Tell a friend, gee golly! Imagine being able to do a card miracle no matter where you are! Even if someone stops you while you're swimming in the middle of the ocean and hands you an oddly dry deck of cards and demands you perform the most amazing trick they've ever seen, you'll be ready…with the Revelation Wristband! We’re giving away a Revelation Wristband to three lucky winners of our weekly free giveaway at gimme.scamstuff.com (no purchase necessary, giveaway ends 1/3/2019) Congrats to the winners of last week’s Arson Watch: Kinnunen Nenna, Tyler Enlow, and Phillip Sessomseek (we will contact you via email within the next two weeks)
hey, can i please ask something? i just ordered the rubber ducky usb, can the rubber ducky do the same thing what you guys did with the bash bunny?(stealing files) so yeah, what payload is it? (for educational purposes ofc ;))
ran the tracert command on a campus computer i did 1.1.1.1 and googles DNS server 8.8.8.8 (tracert command tells you all the IP addresses in between you and any DNS server you ask)
@ Brandt I _LOVE_ what you've started doing with the little pie chart thing that shows you how much time is left to read the text on screen. THANK YOU!
Other manifesto points not said aloud: "All guests are smarter than us (duh.) Pineapple does not belong pizza. Brandt is right about everything except pizza. Science Man (under the influence of changeling spores) is working for TMZ-Cobra Ch-ILD makes delicious gelatin and you should have no hesitations eating it. Jason is dumb for only recently finally watching Akira. No, but seriously: Genji has made the game LITERALLY UNPLAYABLE. Wanna play hearthstone?" A strong platform. I'd vote for them!
Definitely my favorite kind of MR episode. Love all the hacking stuff. I feel like it's become taboo with the rise of the internet. But understanding how these things work is the best way to protect yourself.
Lorenzo Leonardini right? I have over 100gb of music and books, PDF, and a rediculous amount of files that take up space for no reason. And nothings in the right spot lol
Interesting fact! The US used this method to delay Iran's (I believe it was Iran, I'm too lazy to research it) nuclear project. But instead of stealing data, they -overclocked Iran's machines- Edit: "The US shut down some industrial sensor applications that were supposed to keep track of these centrifuges that they were using, and then pushed those out of sync, causing them to shake themselves apart like overamped energizer bunnies." -Thanks to Emil Hallgren for correcting me
The malware they used (as I recall) had some crazy levels of next gen BS going. That is, in addition to just being hand delivered it had the ability to spread between seemingly isolated systems and a whole suite of sandbox detecting stuff, not to mention collateral damage limitation. It did not overclock their machines, it shut down some industrial sensor applications that were supposed to keep track of these centrifuges that they were using, and then pushed those out of sync, causing them to shake themselves apart like overamped energizer bunnies.
Thank you, Modern Rogue, for having the world's most impeccable timing. I'm writing a novel where hacking is involved, and I was just getting the point where I was thinking that I need to look this shit up, see if this is an actual thing that can happen. Then you guys post this, the exact thing I would've been looking for.
Hey guys, been a fan from the start, you're content is amazing! Hope everything continues smooth. I love the idea of a daily article that you did on site. I think it would be good to have it as an app for mobile devices, so you could get notified when it has new content. Love the work, keep it up!
...Without running a live session of a system like TinyCore Linux, anyway. And with using _only_ your guest SSID which is probably password protected (right right?), and maybe, just don't mount any phhysical drives on the system or disconnect them completely.
@@bluephreakr This is basically the simultaneously more advanced and less directly threatening version of the tech though. I mean, it's an offensive tool used for physical access stuff, not really something you'd leave on the ground and hope someone picks it up unless you really had to. That is to say, it's a keyboard/ethernet adapter that you can record macros to.
What I suggest is during group project, have everyone make their own pptx and docx in your thumbdrive. So they won't suspect a thing. So when you use their computer/laptop, you can plug it in like normal but steal their files. Hiding in plain sight
Rubber Ducky's are 45 quid. If you want a cheap one buy a malduino from maltronics. Or you could get a compatible flash drive(Toshiba transformer) and reprogram the microcontroller.
