USB device that will enable HTTP/HTTPS access

[Dori Bashan]

Hello

for internal Pentesting, we are looking for a USB device that once placed inside a computer, will enbale HTTP/HTTPS access to the LAN that the compter is connected to.

any one knows if such a product exsits?

 

Cheers

[Flatlinebb]

Can you give us some more details, or what you are trying to test/accomplish? Does it have to go inside a computer, or can it be plugged into the external USB ports? Does it have to be USB, or can it be a networked device? HTTP/HTTPS access to the LAN is a little ambiguous as well. Are you just trying to encrypt traffic between a computer and the rest of the network?

[Dori Bashan]

Hi

sorry for the late reply.

we want to test accsses to internal web page (managment console)  by HTTP/HTTPS from a USB device.

to make sure that such a device, when plugged into a USB port of a computer on the LAN will not be able to accses to this console.

 

 

 

[Flatlinebb]

If you are concerned with how USB devices are used on the computers in your network, then disable access to the USB ports. On most business-class computers, you can disable USB ports in the BIOS, or using Group Policy (I think) if you have a Windows domain environment. Some antivirus programs also allow you control to USB ports, or manage which types of devices can be used in them. I know Sophos and ESET do for a fact. Glueing the ports shut also works. Or, use some firewall rules to restrict access to the website. I'm sure others on this forum can come up with some other good ideas.

As far as a device that could do even that, the Rubber Ducky comes to mind.

[Dori Bashan]

Thanks!