Research Article
BibTex RIS Cite

Leaking Network Devices with Rubber Ducky Attack

Year 2024, Volume: 8 Issue: 2, 199 - 212

Zeynep Rana Dönmez Şeyma Atmaca Yıldıray Yalman

https://doi.org/10.38088/jise.1490148

Abstract

Social engineering is a psychological attack targeting individuals' vulnerabilities, often aimed at employees of targeted organizations. Unlike traditional electronic attacks, it relies on manipulating individuals to run malware-infected devices or share sensitive information willingly. This study uses the Arduino Digispark Attiny85 module to demonstrate the potential consequences of social engineering attacks on network devices. By placing the module in a device connected to the target network, a network scan was performed to determine the security status, IP addresses, port information, and version information of all devices. During the experimental studies, it was observed that the most suitable port was the FTP port, and the attack was carried out via msfconsole on the FTP port. Unlike similar studies that focus on a single device, our approach allows simultaneous infiltration of multiple devices within the network, obtaining control over multiple authorized devices, highlighting the significant advantage of our method.

Keywords

USB Rubber Ducky hacking Linux Arduino Bash Script

Supporting Institution

TÜBİTAK

Project Number

1919B012108374

Thanks

This work has been supported in part by The Scientific and Technological Research Council of Turkey (TUBITAK) research grant 2209-A, No:1919B012108374

References

  • [1] Thomas, T., Piscitelli, M. and Nahar, B.A. (2021). Duck Hunt: Memory forensics of USB attack platforms. DFRWS 2021 Virtual USA Conference.
  • [2] Falliere, N., Murchu, L. O. and Chie, E. (2011). W32.Stuxnet Dossier, Symantec Stuxnet Update. Version1.4:1-45.
  • [3] Nissim, N., Yahalom, R. and Elovici, Y. (2017). USB-Based attacks. Computers and Security, 70: 675-688.
  • [4] Cannoles, B. and Ghafarian, A. (2017). Hacking Experiment Using USB Rubber Ducky Scripting. Proceeding of The 8th Multi-Conference on Complexity (IMCIC), 73-76.
  • [5] Chillara, A. K., Saxena, P., Maiti, R. R., Gupta, M., Kondapalli, R., Zhang, Z., & Kesavan, K. (2024). Deceiving supervised machine learning models via adversarial data poisoning attacks: a case study with USB keyboards. International Journal of Information Security, 23(3), 2043-2061.
  • [6] Kamkar, S. (2024). USB Drive By. https://samy.pl/usbdriveby/ [Accessed: 15 April2024]
  • [7] Georgitzikis, V., Akribopoulos, O. and Chatzigiannakis, I. (2012). Controlling Physical Objects via the Internet using the Arduino Platform over 802.15.4 Networks. IEEE Latin America Transactions, 10(3):1686-1689.
  • [8] Karystinos, E. and Andreatos A. (2019). Spyduino: Arduino as a HID exploiting the BadUSB Vulnerability. International Conference on Distributed Computing in Sensor Systems (DCOSS), 1-4.
  • [9] Lin, Y.W., Lin, Y.B., Yang, M.T. and Lin, J. H. (2019). ArduTalk: An Arduino Network Application Development Platform Based on IoTtalk. IEEE Systems Journal, 13(11):468-476.
  • [10] Strobel, D., Oswald, D., Richter, B., Schellenberg, F. and Paar, C. (2014). Microcontrollers as (In)Security Devices for Pervasive Computing Applications. Proceedings of the IEEE, 102(8):1157-1173.
  • [11] Vouteva, S. (2015). Feasibility and Deployment of Bad USB. System and Network Engineering Master Research Project, University of Amsterdam, Amsterdam, Holland, 16
  • [12] Brandao, P. and Scanavez, R. (2021). Bad USB: why must we discuss this threat in companies. Higher Institute of Advanced Technologies, 3-6.
  • [13] Mazharul Amin, A.A.M. and Mahamud, M. S. (2019). An Alternative Approach of Mitigating ARP Based Man-in-the-Middle Attack Using Client Site Bash Script. 6th International Conference on Electrical and Electronics Engineering.
  • [14] Asokan, J., Rahuman, A. K., Suganthi, B., Fairooz, S., Balaji, M. S. P. and Elamaran, V. (2023). A Case Study Using Companies to Examine the Nmap Tool’s Applicability for Network Security Assessment. 12th International Conference on Advanced Computing (ICoAC), 2023.
  • [15] Kaushik, K., Punhani, I., Sharma, S. and Martolia, M. (2022). An Advanced Approach for performing Cyber Fraud using Banner Grabbing. 5th International Conference on Contemporary Computing and Informatics (IC3I).
  • [16] Tian, D., Bates, A. and Butler, K. (2015), Defending Against Malicious USB Firmware with GoodUSB, ACSAC’15, December 07-11: 1-5

