Thanks for this cool idea. I have an invention that I need some help on. I was wondering if you had any knowledge on a device that can shut down a computer using radio frequency or something similar. This has huge potential and I am looking for a capable partner. Thank you
You have a decade over me but even I , have a hard time keeping up. It helps when you are the nerdy type. That's why my friends of your age , call me for computer/technology questions.
I was born in the in 1990 on an island with no electricity until I was 4 then i moved to the United States. It's crazy I remember not even having electricity to the crazy stuff we have now and knowing the endless possibilities in the future.
Not exactly. Where I was born my mother did laundry by hand and anything in the house was about the same things that someone in the US would've had in the 1700 to 1800. We did have boats with engines and when we would go to places such as the resort my mother worked at then we would see modern things like electricity and TV and a fridge. But on the island we lived on and there were only about 6 to 7 families who had generators that would use them once a week to power tvs and people from around the village would come in to see the tv. It was strange how people walked right thru our houses like that but that was because u literally knew everyone maybe 5 to 600 people in the village total. When I turned 4 I remember the mayor coming to the island to tell everyone the electricity was going to be turned on but only on Saturday from 12 to 2 that's it lol.
I needed to do a security presentation and I handed the lead a bad USB they plugged into their laptop, which changed the background to a Star Wars Sith. Made a great impact and made people laugh. That's when I pointed out the risks in plugging in random USB devices.
I actually bought one of these about two years ago, for this exact purpose. Altough I made mine with a rick-roll script, just so that I could have it on my keychain and plug it in to public PC's :)
please help me to hack this account . because someone using sexual harrastment. this account please help me to hack this account . because someone using sexual harrastment.
Thanks Heath, one project to look into. Let's test out employees, to see who will bite and plug in some USB from the parking lot. The script can be modified to send also the computer user's name and workstation's, I assume. Just adding the corresponding PowerShell cmdlet and modify the string sent to webhook. This is going to be epic. Thanks a lot!
@@viciousmagician4567 What's dumb about it? Would you rather discover your staff have plugged in a random USB when your system gets infected with ransomware? I honestly don't get it - he's writing the code and leaving it, if an employee is doing that sort of thing it's going to happen regardless of whether it was your USB. Atleast this say it isn't malicious
This is dependent upon PowerShell not being disabled through group policy. If be willing that most companies with dedicated IT staff do not allow PowerShell to run on user machines.
Works great, had to modify a few things, if I opened the smallest cmd window, the output was not formatting nicely, but all good. Also took for ever to figure out where that %temp% dir was... fun to play with. Amazing what you can get for 5 bucks. thanks for the video, very simply put / explained. Made it easy.
@@0xkoko449 I haven't played with this in a while and honestly I don't recall any info about the %temp% directory... or where it is... just keep looking you will find it.. :)
They're so cute. Update: just made one, thing rocks, so cute works great, no issues, there are never no issues for me! Your 3d case looks nice as well :)
I sure am glad you put a link to the ATtiny85 because the CC kept putting 80 tiny 85 since that is what it sounded like you were saying. I will say, you have the best documentation of anyone I have seen on RUclips. I expect that from watching your video on why someone shouldn't be a Pen Tester. Bravo! Documentation is key to being an ethical hacker (after permission of course). Besides, if you don't document the findings, how would you prove there is a vulnerability.
Just bought a 5 pack! Still less than $20 at the moment. I have a ton of Hak5 tools, but if I can play around with Arduino + create something cool I'm down!
i have one of these. unfortunately if i steal the wifi password at work they will find out if a new device connects to it and hunt them down. someone setup their own router at work and got fired the next day.
This video was exactly what I was looking for dude. Thank you so much for posting this priceless information. I’ll be setting my attiny85 up as soon as they are delivered.
Man you are the best . I bought your practical hacking course . It is the best hacking course i had done in my life . Hey a quick request can you make a video how to make a omg cable using one of these .???
Awesome to see you are getting into hardware as well! I just order a rubber ducky, before your video came out, but I was reading that this kind of "attacks" are not an issue anymore since windows defender catch them regularly, any input on it?
