I have recently seen many videos in which an attacker connects a usb rubber ducky to windows, macOS, iPhone and even android and hacks it. But there is no video demonstrating it with linux. Are we safe?
Is puppy vulnerable to usb rubber ducky?
- Wiz57
- Moderator
- Posts: 596
- Joined: Fri Dec 13, 2019 3:54 pm
- Location: Chickasha, OK USA
- Has thanked: 78 times
- Been thanked: 122 times
Re: Is puppy vulnerable to usb rubber ducky?
If an "attacker" has actual physical possession of ANY device, consider it compromised, whether by USB device or other methods.
There is NO 100 PERCENT INVULNERABLE COMPUTING DEVICE! Furthermore, since Android is based on Linux...there's your answer.
Wiz
Signature available upon request
-
- Posts: 722
- Joined: Fri Dec 13, 2019 6:26 pm
- Has thanked: 520 times
- Been thanked: 217 times
Re: Is puppy vulnerable to usb rubber ducky?
As I understand it, a rubber ducky can do anything a keyboard or mouse can do, it's just being done by a microcontroller, so if someone unfriendly turns on your computer (which logs itself in automatically) they can do whatever they want.
The protection would be to disable the autologin, change the password to something unguessable, lock the bios, and don't let strangers have access to your computer.
-
- Posts: 119
- Joined: Mon Jul 13, 2020 8:26 am
- Location: Tenerife
- Has thanked: 44 times
- Been thanked: 18 times
Re: Is puppy vulnerable to usb rubber ducky?
dancytron wrote: Sun Dec 18, 2022 1:03 pmThe protection would be to disable the autologin, change the password to something unguessable
Is this option possible in Puppy then?
-
- Posts: 1570
- Joined: Sun Jul 12, 2020 2:38 am
- Location: S.E. Australia
- Has thanked: 241 times
- Been thanked: 704 times
Re: Is puppy vulnerable to usb rubber ducky?
@Tahrbaby - to change password, open a terminal & type passwd
Then input & confirm new password. (default w---w--- (a puppy bark))
To stop autologin, edit /etc/inittab thus:
comment out 2nd line (with plogin in it), by adding # to start of line.
copy next line & insert before that, & change tty2 to tty1 at start & end, then save
will now need to login each time - inputs are:
root (press enter)
(your password) (press enter)
- mikewalsh
- Moderator
- Posts: 6164
- Joined: Tue Dec 03, 2019 1:40 pm
- Location: King's Lynn, UK
- Has thanked: 796 times
- Been thanked: 1985 times
Re: Is puppy vulnerable to usb rubber ducky?
@ozsouth :-
Thanks for that info, Oz. I think that's the first time I've ever seen it clearly and simply stated.....ALL in one place.....AND in plain English!
Cheers, mate!
Mike.
-
- Posts: 119
- Joined: Mon Jul 13, 2020 8:26 am
- Location: Tenerife
- Has thanked: 44 times
- Been thanked: 18 times
Re: Is puppy vulnerable to usb rubber ducky?
ozsouth wrote: Mon Dec 19, 2022 12:45 am@Tahrbaby - to change password, open a terminal & type passwd
Then input & confirm new password. (default w---w--- (a puppy bark))To stop autologin, edit /etc/inittab thus:
comment out 2nd line (with plogin in it), by adding # to start of line.
copy next line & insert before that, & change tty2 to tty1 at start & end, then savewill now need to login each time - inputs are:
root (press enter)
(your password) (press enter)
@ozsouth
Many thanks for this.