USB Pentesting devices & attack tools (part 2)

Today we continue to check out some USB-based devices to help with Penetration Testing and Ethical Hacking of computers and networks.

If you missed Part 1 of this article then click here to check it out.

Below are more devices which are highly portable due to their size yet extremely powerful:

Plunder Bug LAN Tap

The Plunder Bug is a portable device that can be used to passively capture LAN traffic by inserting 2 Ethernet cables into the RJ45 ports at each end. 5V power needs to be supplied via the USB-C port on the side of the device.

Active scanning is also possible by connecting a smartphone via the USB-C port. This is done by capturing the network packets which are in PCAP format and can then be analyzed using the likes of Wireshark.

Cross-platform scripts are used to sniff the traffic and these support Linux, Mac & Windows.

See Hak5 for more details.

Raspberry Pi Zero W + USB Dongle

The Raspberry Pi Zero W is a portable computer with the following specification:

  • 1GHz, single-core CPU
  • 512MB RAM
  • Mini HDMI and USB On-The-Go ports
  • Micro USB power
  • HAT-compatible 40-pin header
  • Composite video and reset headers
  • CSI camera connector
  • 802.11 b/g/n wireless LAN
  • Bluetooth 4.1
  • Bluetooth Low Energy (BLE)

Mounted on top of a USB board, as pictured above, and loaded with the P4wnP1 A.L.O.A. framework produces a low-cost Pentesting device. It can run a keystroke injection against a host in which it is plugged into via the USB port. HIDScript is also supported for the writing of more sophisticated commands.

With support for both WiFi and Bluetooth this means that the device can be accessed and controlled remotely.

See Raspberry Pi for more details.

Shark Jack

The Shark Jack is a portable network attack device that comes pre-loaded with Nmap for network reconnaissance.

The simple scripting language and attack/arming switch make loading payloads a breeze, and the RGB LED provides instant feedback on attack stages.

Below is the specification of this device:

  • SoC*: 580MHz MediaTek MT7628 mips CPU
  • Memory: 64 MB DDR2 RAM, 64 MB SPI Flash
  • Input/Output: USB-C charge port, RJ45 Fast Ethernet jack
  • Battery: 1S 401020 3.7V 50mAh 0.2Wh LiPo
  • Operation time: ~15 minute run, ~7 minute charge
  • Operating System: OpenWRT 19.07-based GNU/Linux

* System On a Chip

See Hak5 for more details.

Signal Owl

The makers of the Signal Owl describe it as a ‘signals intelligence platform’. It has a payload system and comes with both custom utilities and popular wireless tools such as Aircrack-ng, mdk4, and Kismet.

Its main purpose is to monitor airspace and track devices via WiFi, Bluetooth, and SDR (Software-Defined Radio).

Cloud C2 support means that this device can be managed remotely.

See Hak5 for more details.

USB Rubber Ducky

The USB Rubber Ducky overcomes most security protections on a computer by posing as a USB keyboard. Once plugged-in scripts can be run quickly using keystroke injection.

Scripts that are written using Ducky Script can then install backdoors, copy documents, or capture credentials.

Memory on the device can be expanded via a Micro SD card.

See Hak5 for more details.

WiFi Deauther

A deauther allows you to disconnect devices from a WiFi network. Even if you’re not connected to that network. Deauthers take advantage of a weakness in the 802.11 protocol which allows the sending of deauthentication frames by unauthorised devices.

Beacon Spamming is also supported to confuse people looking for local networks.

Maltronics have 2 variants:

  • WiFi Deauther OLED – controlled by a selector switch above the mini LCD screen. This version is standalone and does not need to be connected to a computer or phone to use.
  • WiFi Deauther USB – controlled remotely by connecting a phone or computer to the devices own WiFi network. This version is powered via standard USB e.g. power bank, USB lead, plug into a computer.

See Maltronics for more details.

WiFi KeyLogger

Hardware keyloggers are the only way to covertly record keystrokes with no possibility of detection by the computer!
Our KeyLoggers are WiFi enabled meaning once setup they can be accessed from a distance.

As with many of the USB devices covered in these two articles, they are undetectable due to resembling a storage device or keyboard.

Features included with the Pro version include receiving reports via email, data streaming over UDP*, timestamping, and acting as a WiFi device for remote connections.

* User Datagram Protocol

See Maltronics for more details.

Do you have a favorite USB-based Pentesting device? If so please let us know which one by commenting below.

Leave a Reply