1:36 wow lol... Jason: "..someone sees a USB drive or a stray SD card and they just think _let's see what's on there_ ..and it's just- the human vulnerability.." ** seconds later ** Shannon: "..and they want to help people- the first thing you think when you see something's that's lost- *unless you're a terrible person,* is _oh I should help them."_ Jason: "Yeah _totally- that's actua-_ that's what I think all the time, _yeah.."_ And Brian laughs at the obvious 180 😂
I found someones business debit and credit cards in my driveway, and along the road in front of my house one day, while checking the mail. My first thought was "I wonder how close this company is?", and searched it. Turns out, theyre 1 town away, so I called, told the nice old lady who answered I found so and so's cards in my yard, do they want them, or should I destroy em? They were her husbands, who had JUST lost his wallet earlier in the day somewhere between them, and me, and with a little more sleuthing, I found his DL, and a bunch of other stuff of his scattered down the road, but no wallet. The wallet was an heirloom snakeskin her dad had made from a snake he killed, and gave to her husband before he passed, so thats all they wanted to find-but I at least gave him peace of mind, and a starting place to search for it. We're super rural, so odds are it could have been dragged down the road slowly, throwing all his cards out down the road-or even stolen, and tossed out the window 1 by 1
I got the book 100 deadly skills for Christmas are you guys aware there is a second book called 100 deadly skills survival edition some of the skills are recycled but it's still a good book
I love seeing the migration of this channel since the beginning till now. Scam school is part of the reason I have a mindset that got me into cybersecurity. Keep up the good work guys!!
Snubs!!! You so freaking awesome, love that you still seems excited about this after doing this so long, great collab guys, this episode great way show poeple about computer security and maybe get poeple into this and beware
One time at work we found an external hard drive and we decided to see if we can find any name on it to identify the person. It ended up being 150 gigs of hentai with no name attached what so ever.
I found USB drive earlier this year in my college library. Being someone who stores everything on one, I had two thoughts going though my head. If there is nothing important on this drive, it's mine I'm keeping it ( it was 64 gb). But if I found homework or papers on it with a name, I would try and return it before clearing it. I found a name and she wasn't that far off from my department. So I messaged her on FB and heard from her the next day. She came a found the studio class I was in to get it. She was really happy because she had a large thesis paper that she had been working on stored on it and no other copy.
Blacklist- here are all the things you can't use. Whitelist- here are the only things you can use. I feel like he shouldn't be outing himself as a defense contractor on UA-cam either.
@@jamesmason4275 Yeah we're limited to a handful of USB memory stick, network interface cards, peripherals, etc. I do have a Raspberry Pi that acts as a keyboard so that'd be fun to try...
I feel like themodernrogue.com was created just yesterday. Time goes way too fast around you and your creations and I think that shows how great of entertainers you are
This is why you a.) Never plug in a mysterious USB drive b.) Use a slightly more secure operating system like Linux with a hardened kernel c.) Use software designed to mitigate these attacks, e.g. USBGuard (which uses the kernel's built-in ability to block access to unknown USB devices) d.) Don't leave your laptop open and unlocked in a public area
Regarding b: Why bother with hardening the kernel? Use a computer that doesn't do anything important and log out of all sessions, then play around on a guest account to verify that it's not an HID (it could still be on a timer though). And to be on the safe side, sudo can be configured to let certain users only run VERY SPECIFIC commands as root, eg. let user "guest" run "fdisk /dev/sdb" and "lshw" (without any other options and arguments) as root.
And hope that it doesn't compile some code and execute a Rowhammer, Spectre or Meltdown or any other hardware or kernel bug. But I don't think these are as common as simple straight forward attacks.
Hey Modern Rogue, you guys have done card throwing before. And I really enjoyed it. But you need to make a second one, throwing razor blades. You know the type that you brake in half and put in a straight razor. Anyways maybe think on it?
