GCIH · Question #621
Which of the following can be used in a USB attack to bypass authentication by hijacking the password libraries on a Windows system?
The correct answer is B. Rubber Ducky. The USB Rubber Ducky is a HID attack device that injects automated keystrokes to execute payloads capable of interacting with or replacing Windows password-related libraries on an unlocked system.
Question
Which of the following can be used in a USB attack to bypass authentication by hijacking the password libraries on a Windows system?
Options
- AInception
- BRubber Ducky
- CLan Turtle
- DKon-boot
How the community answered
(42 responses)- A2% (1)
- B88% (37)
- C2% (1)
- D7% (3)
Why each option
The USB Rubber Ducky is a HID attack device that injects automated keystrokes to execute payloads capable of interacting with or replacing Windows password-related libraries on an unlocked system.
Inception exploits DMA vulnerabilities over FireWire or Thunderbolt interfaces to directly patch Windows memory and bypass lock screens at the hardware level, and does not use USB HID injection or library-level manipulation.
The Rubber Ducky presents itself to Windows as a trusted HID keyboard, requiring no driver installation or user interaction, and immediately executes preprogrammed Ducky Script payloads that can run commands to manipulate Windows authentication DLLs or password libraries such as those accessed by LSASS. Because Windows inherently trusts keyboard input, this attack bypasses standard USB security controls and can compromise authentication mechanisms within seconds of insertion into an unlocked machine.
Lan Turtle is a USB network adapter used for covert network access, man-in-the-middle interception, and reverse shell establishment, not for bypassing local Windows authentication by manipulating password libraries.
Kon-boot patches the Windows kernel or bootloader during the startup process to bypass login authentication at the OS level, rather than hijacking password libraries through HID keystroke injection on a running system.
Concept tested: USB HID Rubber Ducky attack bypassing Windows authentication
Source: https://docs.hak5.org/usb-rubber-ducky
Topics
Community Discussion
No community discussion yet for this question.