CnetExpo Posted March 9, 2017 Share Posted March 9, 2017 Other then a a separate shell, what makes this better then a couple duckys? It has 8gb of storage and two states of attack which cut the storage more, just curious what ppl have to say about this device not having native support for extra memory, is it an issue? Forget the shell for a min how is this better then a couple duckys? Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted March 9, 2017 Share Posted March 9, 2017 The Bash Bunny differs from the USB Rubber Ducky in a number of ways. While it's compatible with Ducky Script and supports a HID attack mode, that's only one of the 5 current attack vectors it supports. The USB Rubber Ducky is capable of executing payloads faster than the Bash Bunny (0.1 seconds vs 7 seconds). It's also more economically (less than half the cost thanks to economies of scale). And very importantly, the USB Rubber Ducky is far more covert (with its generic flash drive case). For social engineering ops, USB drops and attacks which require the target to plug in the drive, I'd say the USB Rubber Ducky will continue to be the gold standard. But don't take my word for it - just ask the CIA ;) #HarpyEagle https://wikileaks.org/ciav7p1/cms/page_20873532.html 2 Quote Link to comment Share on other sites More sharing options...
CnetExpo Posted March 9, 2017 Author Share Posted March 9, 2017 I will take your word for 1 of 5 ?. I would like to hear more from users between the difference and not just a wiki spec. And cool marketing vid. I'm really interested. And thank you for your quick response. Quote Link to comment Share on other sites More sharing options...
incendiarySolution Posted March 9, 2017 Share Posted March 9, 2017 (edited) I can have multiple payloads that I can swap on the fly without having to organize with a bunch of duckies. I can improvise based on the needs of the operation. In theory, I can have the bunbun react to the situation because it has some thought power behind what it's doing. In theory, I could decrypt hashes and modify my attack vector in front of the machine without having to make a second pass at the target. Besides, go try and run a webserver on a Ducky. Let me know how that works out for you. One runs Linux, the other is a microcontroller. Edited March 9, 2017 by incendiarySolution added Snark Quote Link to comment Share on other sites More sharing options...
Black_chameleon Posted March 9, 2017 Share Posted March 9, 2017 3 hours ago, Darren Kitchen said: The Bash Bunny differs from the USB Rubber Ducky in a number of ways. While it's compatible with Ducky Script and supports a HID attack mode, that's only one of the 5 current attack vectors it supports. The USB Rubber Ducky is capable of executing payloads faster than the Bash Bunny (0.1 seconds vs 7 seconds). It's also more economically (less than half the cost thanks to economies of scale). And very importantly, the USB Rubber Ducky is far more covert (with its generic flash drive case). For social engineering ops, USB drops and attacks which require the target to plug in the drive, I'd say the USB Rubber Ducky will continue to be the gold standard. But don't take my word for it - just ask the CIA ;) #HarpyEagle https://wikileaks.org/ciav7p1/cms/page_20873532.html " The USBRubberDucky is well crafted both through its software and hardware. The software has a nice interface for users and comes with a good amount of documentation/examples online. " Congratulations Darren! What a glowing endorsement! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.