But you need a dramatic countdown for how long it'll take!!! What's going to create the suspense of "Oh My Gosh! I hope he doesn't walk around to see the screen! Is it done! Hurry Hurry!"
I would imagine the worst case scenario for this is someone plugging it into a platform it wasnt programed to infiltrate. It calls for a command that isnt supported and the computer returns an error of some kind that tips off the person you were trying to hack. On the other hand if the solution is to put multiple attackers on the drive how do you ensure that only the right one goes off?
I once used F12 to change a try guys video title from "try guys try driving while sleep deprived" to "try guys try heroin" with the thumbnail being them standing in an empty 'parking lot' and showed it to my girlfriend
I remember a years back I picked up a stray usb stick, found some really weird and kinda disturbing pictures on it... Never again Stay smart, Stay safe.
I have a very sophisticated device on my keys called a USB drive that can steal files from an unlocked computer at a coffee shop too. Poor example of what a rubber ducky can do. I also love the classic hacker example of 'stranger leaves laptop in public unattended for 5 mins, what a chump!'. People don't do that in public spaces.
Now can we get them to have a sponsor for something to protect us from these attacks, not just these USB drive attacks but malicious software attacks, cause after this video I really don't feel safe anymore. It's really gotten me paranoid.
10:56 "That's all it would take to steal all the files in your download directory" You haven't seen my download directory. I've got crap in there from two years ago.
My favorite script that I have is the rubber ducky script that goes to a fake windows update and automatically full-screens. Go to best buy, plug it into every computer, and bam
0:10 went into inspect element and made it so that whenever they click on a specific thing in a website it takes them to, well, lets just say the most famous adult website.
So, aside from not plugging in a random USB drive, is there any other way to defend against this dark art? Is there a way to plug in a USB, but in a quarantined space? Where the code runs in a dummy area?
You could plug it into an an air-gapped system (no, a VM isn't necessarily sufficient), but even then, it could be a port-killer which would kill that system.
Plug it into an air gapped raspberry pi. That means that you have a raspberry pi that is not connected to the internet, so that if it's infected, there's nowhere for it to spread.
12:52 Gray hulk was pretty good, but I don't think Ferigno ever played anything but green, so there's that. I used to think that pineapple doesn't go on pizza, but having tried it I changed my mind (I don't get it frequently, only in Chicago, which I visit once every few years). Castlevania 2 was pretty cool, and a lot of fun, but I also liked 3, the pirate, Grant Danasty, was so much fun to play. Jason, you only just watched Akira?! (To be honest, I didn't watch it until college, but still that was like 14 years ago.) I generally prefer subs over dubs, though some subs aren't too bad. ...I think I need a manifesto now.
it's one of the reasons you can't use USB on any secure information systems, e.g. DoD computers. In Iraq & Afghanistan, there would be stalls on the streets just selling USB drives, right? Nothing suspicious and pretty convenient, most people thought. Buy a usb for a few bucks, sure they might be stolen, but it's too good a deal to pass up. Plus you might find some cool stuff on them if the seller didn't wipe them. One day, a guy bought a usb, plugged it in and found just a shitload of classified documents that definitely didn't belong on some random USB at a street market in Iraq. Boom, no more USBs on government computers.
hey, can i please ask something? i just ordered the rubber ducky usb, can the rubber ducky do the same thing what they did with the bash bunny? ( stealing files)so yeah, what payload is it? (for educational purposes ofc ;))
Tell a friend, gee golly!
Imagine being able to do a card miracle no matter where you are! Even if someone stops you while you're swimming in the middle of the ocean and hands you an oddly dry deck of cards and demands you perform the most amazing trick they've ever seen, you'll be ready…with the Revelation Wristband!
We’re giving away a Revelation Wristband to three lucky winners of our weekly free giveaway at gimme.scamstuff.com (no purchase necessary, giveaway ends 1/3/2019)
Congrats to the winners of last week’s Arson Watch: Kinnunen Nenna, Tyler Enlow, and Phillip Sessomseek (we will contact you via email within the next two weeks)
Hey, I remember you guys from "Hacking the System" on Netflix! Too bad Netflix took it down :( really want to re-watch the series...
