USB port can receive storage or hardware devices such as a mouse, keyboard, camera, etc. storage is storage; others are called a HID (human interface device) in windows. any device upon connection gives a signal so computer knows what to do with it – for hardware it installs device drivers and storage gets mounted as an extra drive.
problem with ninja cables or rubber ducky usb drives is that they have HID component hidden, probably along with some storage available so custom code can be loaded. upon plugging in such usb stick or a cable, user is under impression that it is a normal stick or a cable, while this special hardware hides another component that will allow auto-execution of stored code thanks to the automated activation of those HID devices.
once attackers can make you run their code on your machine without you knowing, sky is the limit.
The cable is actually like a external USB thumb drive in disguise.
At that point it is no different than inserting an infected disc into your pc.
And just like any integrated circuit, cpu, memory, or disguised usb drive in a cable… all that is happen is moving electric signals (voltage changes) . It’s not really code moving thru the wire. Other systems and devices read the voltage and interpret it and do other things.
Basically computer chips can be very small nowadays and you can hide a chip in what looks like the end of a regular USB cable.
You can have that chip pretend to be anything else you normally connect via USB including a USB keyboard or a USB drive.
Since USB is build up around the idea of hubs and connecting multiple devices over a single plug, there is nothing preventing such a fake cable from doing the normal thing people expect it do do and at the same doing its hidden trick.
The chip on there might simply notice when it gets connected to a computer and do nothing for a while. Later it blindly fires of keystrokes like [Windows]+[r] followed by [c],[m],[d] and [ENTER] and have a command line open that it then simply types some script into.
Once you have access to them command line you can do all sorts of things like downloading additional code to run form the internet.
Latest Answers