Leaking Network Devices with Rubber Ducky Attack

Zeynep Rana Donmez; Şeyma Atmaca; Yıldıray YALMAN

doi:10.38088/jise.1490148

Journal of Innovative Science and Engineering (Dec 2024)

Leaking Network Devices with Rubber Ducky Attack

Zeynep Rana Donmez,
Şeyma Atmaca,
Yıldıray YALMAN

Affiliations

Zeynep Rana Donmez: ORCiD; Bursa Technical University
Şeyma Atmaca: ORCiD; Bursa Technical University
Yıldıray YALMAN: ORCiD; PIRI REIS UNIVERSITY

DOI: https://doi.org/10.38088/jise.1490148
Journal volume & issue: Vol. 8, no. 2
pp. 199 – 212

Abstract

Read online

Social engineering is a psychological attack targeting individuals' vulnerabilities, often aimed at employees of targeted organizations. Unlike traditional electronic attacks, it relies on manipulating individuals to run malware-infected devices or share sensitive information willingly. This study uses the Arduino Digispark Attiny85 module to demonstrate the potential consequences of social engineering attacks on network devices. By placing the module in a device connected to the target network, a network scan was performed to determine the security status, IP addresses, port information, and version information of all devices. During the experimental studies, it was observed that the most suitable port was the FTP port, and the attack was carried out via msfconsole on the FTP port. Unlike similar studies that focus on a single device, our approach allows simultaneous infiltration of multiple devices within the network, obtaining control over multiple authorized devices, highlighting the significant advantage of our method.

Published in Journal of Innovative Science and Engineering

ISSN: 2602-4217 (Online)
Publisher: Bursa Technical University
Country of publisher: Türkiye
LCC subjects: Technology: Engineering (General). Civil engineering (General)
Website: http://jise.btu.edu.tr/en

About the journal

Abstract

Keywords