As far as i know (i might be wrong) . Windows 10 update I cant remember the correct number made it impossible, unless windows defender is disabled, then you're free to go.
These are recognized as a USB keyboard when plugged in. WinDef doesn't see that as a threat. Now, if the PC is set up with high level admin privs (which most don't) to require an admin password even for plugging in a new USB mouse/keyboard, then this wont work. Other than that, theres no stopping it.
That seems to be the cheapest and easiest method for keyboard data stuffing now. We will be authenticating keyboards soon, I bet. I’m surprised it hasn’t happened already.
There is a simpler way. Get yourself a 2GB USB & use a compiled(exe) python script to get all the WiFi password stored on the PC and save it to a txt file in an cryptographic encryption where you are the only person with the key to decrypt it. You have to plug the USB and run the script manually but it is much faster, gets done in around 3 to 5 seconds.
I love your videos. Any advice for a new creator on publishing offensive security related tutorials without getting them pulled down? My intentions are good, I simply want to provide educational and informative content about offensive security, like you do. One of my recent videos was pulled down, it was a android hacking tutorial. Any advice would be greatly appreciated. Thanks!
Man you can learn and achiev within short time as long as you have motivation and desire to learn Get it skill like A+ ccna or n+ Linux and go ahead like that pick some programming language like python bash and power shell hit the road and start researching how you can join to this industry
Don't get too excited. Doesn't connect remotely. You need unsupervised access to the running target PC, to physically plug it in and retrieve it. Maybe wait 20 secs while it works. Though I suppose at that price you could just abandon it. And modern Windows may still block it. I know nothing other than having watched this video closely. Having been surprised at the clickbait title. Tiny Arduino thingies look fun, though. So it wont really help you to parasitise your neighbours wifi. Main no (low?) criminality use. For backup when yours goes down. BTfon was best, but they broke their word, and killed it.
yup, and this is why I use MAC authentication. It may be a pain to get every mac on the network but definitely fun when you hear stories of previous guess trying to get on your wifi and failing because you removed them when they left.
It won't help. I think that command also logs the MAC. So someone just has to set that MAC on his network device. But still a good idea to restrict access via MAC
What a great project!! I'll definately be giving that a go. I am correct in saying this will only run if I connect it to windows systems or if I search will I also find a linux variant?
Great video! OK, you got me thinking but I'm working on too many projects right now to try it now but what if... Invoke one web request to get the payload code then a second web request to save/rename the file then execute it? Maybe too noisy that way. Just a thought.
Dear Mr. Mentor, I really enjoy your tutorials. But if you could, maybe get a better mic., or eq some of the mids out, you come across very "clicky" and too bright. Just a friendly suggestion 😐
Every USB device has a controller on the board - telling the PC its connected to what it is. This allows the computer to know which permissions a device should have. For USB Flash Drives, the device would tell the PC that its a storage device - that way the PC knows to assign it a drive letter (if you're on Windows) or be able to mount it (if you're on Mac/Linux) as well as make the device appear as a folder to you - the user. Mice and keyboards however are programmed to be a Human Interface Device - so the computer gives them permissions to move the on-screen mouse or make keyboard inputs. This ATtiny has an HID controller, so an unsuspecting device would assume that its yet another keyboard and not raise any suspicion when the ATtiny starts making the computer write out lines of code.
Have you seen any errors with reuploading after you uploaded the first script because mine is failing to upload changes but keeps running the uploaded script ... And Great video ... Thanks
What a good video, thank you so much. One question for you what kind of 3d printer did you purchase ? I been window shopping them and was curious. and again thank you for the video.
The only problem with this approach or hardware is that once you have flashed the payload and you want to edit it, it will start running payload as soon as you insert the device. So editing the payload becomes difficult.
I was just about to ask: How do you change the payload on this type of USB without running the attack on yourself. There's no button on it to go into programming mode.
I got the answer!!! you need to put the new script on arduino IDE and then verify and upload it. After that timer shows, just plug in the chip. Here the trick is that you don't plug in the chip before.
