There are a ton of different payloads that can be run on these, for everything from simple keylogging, to root access, to network backdoors. I’ve only recently gotten into pentesting but with something like this there’s no real limit to the damage that could be done with only a few seconds of physical access.
Honestly, as a Systems/DevOps engineer it’s always been well know that if you have physical access, you have zero chance of security. Sure it might take more time if precautions were followed, but you will be owned eventually, that’s guaranteed.
This is one of our most frustrating fights I have with our security design reviewers. Effectively functionless mitigations that create extra obstacles for our service reps to deal with during troubleshooting. One example is our equipment is installed in access restricted areas, in a locked rack. We don’t need to disable unused Ethernet ports on our networking equipment that exists in a locked cabinet and it will take away our ability to repatch equipment to a different switch in the system to assist in troubleshooting.
That is amazing. The x-ray of it is kind of scary, honestly. That little chip could be all it would take to get into an air-gapped machine.
Could?
There are a ton of different payloads that can be run on these, for everything from simple keylogging, to root access, to network backdoors. I’ve only recently gotten into pentesting but with something like this there’s no real limit to the damage that could be done with only a few seconds of physical access.
Honestly, as a Systems/DevOps engineer it’s always been well know that if you have physical access, you have zero chance of security. Sure it might take more time if precautions were followed, but you will be owned eventually, that’s guaranteed.
This is one of our most frustrating fights I have with our security design reviewers. Effectively functionless mitigations that create extra obstacles for our service reps to deal with during troubleshooting. One example is our equipment is installed in access restricted areas, in a locked rack. We don’t need to disable unused Ethernet ports on our networking equipment that exists in a locked cabinet and it will take away our ability to repatch equipment to a different switch in the system to assist in troubleshooting.
Let me guess, they do allow ai traffic from everyone and their mum for the sake of uhh… innovation?
That is gnarly!
https://hackaday.com/tag/badusb/