can press the button on the Duck, and send keystrokes to any OS, which depending on you attack vector, will run whatever commands you sent it. Window for example, if someone at a coffee shop, or business left their machine unattended, and was logged on, you plug in the Duck, press the button, and could say, add a new admin user, enable RDP, change their DNS settings to use your own, unplug and walk away. Then, when at home, any time they looked up a website, they'd run through your DNS servers, whcih shows you their IP, and if not behind NAT, you could then RDP into their machine with the new user credentials you added and RDP settings you enabled.

With respect to something like BackTrack installed on a normal USB drive, you would basically boot off of it, as if it were the main OS, and you then have access to the persons HDD, for which you can do all sorts of things with tools on it, such as dump the SAM database, copy files off the system, etc.

So they are two, quite different things, each with their own purpose for what you would use them for. Darren recently covered an episode using the Duck, to brute force the login on an Android phone(I believe was an android, might have been an iPhone, forget), but you should now have a general idea what the differences are and how they can be used.

https://github.com/hak5darren/USB-Rubber-Ducky/wiki

http://code.google.com/p/ducky-decode/w/list

http://www.iducke.com/Encoder/IDE

[Martinus101]

Hi, thanks for your info. I was reading and understand why it is there. But is anyone able to answer this for me:

1. The rubber ducky is a powerful tool, for example to bypass the login of a smart phone. Which is cool when you "forget" the pin. And of course you can use it on pc. Which makes it even more powerful.
   
2. The backtrack on normal usb will be detected I think. or not?
   
3. What about the android phone connect to a pc through usb cable? So far I tried it on several pc's and the pc did not come up with any detection... in that case I would already have my processor and keyboard at hand. Or do I see this wrong?
   
4. The mentioned USB Cleaver apk says it can pull out data this way easy. I did not try because I do not see much topics about it so I am holding myself from trying it.

Thanks

[digip]

Hi, thanks for your info. I was reading and understand why it is there. But is anyone able to answer this for me:

1. The rubber ducky is a powerful tool, for example to bypass the login of a smart phone. Which is cool when you "forget" the pin. And of course you can use it on pc. Which makes it even more powerful.

2. The backtrack on normal usb will be detected I think. or not?

3. What about the android phone connect to a pc through usb cable? So far I tried it on several pc's and the pc did not come up with any detection... in that case I would already have my processor and keyboard at hand. Or do I see this wrong?

4. The mentioned USB Cleaver apk says it can pull out data this way easy. I did not try because I do not see much topics about it so I am holding myself from trying it.

Thanks

1 - If you write a script with all possible pin code combinations then yes, you can do that for a smart phone. Some phones, would be easier to just use tools like @kos has for using OTG cables between two phones to bypass security or attack them. Ducky is a bit slow and meant more for quick insert, send payload, pull and go.

2 - Booting off backtrack, as in plug it in before machine is on, then boot off BackTrack, you are IN backtrack, nothing to be detected by Windows, since you aren't booted into Windows. Physical access and booting off any other OS, BT or otherwise, gives you access to the HDD's and files, unless its an encrypted file system. So an anti-virus won't pick it up when booting off it. BackTrack isn't a program you run while plugged into a running machine, so I think you kind of have that scenario different in your mind how that works.

3 - You can connect phones to a PC, which for most of them, are only seen as mass storage devices to pull images or music files on/off, etc, or to update say an iPhone, with updates via iTunes. Its not to say you can't have something to attack the PC from the phone though, which if you look at my answer for #1, kind of same thing.

4 - Never heard of it, but thats something you'd have to research on your own. Just know that a lot of the stuff for Android, usually contains malware unless you know who wrote it and its been fully tested by others who've confirmed it safe, so using it, would be at your own risk, and you might just get rooted in installing it alone, I've no clue, since I've never even heard of it.