@@epicsmoke8597 Wait seriously, that's all it takes? Why would it not execute its pre-existing payload (the one you're trying to replace) if the IDE is running?
If I am understanding correctly, this simply reads the password then on the target PC since the USB is treated as a trusted device? It is not effectively brute forcing the password? So a 64 character password would be cracked in as much time as a 8 character one correct?
Correct - however the USB doesn’t even need to be seen as a trusted device. The USB essentially just types a powershell command in which the computer sees as just a normal user typing the powershell command in (you can try just using the command yourself) and copies whatever it gets back over to the the webpage as a post request
Its the first time ive seen any of your vids and ive decided i dont know you for shit so im not going to hate you but i will stand back and watch you every chance i get.
I remember learning about this!! I learned how to pull up the command prompt and do this manually... I'm sure this can be done without the "rubber ducky" but hey it's still dope
you mean netsh wlan show profile? if only u can use someone's laptop/pc. but with this thing i guess u don't need to unlock someone's /laptop/pc you just have to turn in on and plug it in.
Gave away my kids as instructed. May have messed up. Currently posting from jail. How do I get out? I notice it wasn't mentioned in the video. Can i go back?
This seems to not work at all on my windows 11 laptop, I plug it in and nothing at all happens. Also does not work on my girlfriends laptop. We both have an Acer Nitro 5. The weird thing is it seems to work fine on my desktop when I have wifi enabled? Does anyone have any ideas? EDIT- I just realized the laptop case will not allow the attiny85 to plug into the USB port all the way...works fine with an adapter though
I guess we have to send our thanks to Microsoft yet again for making it so easy to get all sensitive data from our PC with just few lines of Powershell script. Who needs complicated trojans/keyloggers that get discovered by our antivirus, while you can simply just use what Microsoft gives you on silver plate. Anyone knows if we can get logged in username and password as easy as that? I wouldn't be surprised if any of these big brains from MS came up with that idea as well.
thats possible as well, just a little more complicated. First you need to imitate a ethernet cable instead of an HID device like shown in the video, capture transferred password hashes, crack them, switch to HID mode and type in the username and password. Of course this is a little simplified and some steps are more complex like the hash cracking but it is doable
Hi I have a challenge for you. It’s tricky, maybe too complicated, in a different language than English it doesn’t pay much but it does involve righting a wrong done. Are you interested to help?
2nd comment. Recommendations on how to better secure wifi to prevent intrusion by neighbors or....big brother...beyond having long-string passwords and secondary routers (or just not using wifi altogether?)
Hypothetical here, if I were to find an Attiny85 on the ground would I be able to see the code last programmed into the device without executing the program?
Wouldn't you have to be connected to the wifi that your trying to steal? If so then all I would have to do is plug the rubber ducky into a pc that is connected to the wifi, right?
He said that was to prevent the commands overwriting each other which would cause them to fail. I'm sure you could definitely tune them down to be even more precise though to accomplish exactly what you're saying.
When this runs on a host machine with it's keyboard configured to write in Spanish, the commands are all wrong. I'm trying to find a way to fix this but i'm not having much success. It seems that the payload sends the right keystrokes for English keyboards, which results in wrong input for both the OS and the CMD terminal on OSs with, for example, spanish keyboards. Any workaround you might already know?
nevermind im stupid, tried plugging it into my pc, forgot im on ethernet and not wifi(my mobo does not have built in wifi) so ive never put in a password lmao
Great videos sir, I am so thankful to you not only for teaching us technical topics but also teaching us with the way of life. Great vedios God bless you
Yup, and this is why I not only use WiFi passwords, I do not let others use my equipment that I do not know. Now, if you set your WiFi Router to use "Mac Address Filtering" and only give access to specific MAC addresses you've just added another layer of security. Even if the password is breached if the passwaord is breached you still will not be able to get onto the WiFi or directly connected via ethernet. I tried using this and my Trend Micro Antivirus kicked in and blocked it.