Year 2024, Volume: 8 Issue: 2, 199 - 212

Zeynep Rana Dönmez Şeyma Atmaca Yıldıray Yalman

https://doi.org/10.38088/jise.1490148

Abstract

Project Number

1919B012108374

References

  • [1] Thomas, T., Piscitelli, M. and Nahar, B.A. (2021). Duck Hunt: Memory forensics of USB attack platforms. DFRWS 2021 Virtual USA Conference.
  • [2] Falliere, N., Murchu, L. O. and Chie, E. (2011). W32.Stuxnet Dossier, Symantec Stuxnet Update. Version1.4:1-45.
  • [3] Nissim, N., Yahalom, R. and Elovici, Y. (2017). USB-Based attacks. Computers and Security, 70: 675-688.
  • [4] Cannoles, B. and Ghafarian, A. (2017). Hacking Experiment Using USB Rubber Ducky Scripting. Proceeding of The 8th Multi-Conference on Complexity (IMCIC), 73-76.
  • [5] Chillara, A. K., Saxena, P., Maiti, R. R., Gupta, M., Kondapalli, R., Zhang, Z., & Kesavan, K. (2024). Deceiving supervised machine learning models via adversarial data poisoning attacks: a case study with USB keyboards. International Journal of Information Security, 23(3), 2043-2061.
  • [6] Kamkar, S. (2024). USB Drive By. https://samy.pl/usbdriveby/ [Accessed: 15 April2024]
  • [7] Georgitzikis, V., Akribopoulos, O. and Chatzigiannakis, I. (2012). Controlling Physical Objects via the Internet using the Arduino Platform over 802.15.4 Networks. IEEE Latin America Transactions, 10(3):1686-1689.
  • [8] Karystinos, E. and Andreatos A. (2019). Spyduino: Arduino as a HID exploiting the BadUSB Vulnerability. International Conference on Distributed Computing in Sensor Systems (DCOSS), 1-4.
  • [9] Lin, Y.W., Lin, Y.B., Yang, M.T. and Lin, J. H. (2019). ArduTalk: An Arduino Network Application Development Platform Based on IoTtalk. IEEE Systems Journal, 13(11):468-476.
  • [10] Strobel, D., Oswald, D., Richter, B., Schellenberg, F. and Paar, C. (2014). Microcontrollers as (In)Security Devices for Pervasive Computing Applications. Proceedings of the IEEE, 102(8):1157-1173.
  • [11] Vouteva, S. (2015). Feasibility and Deployment of Bad USB. System and Network Engineering Master Research Project, University of Amsterdam, Amsterdam, Holland, 16
  • [12] Brandao, P. and Scanavez, R. (2021). Bad USB: why must we discuss this threat in companies. Higher Institute of Advanced Technologies, 3-6.
  • [13] Mazharul Amin, A.A.M. and Mahamud, M. S. (2019). An Alternative Approach of Mitigating ARP Based Man-in-the-Middle Attack Using Client Site Bash Script. 6th International Conference on Electrical and Electronics Engineering.
  • [14] Asokan, J., Rahuman, A. K., Suganthi, B., Fairooz, S., Balaji, M. S. P. and Elamaran, V. (2023). A Case Study Using Companies to Examine the Nmap Tool’s Applicability for Network Security Assessment. 12th International Conference on Advanced Computing (ICoAC), 2023.
  • [15] Kaushik, K., Punhani, I., Sharma, S. and Martolia, M. (2022). An Advanced Approach for performing Cyber Fraud using Banner Grabbing. 5th International Conference on Contemporary Computing and Informatics (IC3I).
  • [16] Tian, D., Bates, A. and Butler, K. (2015), Defending Against Malicious USB Firmware with GoodUSB, ACSAC’15, December 07-11: 1-5
There are 16 citations in total.

Details

Primary Language English
Subjects Operating Systems, Computer Software
Journal Section Research Articles
Authors

Zeynep Rana Dönmez 0009-0009-5232-2136

Şeyma Atmaca 0009-0007-0072-5019

Yıldıray Yalman 0000-0002-2313-4525

Project Number 1919B012108374
Early Pub Date December 11, 2024
Publication Date
Submission Date May 26, 2024
Acceptance Date June 19, 2024
Published in Issue Year 2024Volume: 8 Issue: 2

Cite

APA Dönmez, Z. R., Atmaca, Ş., & Yalman, Y. (2024). Leaking Network Devices with Rubber Ducky Attack. Journal of Innovative Science and Engineering, 8(2), 199-212. https://doi.org/10.38088/jise.1490148
AMA Dönmez ZR, Atmaca Ş, Yalman Y. Leaking Network Devices with Rubber Ducky Attack. JISE. December 2024;8(2):199-212. doi:10.38088/jise.1490148
Chicago Dönmez, Zeynep Rana, Şeyma Atmaca, and Yıldıray Yalman. “Leaking Network Devices With Rubber Ducky Attack”. Journal of Innovative Science and Engineering 8, no. 2 (December 2024): 199-212. https://doi.org/10.38088/jise.1490148.
EndNote Dönmez ZR, Atmaca Ş, Yalman Y (December 1, 2024) Leaking Network Devices with Rubber Ducky Attack. Journal of Innovative Science and Engineering 8 2 199–212.
IEEE Z. R. Dönmez, Ş. Atmaca, and Y. Yalman, “Leaking Network Devices with Rubber Ducky Attack”, JISE, vol. 8, no. 2, pp. 199–212, 2024, doi: 10.38088/jise.1490148.
ISNAD Dönmez, Zeynep Rana et al. “Leaking Network Devices With Rubber Ducky Attack”. Journal of Innovative Science and Engineering 8/2 (December 2024), 199-212. https://doi.org/10.38088/jise.1490148.
JAMA Dönmez ZR, Atmaca Ş, Yalman Y. Leaking Network Devices with Rubber Ducky Attack. JISE. 2024;8:199–212.
MLA Dönmez, Zeynep Rana et al. “Leaking Network Devices With Rubber Ducky Attack”. Journal of Innovative Science and Engineering, vol. 8, no. 2, 2024, pp. 199-12, doi:10.38088/jise.1490148.
Vancouver Dönmez ZR, Atmaca Ş, Yalman Y. Leaking Network Devices with Rubber Ducky Attack. JISE. 2024;8(2):199-212.
 Download Cover Image


Creative Commons License

The works published in Journal of Innovative Science and Engineering (JISE) are licensed under a  Creative Commons Attribution-NonCommercial 4.0 International License.