I met u guys at DEFCON 26 and I met Shanon! I have a pic with u guys and one with Shanon!
also... dont leave a WinSCP shortcut on the desktop with a hardcoded username (hakw6f) to an FTP server for everyone to see. lolololol ;p
hey, can i please ask something? i just ordered the rubber ducky usb, can the rubber ducky do the same thing what you guys did with the bash bunny?(stealing files) so yeah, what payload is it? (for educational purposes ofc ;))
Should have rick rolled them endlessly
“Calculator wants to make and manage phone calls”
lol
Alexa wants to know your location
I hate when people dont realize that certain games need to see your storage to make a save file
@@leomadero562 what? a game needs access to the data for the game!!?? this is madness!
Calvulator wants access to nuclear launch codes
This is why you always plug found usbs into computers at an apple store first...
Lmao
I will be famous !! You can’t hurt the computers there anyways. They all get reset in the morning.
"You can’t hurt the computers there anyways"
USB killer wants a word with you
And this is why you don't plug anything of yours into computers at stores
Standby for bulk USB drives being shipped to apple stores near you. All ready for you to try them out on 2000$ shit storms.
0:10 open inspect element
H A C K E R M A N
Opened up the C: drive on my college computer, which is hidden and locked.
I do that all the time my guy
ran the tracert command on a campus computer
i did 1.1.1.1 and googles DNS server 8.8.8.8
(tracert command tells you all the IP addresses in between you and any DNS server you ask)
Hackerman
All that’s missing is a big green progress bar that says “Stealing Files x%”
Jason I haven’t paid taxes in 5 years.
*”cIA wANtS tO knOw YoUr LocaTiOn”*
CIA: this is the last straw Murphy.
CIA doesn't give a shit if you pay taxes. The IRS on the other hand...
Kevin Juarez Jason is a camgirl confirmed.
BombbieGoBoomBoom I said that because they do some stuff that could be used for illegal stuff
But shhhhhhhhhhhhhhhhhhhh🤫🤫🤫🤫🤫🤫🤫🤫🤫
"this is a joke not a confession" sure, sure...
This is why you never plug in a USB drive without knowing where it comes from
@@bayu901 Hm, you have a suspicious 1 like yourself there..
plug one into your phone because you can't run pc programs on a phone lol
Why. Are. You. Every. Where.
@@sanda5587 Please tell me you liked the guys comment just to shift the blame.
O heck I am early.
@ Brandt I _LOVE_ what you've started doing with the little pie chart thing that shows you how much time is left to read the text on screen. THANK YOU!
Agreed!
I'm glad it's proving useful!
Other manifesto points not said aloud:
"All guests are smarter than us (duh.)
Pineapple does not belong pizza.
Brandt is right about everything except pizza.
Science Man (under the influence of changeling spores) is working for TMZ-Cobra
Ch-ILD makes delicious gelatin and you should have no hesitations eating it.
Jason is dumb for only recently finally watching Akira.
No, but seriously: Genji has made the game LITERALLY UNPLAYABLE.
Wanna play hearthstone?"
A strong platform. I'd vote for them!
you're wrong about the pineapple thing, but okay
I'll play hearthstone with you
Let's play competitive minesweeper
@@cameronr7821 well that's better than hearthstone, at least there's less RNG
Omg I got a heart from the MR crew? That's one more strike off the bucket list, thought I'd have to take Jason's by force...
Definitely my favorite kind of MR episode. Love all the hacking stuff. I feel like it's become taboo with the rise of the internet. But understanding how these things work is the best way to protect yourself.
True.
Thanks, man!
@@ModernRogue :O
"If you want to catch the bad guys, you need to think like the bad guys."
True I guess.
But then plugging some random usb drive into your laptop is like eating from a garbage can. It should be obvious that it's bad.