LOL! (Alice in Wonderland) One of my oldest Avatars was "Matt Hatter". ;) We studied both books (Through the Looking Glass) in my undergraduate law classes. Nice Ink!
A very interesting project. Thanks for sharing. To do the same project, these are what I need: ATtiny85, Arduino SDK, Digispark Drivers, WiFi password stealer code ? What's the alternative of ATtiny85 ?
Interesting video love watching cyber video's as a Cisco Network guy (CCNP) It's very helpful side note Is that a Bombardier T-Shit? Cool! I was a Bombardier at one time in The Royal Regiment of Artillery (British Army) left as a Sergeant
I hope you enjoyed this video! If so, please consider dropping a like and subscribing.
The product on amazon is not availbe
??
❤️🔥
Why can't I open these links
Thanks for this cool idea. I have an invention that I need some help on. I was wondering if you had any knowledge on a device that can shut down a computer using radio frequency or something similar. This has huge potential and I am looking for a capable partner. Thank you
I am 64 years old and all this technology is mind boggling. Now I know how my father felt when he was my age. Thank you for posting. Amazing.
You have a decade over me but even I , have a hard time keeping up. It helps when you are the nerdy type. That's why my friends of your age , call me for computer/technology questions.
I was born in the in 1990 on an island with no electricity until I was 4 then i moved to the United States. It's crazy I remember not even having electricity to the crazy stuff we have now and knowing the endless possibilities in the future.
Not exactly. Where I was born my mother did laundry by hand and anything in the house was about the same things that someone in the US would've had in the 1700 to 1800. We did have boats with engines and when we would go to places such as the resort my mother worked at then we would see modern things like electricity and TV and a fridge. But on the island we lived on and there were only about 6 to 7 families who had generators that would use them once a week to power tvs and people from around the village would come in to see the tv. It was strange how people walked right thru our houses like that but that was because u literally knew everyone maybe 5 to 600 people in the village total. When I turned 4 I remember the mayor coming to the island to tell everyone the electricity was going to be turned on but only on Saturday from 12 to 2 that's it lol.
Shoot I’m 31 and I’m not surprised by any of these technologies. I’m more impressed that Artificial intelligence hasn’t destroyed the world yet
64 years old? That’s a whole stack of diamonds.
I remember using it to change everyone's desktop wallpaper to sausages in the lab, lol
I wish I could learn more about this...
Can you please suggest me any article or something.... 🙏
@@impyy3521 thanks man 🙏🙏
I needed to do a security presentation and I handed the lead a bad USB they plugged into their laptop, which changed the background to a Star Wars Sith. Made a great impact and made people laugh. That's when I pointed out the risks in plugging in random USB devices.
@@fanuchman è na robba
Relatable
I actually bought one of these about two years ago, for this exact purpose.
Altough I made mine with a rick-roll script, just so that I could have it on my keychain and plug it in to public PC's :)
does that rick-roll script convert normal usb to rubber ducky??, if yes , is that script available on github??
@@suryadev4968 What do you mean by "convert"?
@@L4marca he wants to use a usb drive to be a “covert” but cheaper rubber ducky
Lmafao
please help me to hack this account . because someone using sexual harrastment.
this account please help me to hack this account . because someone using sexual harrastment.
It's people like you who keep me interested in programming. Thanks G
Was just about to buy those and needed a review since I was a little skeptic on the price. Your timing is perfect 🔥
ruclips.net/video/MYlIi2Zn-JE/видео.html
Nice profile pic
Your video just gave me the confidence to try this out. Always been nervous about ducky stuff because it wasn't explained well. Thank you
Thanks Heath, one project to look into.
Let's test out employees, to see who will bite and plug in some USB from the parking lot.
The script can be modified to send also the computer user's name and workstation's, I assume.
Just adding the corresponding PowerShell cmdlet and modify the string sent to webhook.
This is going to be epic.
Thanks a lot!
What a dumb ass thought to have
Label it "private collection"
How'd you go with this?
