Time
2 hours 25 minutes
Difficulty
Beginner
CEU/CPE
3

Video Transcription

00:00
Hello and welcome to look what I found. Oh, USB drop attack. I'm your instructor, Sean Greer.
00:09
So before I start this course, I just want to give you a quick disclaimer. Of course, this course is for learning purposes only. What I'm going to show you is just intended to expand your knowledge of these attacks and how Attackers used them. My expectation is to help you or others you know, to defend against these types of attacks.
00:27
And my motto is, if you don't know how it works, you can't defend against it
00:33
us a little bit about me. I graduated from the University of Arizona with the bachelor's degree in psychology.
00:40
Uh, I have three years in the field of I t. Currently my, uh, my security position. I do number things like penetration, testing, vulnerability, scanning, malware analysis, forensics, intelligence, You name it.
00:54
I have a few Certs. I have a cc and a and a security plus.
00:58
So a little bit of housekeeping for we really dig deeper. I'll be referring to portable USB storage devices as flash drives. As you may know, they go by a lot of names like memory sticks, pen drive, some drives from Drive's data sticks pocket drives, so I'll just be calling them flash drives for simplicity.
01:19
Now there are course Nall course notes available with this course that cover everything and city and the videos. And there's also some some scripts in there, too. If you can't, if you can't quite fall along the videos that you can copy and paste those and fromthe laps
01:38
now, it also. If there's note some terms you don't understand, don't worry. There also is a term sheet at any of those course notes, so if I come across the term, you're not quite familiar with it. Maybe in there.
01:52
So what is this course all about? Well, this course is really intended to teach you what USB drop attacks are you? You may have heard them before, but you're not quite. You may not be quite certain what they are, so we'll dig into that and then I'll show you what types of the SP drop attacks are. There's several different types out there,
02:13
so if you've heard of one, maybe there's more you haven't heard of.
02:16
Then I'm gonna show you how these attacks were carried out, and we'll do some labs on that. So you could do that yourself as well.
02:23
Um,
02:24
then last we're gonna show I'm gonna show you how to actually defend against these attacks. There's not a whole lot you could do, but there is a few steps you can do to protect yourself.
02:38
So who is this course for? Well, I tried to make it for everyone. I didn't get too technical, so I hope that anyone could take this course. So if you're if you're worried that it may be, it's out of your grabs and graft. Don't worry. I tried to make it as easy as possible.
02:59
Okay, so there are a few prerequisites. If you wanna fall along with all the labs
03:02
first you'll need a standard USB flash drive. Really? Any size is gonna work. We're gonna use very tiny files. So I really don't anticipate anybody running out of space.
03:14
You will need a USB advice that functions as a human interface and Dr Device. Now, these air devices that emulate keyboards that act as keyboards. And there are a few examples out there. There's one called the USB rubber ducky and that sold by Hack five.
03:30
And there's another one out there called the Mound. We know by Mel Tronics
03:37
Now we will be using the USB reproduction in our lab, but is rather spending so you could get them out. We know there are a lot cheaper, and there's also some some videos out there that can show you howto build your own with melty. No boards or certain flash drive's. Not all flash drives can be used.
03:57
Next. You'll need a computer with Internet access, preferably. You'll need a Windows machine because we'll be doing our older attacks against Windows devices.
04:05
Then you'll need some text editing software. He really don't need this specific one I'm going to use. It's just I like it because you can. You could see the scripting language when you put it in, so we'll be using no pad plus plus for that. Then you'll need a free Gmail account because we'll be using cool drive on one of her labs.
04:29
Uh, so what are we gonna learn through this course we'll were first gonna learn what you must be dropped, attacks hard.
04:34
Then we're gonna talk about why they're so effective why they work so well.
04:40
Then we're gonna break down each type of attack. First, we'll talk about us. Be human interface. Dr. Attacks are spoofing attacks Rather.
04:46
Then I'll talk about malicious file Sasha code attacks.
04:50
Then we'll talk about social engineering link attacks.
04:54
Then we'll go over us be killed devices those air, rather nasty devices that destroyed computers. Then we'll talk about zero day attacks.
05:04
After we go through the different types, I'm gonna show you how Attackers disguise attacks in perspective, the victim and the computer.
05:14
Then we'll talk about what Attackers do during reconnaissance and how Attackers to play their devices.
05:20
Then we'll get into our labs and actually build some attacks. First, we'll start with the USB human interface Dr Spoofing Attack. Then we're gonna learn some ducky script. Ducky script is a very easy scripting language to grass for If you've never scripted before, don't worry. This is
05:35
This just takes a bit of, ah, practice to give, but it's a very easy scripting language to learn.
05:43
Then we'll do a malicious file slash code lab. Then we'll finish it off with a social engineer. England Club.
05:48
Lastly, we'll learn how to defend against these devices and what what strategies that you could you could do to, uh, to defend yourself or others? Then I'll show you what you could do to actually analyze devices. And then lastly, we'll talk about Red Team deployments,
06:08
so there is some information that goes along with this course, Asai said. Before the course notes are available,
06:15
there's some websites you will need to get some, uh, some piece of software. The 1st 1 There's no pad plus plus at first, like their 2nd 1 is for It's gonna before the USB rubber ducky and I believe that's going to be for our scripting language for no pad plus plus that will use.
06:34
Then we're going to use a coder website to encoder payloads for the first lab.
06:41
That's the duct toolkit dot com.
06:44
Then, if you like to purchase the USB Ripper Ducky, you confined it there. It shopped at half five dot or GE.
06:51
Now there's some other websites that may be useful to you, but not necessary. The 1st 1 is just all about ducky script. Um, so if I do have all that in the course notes. But if you want to look at him or is there so it's that that uh,
07:08
that get up link under the second earth. Excuse me. Third bullet point.
07:12
Um, Then we have the Mel Tronics link.
07:15
And that's if you want to buy Mallory. No device. Those air a lot cheaper than the Ducky script are. Excuse me, The USB river duckies.
07:26
Uh, if, for example, you have a Lennox machine or Mac no pad plus plus unfortunately, not available. So you could go to sublime tex dot com. It's a good alternative to a text editing software.
07:40
Then the last one If if you just want to see some payloads on the USB rubber Ducky, there are a lot examples there. They all don't quite work. Maybe s O. They may need some tweaking, but it's a good good place to see what what people do with these payloads.

Up Next

USB Drop Attack

Malicious devices are everywhere these days, whether you can see them or not.

Instructed By

Instructor Profile Image
Shawn Briere
Information Security Analyst
Instructor