They clearly have no idea how many files I keep in my folders, it would take forever to copy everything
Lorenzo Leonardini right? I have over 100gb of music and books, PDF, and a rediculous amount of files that take up space for no reason. And nothings in the right spot lol
That is why you export by file type and size
Especially with AUTOCAD, the files are HUGE and I have a TON of them. You need at least 5 minutes.
Mr Leonardini, why do you have 12 TB of hentai on you laptop device?
To confuse the hackers your honor, I swear.
Interesting fact! The US used this method to delay Iran's (I believe it was Iran, I'm too lazy to research it) nuclear project. But instead of stealing data, they -overclocked Iran's machines-
Edit: "The US shut down some industrial sensor applications that were supposed to keep track of these centrifuges that they were using, and then pushed those out of sync, causing them to shake themselves apart like overamped energizer bunnies." -Thanks to Emil Hallgren for correcting me
The malware they used (as I recall) had some crazy levels of next gen BS going. That is, in addition to just being hand delivered it had the ability to spread between seemingly isolated systems and a whole suite of sandbox detecting stuff, not to mention collateral damage limitation.
It did not overclock their machines, it shut down some industrial sensor applications that were supposed to keep track of these centrifuges that they were using, and then pushed those out of sync, causing them to shake themselves apart like overamped energizer bunnies.
You're talking about Stuxnet, which is worth reading up on.
Stuxnet; A beautiful thing.
Stuxnet Malware with Israels help.. OP
As a fellow IT professional I love watching people react to the simplicity of modern hacking.
Thank you, Modern Rogue, for having the world's most impeccable timing. I'm writing a novel where hacking is involved, and I was just getting the point where I was thinking that I need to look this shit up, see if this is an actual thing that can happen. Then you guys post this, the exact thing I would've been looking for.
Nice!
I love this show please never stop making it!
Damn can’t wait for modern rogue hq to be completed
Same!
"I haven't paid taxes in like... 5 years"
IRS be like Are you a citizen of the United states lol
Good.
Good all taxation is theft
Tax Evasion OP
@@jordanbosley142 Yeah cause taxes dont pay for police, roads, fire services, etc.
"Hey let's leave some secret stuff for her to find." Meanwhile, She copied both machines when she walked in the room
"Hey can i borrow your computer for a second, i just gotta put my name on my thesis paper, I have it on this flash drive."
Hey guys, been a fan from the start, you're content is amazing! Hope everything continues smooth. I love the idea of a daily article that you did on site. I think it would be good to have it as an app for mobile devices, so you could get notified when it has new content. Love the work, keep it up!
All they are going to find is 2TB of.....
B I G C H U N G U S
Chungus is gay
I want to F U C K C H U N G U S
No u
B I G C H U N G U S is 1EB my friend
I don't get this meme.
Me as a student in the IT field hears, "SMB Exfiltrate."
My reaction: "Oh, God!."
5:17 Brian's child like excitement made me bust out laughing. He's truly a kid in a candy/toy store.
What I learned today:
DON'T TRUST RANDOM FLASH DRIVES
...Without running a live session of a system like TinyCore Linux, anyway. And with using _only_ your guest SSID which is probably password protected (right right?), and maybe, just don't mount any phhysical drives on the system or disconnect them completely.
@@bluephreakr This is basically the simultaneously more advanced and less directly threatening version of the tech though. I mean, it's an offensive tool used for physical access stuff, not really something you'd leave on the ground and hope someone picks it up unless you really had to.
That is to say, it's a keyboard/ethernet adapter that you can record macros to.
"Wireless mouse needs GPS location access."
What I suggest is during group project, have everyone make their own pptx and docx in your thumbdrive. So they won't suspect a thing.
So when you use their computer/laptop, you can plug it in like normal but steal their files.
Hiding in plain sight
Rubber Ducky's are 45 quid. If you want a cheap one buy a malduino from maltronics. Or you could get a compatible flash drive(Toshiba transformer) and reprogram the microcontroller.
^^^
what the hell is a quid
@@sirman8886 It means pound.