@@viciousmagician4567 What's dumb about it? Would you rather discover your staff have plugged in a random USB when your system gets infected with ransomware? I honestly don't get it - he's writing the code and leaving it, if an employee is doing that sort of thing it's going to happen regardless of whether it was your USB. Atleast this say it isn't malicious
This is dependent upon PowerShell not being disabled through group policy. If be willing that most companies with dedicated IT staff do not allow PowerShell to run on user machines.
Works great, had to modify a few things, if I opened the smallest cmd window, the output was not formatting nicely, but all good. Also took for ever to figure out where that %temp% dir was... fun to play with. Amazing what you can get for 5 bucks. thanks for the video, very simply put / explained. Made it easy.
What %temp% dir???
Trying for weeks to make it work and I just can’t find where all the user/password goes???
Driving me crazy
@@0xkoko449 I haven't played with this in a while and honestly I don't recall any info about the %temp% directory... or where it is... just keep looking you will find it.. :)
They're so cute.
Update: just made one, thing rocks, so cute works great, no issues, there are never no issues for me!
Your 3d case looks nice as well :)
I sure am glad you put a link to the ATtiny85 because the CC kept putting 80 tiny 85 since that is what it sounded like you were saying. I will say, you have the best documentation of anyone I have seen on RUclips. I expect that from watching your video on why someone shouldn't be a Pen Tester. Bravo! Documentation is key to being an ethical hacker (after permission of course). Besides, if you don't document the findings, how would you prove there is a vulnerability.
The savior of my stimmy. Thank you. I'm definitely giving this a go.
What is really amazing is the bad security of Windows.
Just bought a 5 pack! Still less than $20 at the moment. I have a ton of Hak5 tools, but if I can play around with Arduino + create something cool I'm down!
Recommend some tools please
Once again thanks so much, Heath. I really appreciate all the hard work you put in to helping mentor others.
i have one of these.
unfortunately if i steal the wifi password at work they will find out if a new device connects to it and hunt them down.
someone setup their own router at work and got fired the next day.
This video was exactly what I was looking for dude. Thank you so much for posting this priceless information. I’ll be setting my attiny85 up as soon as they are delivered.
"I recommend you do this for your own. Don't use mine, cos what if I'm watching you...?" 👀😱 Lol
Man you are the best .
I bought your practical hacking course . It is the best hacking course i had done in my life . Hey a quick request can you make a video how to make a omg cable using one of these .???
Awesome to see you are getting into hardware as well!
I just order a rubber ducky, before your video came out, but I was reading that this kind of "attacks" are not an issue anymore since windows defender catch them regularly, any input on it?
There are different ways to bypass windows defender
As far as i know (i might be wrong) . Windows 10 update I cant remember the correct number made it impossible, unless windows defender is disabled, then you're free to go.
These are recognized as a USB keyboard when plugged in. WinDef doesn't see that as a threat. Now, if the PC is set up with high level admin privs (which most don't) to require an admin password even for plugging in a new USB mouse/keyboard, then this wont work. Other than that, theres no stopping it.
@@iyeetpaste3797 You can disable the ability to run either powershell or cmd.exe in windows quite easily. That would stop it dead.
Think Grey. Simplicity will always triumph over latest greatest.
That seems to be the cheapest and easiest method for keyboard data stuffing now. We will be authenticating keyboards soon, I bet. I’m surprised it hasn’t happened already.
Imagine buying one of these. You plug it in and it steals your password because it was preprogrammed :D
😭😭😭
There is a simpler way.
Get yourself a 2GB USB & use a compiled(exe)
python script to get all the WiFi password stored on the PC and save it to a txt file in an cryptographic encryption where you are the only person with the key to decrypt it.
You have to plug the USB and run the script manually but it is much faster, gets done in around 3 to 5 seconds.
I love your videos. Any advice for a new creator on publishing offensive security related tutorials without getting them pulled down? My intentions are good, I simply want to provide educational and informative content about offensive security, like you do. One of my recent videos was pulled down, it was a android hacking tutorial. Any advice would be greatly appreciated. Thanks!
Happy new month bro, I love your channel.
I want to learn Ethical hacking fast.
