Is puppy vulnerable to usb rubber ducky?

Post Reply
User avatar
mr_gs
Posts: 38
Joined: Tue Dec 14, 2021 6:39 am
Has thanked: 7 times
Been thanked: 8 times

Is puppy vulnerable to usb rubber ducky?

Post by mr_gs »

I have recently seen many videos in which an attacker connects a usb rubber ducky to windows, macOS, iPhone and even android and hacks it. But there is no video demonstrating it with linux. Are we safe?

Fossapup 9.5 64bit Kernel 5.4.53
Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz
8GB RAM
Intel (R) UHD Graphics

Top
User avatar
Wiz57
Moderator
Posts: 542
Joined: Fri Dec 13, 2019 3:54 pm
Location: Chickasha, OK USA
Has thanked: 77 times
Been thanked: 99 times

Re: Is puppy vulnerable to usb rubber ducky?

Post by Wiz57 »

If an "attacker" has actual physical possession of ANY device, consider it compromised, whether by USB device or other methods.
There is NO 100 PERCENT INVULNERABLE COMPUTING DEVICE! Furthermore, since Android is based on Linux...there's your answer.
Wiz

Signature available upon request

Top
dancytron
Posts: 698
Joined: Fri Dec 13, 2019 6:26 pm
Has thanked: 488 times
Been thanked: 204 times

Re: Is puppy vulnerable to usb rubber ducky?

Post by dancytron »

As I understand it, a rubber ducky can do anything a keyboard or mouse can do, it's just being done by a microcontroller, so if someone unfriendly turns on your computer (which logs itself in automatically) they can do whatever they want.

The protection would be to disable the autologin, change the password to something unguessable, lock the bios, and don't let strangers have access to your computer.

Top
Tahrbaby
Posts: 119
Joined: Mon Jul 13, 2020 8:26 am
Location: Tenerife
Has thanked: 42 times
Been thanked: 18 times

Re: Is puppy vulnerable to usb rubber ducky?

Post by Tahrbaby »

dancytron wrote: Sun Dec 18, 2022 1:03 pm

The protection would be to disable the autologin, change the password to something unguessable

Is this option possible in Puppy then?

Top
ozsouth
Posts: 1494
Joined: Sun Jul 12, 2020 2:38 am
Location: S.E. Australia
Has thanked: 228 times
Been thanked: 670 times

Re: Is puppy vulnerable to usb rubber ducky?

Post by ozsouth »

@Tahrbaby - to change password, open a terminal & type passwd
Then input & confirm new password. (default w---w--- (a puppy bark))

To stop autologin, edit /etc/inittab thus:

comment out 2nd line (with plogin in it), by adding # to start of line.
copy next line & insert before that, & change tty2 to tty1 at start & end, then save

will now need to login each time - inputs are:

root (press enter)
(your password) (press enter)

Top
User avatar
mikewalsh
Moderator
Posts: 6038
Joined: Tue Dec 03, 2019 1:40 pm
Location: King's Lynn, UK
Has thanked: 738 times
Been thanked: 1904 times

Re: Is puppy vulnerable to usb rubber ducky?

Post by mikewalsh »

@ozsouth :-

Thanks for that info, Oz. I think that's the first time I've ever seen it clearly and simply stated.....ALL in one place.....AND in plain English!

Cheers, mate! :thumbup:

Mike. :D

Top
sonny
Posts: 725
Joined: Mon Feb 15, 2021 4:50 pm
Has thanked: 486 times
Been thanked: 173 times

Re: Is puppy vulnerable to usb rubber ducky?

Post by sonny »

That is why anything INTERNAL is obsolete and dangerous to me.
"VCR" is the new computer (USB -> RAM -> CLOUD).
That's our Puppy.
Like no other.

Top
Tahrbaby
Posts: 119
Joined: Mon Jul 13, 2020 8:26 am
Location: Tenerife
Has thanked: 42 times
Been thanked: 18 times

Re: Is puppy vulnerable to usb rubber ducky?

Post by Tahrbaby »

ozsouth wrote: Mon Dec 19, 2022 12:45 am

@Tahrbaby - to change password, open a terminal & type passwd
Then input & confirm new password. (default w---w--- (a puppy bark))

To stop autologin, edit /etc/inittab thus:

comment out 2nd line (with plogin in it), by adding # to start of line.
copy next line & insert before that, & change tty2 to tty1 at start & end, then save

will now need to login each time - inputs are:

root (press enter)
(your password) (press enter)

@ozsouth

Many thanks for this.

Top
Post Reply

Return to “Off-Topic Area”