Leaking Network Devices with Rubber Ducky Attack
Social engineering is a psychological attack targeting individuals' vulnerabilities, often aimed at employees of targeted organizations. Unlike traditional electronic attacks, it relies on manipulating individuals to run malware-infected devices or share sensitive information willingly. This st...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Bursa Technical University
2024-12-01
|
| Series: | Journal of Innovative Science and Engineering |
| Subjects: | |
| Online Access: | http://jise.btu.edu.tr/en/download/article-file/3956957 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Social engineering is a psychological attack targeting individuals' vulnerabilities, often aimed at employees of targeted organizations. Unlike traditional electronic attacks, it relies on manipulating individuals to run malware-infected devices or share sensitive information willingly. This study uses the Arduino Digispark Attiny85 module to demonstrate the potential consequences of social engineering attacks on network devices. By placing the module in a device connected to the target network, a network scan was performed to determine the security status, IP addresses, port information, and version information of all devices. During the experimental studies, it was observed that the most suitable port was the FTP port, and the attack was carried out via msfconsole on the FTP port. Unlike similar studies that focus on a single device, our approach allows simultaneous infiltration of multiple devices within the network, obtaining control over multiple authorized devices, highlighting the significant advantage of our method. |
|---|---|
| ISSN: | 2602-4217 |