@@benpayne5045 those usb do not weigh 45 pounds
@@sirman8886 English currency.
Sky screaming Jason. I WANT SKY SCREAMING JASON!
So now I can steal people’s memes in less than a minute with only one USB drive? I am going to have a lot of fun with this.
1:36 wow lol...
Jason: "..someone sees a USB drive or a stray SD card and they just think _let's see what's on there_ ..and it's just- the human vulnerability.."
** seconds later **
Shannon: "..and they want to help people- the first thing you think when you see something's that's lost- *unless you're a terrible person,* is _oh I should help them."_
Jason: "Yeah _totally- that's actua-_ that's what I think all the time, _yeah.."_
And Brian laughs at the obvious 180 😂
I found someones business debit and credit cards in my driveway, and along the road in front of my house one day, while checking the mail. My first thought was "I wonder how close this company is?", and searched it. Turns out, theyre 1 town away, so I called, told the nice old lady who answered I found so and so's cards in my yard, do they want them, or should I destroy em? They were her husbands, who had JUST lost his wallet earlier in the day somewhere between them, and me, and with a little more sleuthing, I found his DL, and a bunch of other stuff of his scattered down the road, but no wallet.
The wallet was an heirloom snakeskin her dad had made from a snake he killed, and gave to her husband before he passed, so thats all they wanted to find-but I at least gave him peace of mind, and a starting place to search for it. We're super rural, so odds are it could have been dragged down the road slowly, throwing all his cards out down the road-or even stolen, and tossed out the window 1 by 1
guys will you be doing more of like build style videos?
Asking for a friend: Would encrypting your files be enough to thwart the average coffee shop hacker?
Well, I guess they'd have to crack your password.
I need the "Why?! You fool!” as an uploadable short clip xD
I got the book 100 deadly skills for Christmas are you guys aware there is a second book called 100 deadly skills survival edition some of the skills are recycled but it's still a good book
@TecTom2003 yup
@TecTom2003 yeah they are I only just got them but I've known about it because of previous videos and have wanted it for a while
@TecTom2003 oh for sure there's some stuff that I already new but a great book
@TecTom2003 oh shit really I had a look at that. How often and for how long do you do it?
She’s wearing a Zelda shirt
“Respec”
Triforce.
Credits to Pepper Potts for pioneering this tech back in 08
I love seeing the migration of this channel since the beginning till now.
Scam school is part of the reason I have a mindset that got me into cybersecurity. Keep up the good work guys!!
Memorizes somebody elses number
*h a c k e r m a n*
I'd love to have a shirt that says "Modern Rogue: A bunch of Doofuses"
7:39 "this is a joke, not a confession"
1:54
Murphy: "I-...I'm a terrible person?!?!?"
U guys should totally do an episode on DDosing and attacks that don’t require like physical access
Snubs!!! You so freaking awesome, love that you still seems excited about this after doing this so long, great collab guys, this episode great way show poeple about computer security and maybe get poeple into this and beware
One time at work we found an external hard drive and we decided to see if we can find any name on it to identify the person. It ended up being 150 gigs of hentai with no name attached what so ever.
Oh yeah, I am gonna need that back...
10:58 jokes on them, my download folder is like 40 GB
Mine is 90GB
100GB
Mine is full of porn. I'm glad to share I guess
@@benrosenberg3489 who downloads porn in 21st century
@@prakharmishra3000 it's called a joke... You're a real fun one, aren't you?
Brian's laughter is so infectious.
I found USB drive earlier this year in my college library. Being someone who stores everything on one, I had two thoughts going though my head. If there is nothing important on this drive, it's mine I'm keeping it ( it was 64 gb). But if I found homework or papers on it with a name, I would try and return it before clearing it. I found a name and she wasn't that far off from my department. So I messaged her on FB and heard from her the next day. She came a found the studio class I was in to get it. She was really happy because she had a large thesis paper that she had been working on stored on it and no other copy.
I work for a defence company, this is why we have USB device whitelisting...
What is that?
