I will own you in 3 seconds. Never do this!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

do you trust a usb thumb drive such as this one would you plug it into your computer if i gave it to you or if you picked it up zebra what are we doing today how long does it take for us to take control of a computer three three seconds is that all so we're going to show you in this video why you should never ever just put some random usb stick or thumb drive into your computer it only takes three seconds just like in the movie mr robot if you found a usb thumb drive would you plug it into your computer so as an example if you found it in the parking lot would you plug it in to your computer or if you picked it up somewhere would you plug it into your computer perhaps you've gone to a computer trade show or some other trade show and they're giving out usb thumb drives would you plug this in it's a really bad idea to plug in unknown usb thumb drives especially if you just picked it up in the parking lot of your company let me show you why it's a really bad idea to do this this looks just like any normal usb thumb drive but notice what it's going to do i'm running a web server on my kali linux or kali linux vm here this could however be hosted in the cloud i'm running a simple web server and i'm running an application called netcat that allows me to run a reverse shell attack notice what happens when i plug this in i'm going to plug it in just like any other normal usb thumb drive something happened i don't know if you noticed that it went very quickly we saw something happen and then it disappeared now literally within a few seconds i have control of this laptop using this usb thumb drive because what's happened is that computer has opened up a session to my web server and it's downloaded a powershell script that allows me to have a reverse shell connection to the laptop so on my kali linux server if i type who am i notice it says asus windows 10 david that's the user on this laptop i'll move this a bit closer so that you can see that on the camera as well so i can type a command such as dr can see a bunch of stuff cd root dir this is the directory of the c drive on that computer i'm viewing the c drive of that computer now i can send commands to this computer to get it to do almost anything so notice what's going to happen i'm going to paste a command into my kali linux server this is netcat that's actually got a reverse shell to this laptop and i'm going to press enter now and notice on the laptop something happens i'm not touching the laptop something happens i've got it to open up a web browser and browse to my youtube channel so just by typing a command within kali i've been able to get the laptop to do something i'll kill that task so i'm going to kill chrome now notice chrome is dead what i'll do is start notepad on that laptop i'm just showing you some basic examples here i mean you could get it to do almost anything let's kill notepad so i'll paste my command in notepad is being killed i'm not touching this laptop but i'm remotely controlling it using a reverse shell i'm actually running powershell in the background on this laptop and i'll show you that in a moment let's have some fun so what i'll do now is start a web browser and point it to a png file that i've found on the internet so i'm going to get this to browse to some server on the internet and display a web page basically i've got it to display a blue screen of death it's not an actual blue screen of death it's simply a png file or a graphics file hosted by a company on the internet so i'm controlling this laptop and getting it to browse to a website on the internet let's kill chrome again there it's gone but notice i'm controlling this laptop i can get it to do almost anything as an example i could get it to create a file so i'll connect to the laptop using remote desktop what you'll see on the temp directory of this laptop is there's no file there but what i'm going to do is create a file on that laptop remotely so i'll paste in something and on the laptop notice there's a text file and i've written some code to it so i've been able to remotely create a file on this laptop now what's happening in this laptop actually is and i'll show you this by opening up task manager is i've managed to run powershell as a hidden process on the laptop so powershell is running here but i hid it so when i started the attack basically the rubber ducky and that's what this thumb drive actually is i programmed this to send commands to the laptop this is basically emulating a keyboard and sending keystrokes to the computer as if someone had typed it but it literally only takes a few seconds to run this attack so i'll kill powershell here and i'll just run the attack again so on my kali linux server i'm running netcat netcat is really powerful software allows you to do something like this where i've got a reverse shell connection to a laptop or a device i'm running a web server notice how long this attack takes takes a few seconds plug this in something happens you see something happening now there's a connection to kali that's been done now so in that short amount of time i've been able to launch a remote shell to this laptop so again back in cali if i type who am i you can see i'm connected to that laptop cd root drr you can see the temp directory on the laptop you can see the other windows programs on that laptop and just to make the point once again i'll start chrome on that laptop and get to the laptop to go to my youtube channel now this kind of attack works not just with windows but with other operating systems as well so it could also be used to attack a mac as an example it's not just a windows attack i just use windows in this example don't ever just plug in some usb thumb drive into your computer in a separate video which i've linked here and below i showed you the omg cable and how is able to launch attacks using the omg cable an omg cable like this and the usb rubber ducky basically use the same language you can program them to launch all kinds of attacks now in the other video i showed you how to use the omg cable to copy all wi-fi passwords to a web server in this example i've used the usb rubber ducky to do a reverse shell and take control of a laptop don't just plug any device into your computer now if you enjoyed this video please like it please consider subscribing to my youtube channel and please click on the bell to get notifications when i upload a new video in subsequent videos i'm going to show you how to set up the usb rubber ducky i'll show you all the steps to get this configured with various payloads so that you can launch attacks in a similar way to what i've demonstrated in this video i'm david bumble want to wish you all the very best [Music] it's

Info

Channel: David Bombal

Views: 1,309,378

Rating: undefined out of 5

Keywords: kali linux, kali linux tutorial, kali linux install, kali linux hacking tutorials playlist, kali linux basics, kali linux tutorial for beginners, kali linux 2019, kali linux 2020, kali linux hacking tutorials, ethical hacking, ethical hacking tutorial, ethical hacking free course, ethical hacking course, how to become a hacker, ccna, ccna 200-301, linux tutorial, kali linux virtualbox, ceh, oscp, hacker, hacking, blackhat hacker, cisco training, ine, ccna study, kali, wifi

Id: t9C6tXQg0vg

Channel Id: undefined

Length: 8min 47sec (527 seconds)

Published: Fri Oct 02 2020