Is puppy vulnerable to usb rubber ducky?

mr_gs · Post by **mr_gs** » Sun Dec 18, 2022 11:33 am

I have recently seen many videos in which an attacker connects a usb rubber ducky to windows, macOS, iPhone and even android and hacks it. But there is no video demonstrating it with linux. Are we safe?

Post by **Wiz57** » Sun Dec 18, 2022 12:19 pm

If an "attacker" has actual physical possession of ANY device, consider it compromised, whether by USB device or other methods.
There is NO 100 PERCENT INVULNERABLE COMPUTING DEVICE! Furthermore, since Android is based on Linux...there's your answer.
Wiz

dancytron · Post by **dancytron** » Sun Dec 18, 2022 1:03 pm

As I understand it, a rubber ducky can do anything a keyboard or mouse can do, it's just being done by a microcontroller, so if someone unfriendly turns on your computer (which logs itself in automatically) they can do whatever they want.

The protection would be to disable the autologin, change the password to something unguessable, lock the bios, and don't let strangers have access to your computer.

Tahrbaby · Post by **Tahrbaby** » Sun Dec 18, 2022 1:12 pm

dancytron wrote: ↑Sun Dec 18, 2022 1:03 pm
The protection would be to disable the autologin, change the password to something unguessable

Is this option possible in Puppy then?

ozsouth · Post by **ozsouth** » Mon Dec 19, 2022 12:45 am

@Tahrbaby - to change password, open a terminal & type passwd
Then input & confirm new password. (default w---w--- (a puppy bark))

To stop autologin, edit /etc/inittab thus:

comment out 2nd line (with plogin in it), by adding # to start of line.
copy next line & insert before that, & change tty2 to tty1 at start & end, then save

will now need to login each time - inputs are:

root (press enter)
(your password) (press enter)

Post by **mikewalsh** » Mon Dec 19, 2022 1:04 am

@ozsouth :-

Thanks for that info, Oz. I think that's the first time I've ever seen it clearly and simply stated.....ALL in one place.....AND in plain English!

Cheers, mate!

Mike.

sonny · Post by **sonny** » Mon Dec 19, 2022 2:26 am

That is why anything INTERNAL is obsolete and dangerous to me.
"VCR" is the new computer (USB -> RAM -> CLOUD).
That's our Puppy.
Like no other.

Tahrbaby · Post by **Tahrbaby** » Mon Dec 19, 2022 8:25 am

ozsouth wrote: ↑Mon Dec 19, 2022 12:45 am
@Tahrbaby - to change password, open a terminal & type passwd
Then input & confirm new password. (default w---w--- (a puppy bark))

To stop autologin, edit /etc/inittab thus:

comment out 2nd line (with plogin in it), by adding # to start of line.
copy next line & insert before that, & change tty2 to tty1 at start & end, then save

will now need to login each time - inputs are:

root (press enter)
(your password) (press enter)

@ozsouth

Many thanks for this.

Puppy Linux Discussion Forum

Is puppy vulnerable to usb rubber ducky?

Is puppy vulnerable to usb rubber ducky?

Re: Is puppy vulnerable to usb rubber ducky?

Re: Is puppy vulnerable to usb rubber ducky?

Re: Is puppy vulnerable to usb rubber ducky?

Re: Is puppy vulnerable to usb rubber ducky?

Re: Is puppy vulnerable to usb rubber ducky?

Re: Is puppy vulnerable to usb rubber ducky?

Re: Is puppy vulnerable to usb rubber ducky?