But then the rubber ducky strikes
Blacklist- here are all the things you can't use.
Whitelist- here are the only things you can use.
I feel like he shouldn't be outing himself as a defense contractor on UA-cam either.
@@megatroymega My company is on social media so I'm not sure what the problem is really.
@@jamesmason4275 Yeah we're limited to a handful of USB memory stick, network interface cards, peripherals, etc. I do have a Raspberry Pi that acts as a keyboard so that'd be fun to try...
I feel like themodernrogue.com was created just yesterday. Time goes way too fast around you and your creations and I think that shows how great of entertainers you are
11:54 OMG can't... stop... laughing.
It still surprises me how this channel hasn’t hit even a million subs, just for the quality you would expect like 5 mil
7:39
"I haven't payed taxes in like 10 years."
*FBI OPEN UP!*
Edit:*5 years.
All the secrets of the Modern Rogue are unveiled.
I want a gif of jason yelling "YOU FOOL"
video: usb rubber ducky
thumbnail: bash bunny
I am a new viewer and I just wanted to say you guys are a bunch of nerds!
I love it.
This is why you
a.) Never plug in a mysterious USB drive
b.) Use a slightly more secure operating system like Linux with a hardened kernel
c.) Use software designed to mitigate these attacks, e.g. USBGuard (which uses the kernel's built-in ability to block access to unknown USB devices)
d.) Don't leave your laptop open and unlocked in a public area
linux is for robots and servers
ive never once had an enjoyable direct user experience with it
Regarding b: Why bother with hardening the kernel? Use a computer that doesn't do anything important and log out of all sessions, then play around on a guest account to verify that it's not an HID (it could still be on a timer though). And to be on the safe side, sudo can be configured to let certain users only run VERY SPECIFIC commands as root, eg. let user "guest" run "fdisk /dev/sdb" and "lshw" (without any other options and arguments) as root.
And hope that it doesn't compile some code and execute a Rowhammer, Spectre or Meltdown or any other hardware or kernel bug. But I don't think these are as common as simple straight forward attacks.
"this is a joke, not a confession" LOL
Great video, also nice smash reference in the description :)
the pro way to steal memes
"Pineapple does not belong pizza" FTW
So this is the USB Futaba gave Makoto..
Hey Modern Rogue, you guys have done card throwing before. And I really enjoyed it. But you need to make a second one, throwing razor blades. You know the type that you brake in half and put in a straight razor. Anyways maybe think on it?
But you need a dramatic countdown for how long it'll take!!! What's going to create the suspense of "Oh My Gosh! I hope he doesn't walk around to see the screen! Is it done! Hurry Hurry!"
Welcome to the new company, The Mottern Rogestation.
I have an isolated BSD system every USB gets checked out on.
I would imagine the worst case scenario for this is someone plugging it into a platform it wasnt programed to infiltrate. It calls for a command that isnt supported and the computer returns an error of some kind that tips off the person you were trying to hack. On the other hand if the solution is to put multiple attackers on the drive how do you ensure that only the right one goes off?
Gotta love the Questionably Legal Rogue
I once used F12 to change a try guys video title from "try guys try driving while sleep deprived" to "try guys try heroin" with the thumbnail being them standing in an empty 'parking lot' and showed it to my girlfriend
I remember a years back I picked up a stray usb stick, found some really weird and kinda disturbing pictures on it... Never again
Stay smart, Stay safe.
More details please
SD card is plain storage, nothing happens if you plug it in (assuming it is clean or you have AV or auto-run disabled).
0:02 The dude with glasses fell asleep in the tanning bed ..
Good vid thou.
LOVE the sailor moon background.❤️
I have a very sophisticated device on my keys called a USB drive that can steal files from an unlocked computer at a coffee shop too. Poor example of what a rubber ducky can do.
I also love the classic hacker example of 'stranger leaves laptop in public unattended for 5 mins, what a chump!'. People don't do that in public spaces.
Yes, this came true!!! I was waiting for more videos like this, love this channel
I love hak5, really cool that you guys collab!
