thedeadhand54 Posted August 29, 2016 Share Posted August 29, 2016 Is there a reason why hid attacks dont use copy and past? Like open cmd /open notepad /open txt from usb/ copy/ past to cmd/ ? is there a possibility that AV would detect the malicious code in the clipboard? Thanks -- lost my old account -thedeadhand Quote Link to comment Share on other sites More sharing options...
anode Posted September 1, 2016 Share Posted September 1, 2016 Just echo'ing to a file is as easy and less visually 'flashy' Quote Link to comment Share on other sites More sharing options...
digip Posted September 4, 2016 Share Posted September 4, 2016 most of the payloads are commands run in the console. you could program the ducky to open notepad and type for you, sure, but for what reason? Part of the purpose is stealth and be as quick as possible, and also if you need USC bypass or such, executing on the down low. We're not saving commands and then running them later, it runs on the fly doing what you task it to do. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.