You can't learn ethical hacking fast because it needs time and patience and lot of effort
Man you can learn and achiev within short time as long as you have motivation and desire to learn
Get it skill like A+ ccna or n+ Linux and go ahead like that pick some programming language like python bash and power shell hit the road and start researching how you can join to this industry
Fast is not a option, but just do your thing. If there is a will, there is a way!
;)
I will take my time to learn it.
@@abdiwahidahmed6826 thanks man
I'm thinking I should have other keystrokes saved for it to do, like a 20 minute delay, then open up a Rick Roll.
Thank you Windows for saving our WiFi passwords in plain text. Why not have an option to view and email them to the entire internet ? -_-
Don't get too excited.
Doesn't connect remotely.
You need unsupervised access to the running target PC, to physically plug it in and retrieve it.
Maybe wait 20 secs while it works.
Though I suppose at that price you could just abandon it.
And modern Windows may still block it.
I know nothing other than having watched this video closely.
Having been surprised at the clickbait title.
Tiny Arduino thingies look fun, though.
So it wont really help you to parasitise your neighbours wifi.
Main no (low?) criminality use. For backup when yours goes down.
BTfon was best, but they broke their word, and killed it.
I am a beginner so I love these cheaper smaller projects thank you
Cool you used to color your hair! Mines neon green. My wife’s is pink though. Love the sleeve!
yup, and this is why I use MAC authentication. It may be a pain to get every mac on the network but definitely fun when you hear stories of previous guess trying to get on your wifi and failing because you removed them when they left.
It won't help. I think that command also logs the MAC. So someone just has to set that MAC on his network device. But still a good idea to restrict access via MAC
So the requirement is physically insert the device. Why is this not made clear from the start?
Hope this question isn't to dumb, will this be able to get my pass word if I forgot mine? Also on apps that passwords are forgotten?
Definitely don't hate you, freaking love your content! Thanks!!!
Ah that one time I was thinking about how much I want them to be obedient to my ducky.
What a great project!! I'll definately be giving that a go. I am correct in saying this will only run if I connect it to windows systems or if I search will I also find a linux variant?
6 months late but for anyone else, there's GitHub repos with payloads for mac and Linux too
Did anyone run into an issue where, to choose a port number wasn't an option?
I have the same issue, were you able to solve it?
@@yamman4480 did u find solution
Love your videos, please don't stop making them
Great video! OK, you got me thinking but I'm working on too many projects right now to try it now but what if... Invoke one web request to get the payload code then a second web request to save/rename the file then execute it? Maybe too noisy that way. Just a thought.
This really does show how unsecure parts of Windows are.
Need the Alice In Wonderland video, tell us why you like it what's the backstory, what interests you...
Dear Mr. Mentor, I really enjoy your tutorials. But if you could, maybe get a better mic., or eq some of the mids out, you come across very "clicky" and too bright. Just a friendly suggestion 😐
Very true. It's an older video. Hopefully the newer stuff sounds better!
Why can't we use a normal USB instead of an ATtiny85 5-pack?
I am new to cybersecurity so plz don't be mad at my question.
Plz HELP
Every USB device has a controller on the board - telling the PC its connected to what it is. This allows the computer to know which permissions a device should have. For USB Flash Drives, the device would tell the PC that its a storage device - that way the PC knows to assign it a drive letter (if you're on Windows) or be able to mount it (if you're on Mac/Linux) as well as make the device appear as a folder to you - the user. Mice and keyboards however are programmed to be a Human Interface Device - so the computer gives them permissions to move the on-screen mouse or make keyboard inputs. This ATtiny has an HID controller, so an unsuspecting device would assume that its yet another keyboard and not raise any suspicion when the ATtiny starts making the computer write out lines of code.
Have you seen any errors with reuploading after you uploaded the first script because mine is failing to upload changes but keeps running the uploaded script ...
And Great video ...
Thanks
Many people mention this issue
So how do you protect your WiFi passwords.
What a good video, thank you so much. One question for you what kind of 3d printer did you purchase ? I been window shopping them and was curious. and again thank you for the video.