One time I downloaded Minecraft for free. The bogies still haven’t found me living the high life
I'm actually shocked HAK5 is still around.
Man I did their FON router ninja pineapple project years ago
Now can we get them to have a sponsor for something to protect us from these attacks, not just these USB drive attacks but malicious software attacks, cause after this video I really don't feel safe anymore. It's really gotten me paranoid.
Dude with the beard looks like Dale from Step Brothers, Gordon Ramsay and Faze Kay all in one
Oh, hello! Sounds like you’re new here and don’t know who I am: ua-cam.com/video/6TaH3KAK6dY/v-deo.html
Welcome aboard!
i like the random button and the forum options for the website
So assuming I do find a random storage device somewhere, is there a safe way to see what is on it?
Grey Hulk, Mr Fixit, You're damned right!
Right??
10:56 "That's all it would take to steal all the files in your download directory"
You haven't seen my download directory. I've got crap in there from two years ago.
Today I learned that Rubber ducky isnt just the thing you waterboard when your code doesn't work.
"This is a joke, not a confession" Thats what you want us to think.
Shhhhhh
Subs over dubs: i like you guys even more now
Love to see snubs on the show as a big hak5 fan!
If I already didn't join the 'not a cult', Grey Hulk over Green Hulk would have won me over.
Mr. fixit FTW
My favorite script that I have is the rubber ducky script that goes to a fake windows update and automatically full-screens.
Go to best buy, plug it into every computer, and bam
0:10 went into inspect element and made it so that whenever they click on a specific thing in a website it takes them to, well, lets just say the most famous adult website.
So, aside from not plugging in a random USB drive, is there any other way to defend against this dark art? Is there a way to plug in a USB, but in a quarantined space? Where the code runs in a dummy area?
You could plug it into an an air-gapped system (no, a VM isn't necessarily sufficient), but even then, it could be a port-killer which would kill that system.
Cheap unimportant computer.
Plug it into an air gapped raspberry pi. That means that you have a raspberry pi that is not connected to the internet, so that if it's infected, there's nowhere for it to spread.
Go to an Apple store. Laptops.
12:52 Gray hulk was pretty good, but I don't think Ferigno ever played anything but green, so there's that. I used to think that pineapple doesn't go on pizza, but having tried it I changed my mind (I don't get it frequently, only in Chicago, which I visit once every few years). Castlevania 2 was pretty cool, and a lot of fun, but I also liked 3, the pirate, Grant Danasty, was so much fun to play. Jason, you only just watched Akira?! (To be honest, I didn't watch it until college, but still that was like 14 years ago.) I generally prefer subs over dubs, though some subs aren't too bad. ...I think I need a manifesto now.
Also, I definitely would have looked to see if Ricardo Montalban had come into the room (he's Khan, for goodness' sake).
if I find a stray flash drive on the ground my first instinct is to use a second computer to check it then if it is real well its my flash drive now
All I can think about is that pipe running through the studs by the window.
it's one of the reasons you can't use USB on any secure information systems, e.g. DoD computers. In Iraq & Afghanistan, there would be stalls on the streets just selling USB drives, right? Nothing suspicious and pretty convenient, most people thought. Buy a usb for a few bucks, sure they might be stolen, but it's too good a deal to pass up. Plus you might find some cool stuff on them if the seller didn't wipe them. One day, a guy bought a usb, plugged it in and found just a shitload of classified documents that definitely didn't belong on some random USB at a street market in Iraq. Boom, no more USBs on government computers.
Corbin Hunt Whoa. Never thought of that. Fascinating.
hey, can i please ask something? i just ordered the rubber ducky usb, can the rubber ducky do the same thing what they did with the bash bunny? ( stealing files)so yeah, what payload is it? (for educational purposes ofc ;))
The best way to secure you computer is to pee on it. Nobody will want to touch it
Now, you see, this shit right here is why I still haven't plugged in the flash drive I got out of my Houdini Puzzle Box.
Great video guys, you still amaze me!