That little device needs to be plugged in the PC with already connected WIFI ?
i learned something new. how could anyone not like this vid. liked and subscribed
Can u hack someone WiFi on ur own Laptop or does it need to be someone elses?
The only problem with this approach or hardware is that once you have flashed the payload and you want to edit it, it will start running payload as soon as you insert the device. So editing the payload becomes difficult.
I was just about to ask: How do you change the payload on this type of USB without running the attack on yourself. There's no button on it to go into programming mode.
i have the same question...
can someone answer that?
I got the answer!!! you need to put the new script on arduino IDE and then verify and upload it. After that timer shows, just plug in the chip. Here the trick is that you don't plug in the chip before.
@@epicsmoke8597 Wait seriously, that's all it takes? Why would it not execute its pre-existing payload (the one you're trying to replace) if the IDE is running?
If I am understanding correctly, this simply reads the password then on the target PC since the USB is treated as a trusted device? It is not effectively brute forcing the password?
So a 64 character password would be cracked in as much time as a 8 character one correct?
Correct - however the USB doesn’t even need to be seen as a trusted device. The USB essentially just types a powershell command in which the computer sees as just a normal user typing the powershell command in (you can try just using the command yourself) and copies whatever it gets back over to the the webpage as a post request
@@SensoryPlayToys Thanks for the clarification. Crazy.
This is how a simple lamp can make you a criminal 😂
Its the first time ive seen any of your vids and ive decided i dont know you for shit so im not going to hate you but i will stand back and watch you every chance i get.
Would it be possible to replace the webhook with a discord one for security reasons
Digispark library doesn’t work anymore
Okay, so how do we protect ourselves?
I remember learning about this!! I learned how to pull up the command prompt and do this manually... I'm sure this can be done without the "rubber ducky" but hey it's still dope
you mean netsh wlan show profile? if only u can use someone's laptop/pc. but with this thing i guess u don't need to unlock someone's /laptop/pc you just have to turn in on and plug it in.
Gave away my kids as instructed. May have messed up. Currently posting from jail. How do I get out? I notice it wasn't mentioned in the video. Can i go back?
This seems to not work at all on my windows 11 laptop, I plug it in and nothing at all happens. Also does not work on my girlfriends laptop. We both have an Acer Nitro 5. The weird thing is it seems to work fine on my desktop when I have wifi enabled? Does anyone have any ideas?
EDIT- I just realized the laptop case will not allow the attiny85 to plug into the USB port all the way...works fine with an adapter though
Excellent!
+1 Subscriber!!! 🍻
I guess we have to send our thanks to Microsoft yet again for making it so easy to get all sensitive data from our PC with just few lines of Powershell script.
Who needs complicated trojans/keyloggers that get discovered by our antivirus, while you can simply just use what Microsoft gives you on silver plate.
Anyone knows if we can get logged in username and password as easy as that? I wouldn't be surprised if any of these big brains from MS came up with that idea as well.
thats possible as well, just a little more complicated. First you need to imitate a ethernet cable instead of an HID device like shown in the video, capture transferred password hashes, crack them, switch to HID mode and type in the username and password. Of course this is a little simplified and some steps are more complex like the hash cracking but it is doable
Hi I have a challenge for you. It’s tricky, maybe too complicated, in a different language than English it doesn’t pay much but it does involve righting a wrong done. Are you interested to help?
Any info on where you can purchase the 3D printed cases? Thanks! :)
the digispark is sold out and not producing anymore until they find a new manufacturer, any alternative recommendations?
Yeah go get a Arduino Pro Micro
Thanks
I am also not able to buy hak5 rubber ducky
Thanks for that solution
Appreciate your work for who can't afford the things for pentesting
Does your t Shirt say 'bombardino' or 'barburrito' ?
2:19 Correction: "I did modify the code an (AT)tiny bit"
Correct me If I am wrong, but it only works if they logged in anyway, right?.
2nd comment. Recommendations on how to better secure wifi to prevent intrusion by neighbors or....big brother...beyond having long-string passwords and secondary routers (or just not using wifi altogether?)
Hypothetical here, if I were to find an Attiny85 on the ground would I be able to see the code last programmed into the device without executing the program?
Just to double check, this device has to be plugged into a pc that already knows the WiFi?
Wouldn't you have to be connected to the wifi that your trying to steal? If so then all I would have to do is plug the rubber ducky into a pc that is connected to the wifi, right?
He can help you 👆 out
I tried it a couple of times. It didn't work for me
Why would you endorse stealing passwords?
Do you have to solder anything? Never did anything like this before. Kinda cool. Thanks.
nope, just plug and play,
Do you have to have an existing internet connection?
And if you don't know then now you know.
- Notorious B.I.G.
Thanks for all your free stuff!
It's more insane that , you can even reduce this 20 second... Just reduce the delays in program
He said that was to prevent the commands overwriting each other which would cause them to fail. I'm sure you could definitely tune them down to be even more precise though to accomplish exactly what you're saying.
@@DementiaAcerbus yeah brother...
And that is insane.. 🔥
How can I avoid the ATtiny85 from running the payload on my pc when i trie to program it?
So you have to actually stick the device in someone's computer?
Amazing video this was so informative and satisfying for any ethnic hacker
Ethnic Hacker? What's that?
What does ethnicity have to do with it?
Ethical hacker? 🤨
When this runs on a host machine with it's keyboard configured to write in Spanish, the commands are all wrong. I'm trying to find a way to fix this but i'm not having much success. It seems that the payload sends the right keystrokes for English keyboards, which results in wrong input for both the OS and the CMD terminal on OSs with, for example, spanish keyboards. Any workaround you might already know?
Hey! Trying this myself, but I dont see anything coming up on the webhook site after all commands are executed. Any help on how to fix?
nevermind im stupid, tried plugging it into my pc, forgot im on ethernet and not wifi(my mobo does not have built in wifi) so ive never put in a password lmao
@2$ my whole apartment complex could be hacked in just a few days
Great videos sir, I am so thankful to you not only for teaching us technical topics but also teaching us with the way of life.
Great vedios God bless you
ruclips.net/video/MYlIi2Zn-JE/видео.html
Yup, and this is why I not only use WiFi passwords, I do not let others use my equipment that I do not know. Now, if you set your WiFi Router to use "Mac Address Filtering" and only give access to specific MAC addresses you've just added another layer of security. Even if the password is breached if the passwaord is breached you still will not be able to get onto the WiFi or directly connected via ethernet. I tried using this and my Trend Micro Antivirus kicked in and blocked it.
Off topic: how comfy is that secret labs chair for prolonged use?
Theyre fabulous. I have 2
Hey, I would like to know that if we we program a ATtiny85 once, can we tweak the same ATtiny85 again??
Pink haired pirate.
I dig
Love those tattoos, bro
Since they got rid of the dislike counter, I guess I'll have to watch the whole thing.
LOL! (Alice in Wonderland) One of my oldest Avatars was "Matt Hatter". ;) We studied both books (Through the Looking Glass) in my undergraduate law classes. Nice Ink!
A very interesting project. Thanks for sharing.
To do the same project, these are what I need: ATtiny85, Arduino SDK, Digispark Drivers, WiFi password stealer code ?
What's the alternative of ATtiny85 ?
So this is a USB device that must be plugged into a computer that uses or is connected to the wifi network in question?
Interesting video love watching cyber video's as a Cisco Network guy (CCNP) It's very helpful
side note Is that a Bombardier T-Shit? Cool! I was a Bombardier at one time in The Royal Regiment of Artillery (British Army) left as a Sergeant
So where do you just get a rubber ducky? In terms of time consumption 50 bucks is cheaper.
So wait... you have to get access to the computer to get the password yes?
Great video Adams, love From india🇮🇳 ❤️
❤️❤️😁😁
Me too
Great idea! Thanks 🙏🏽
Can I make it using normal usb
I mean can I creating rubber chuky using my normal pendrive