Security Testing with Kali NetHunter by Daniel Dieterle

Author:Daniel Dieterle [Dieterle, Daniel]
Language: eng
Format: epub, azw3
Published: 2017-06-28T05:00:00+00:00

Conclusion

In this chapter, we covered turning our smartphone into a HID attack device. We saw how our phone can be configured to send any Windows based commands to the target when connected via USB by sending individual keystrokes one at a time. We also covered a more advanced attack using PowerShell and an additional attack computer. We saw how using a HID attack with PowerShell allowed us to redirect the target system to an external system and create a remote shell.

Hopefully you can see that HID attacks can be very powerful. This avenue of attack could be very useful for a red team member or pentester who is onsite and wants to connect a target system to another Kali system located outside the company. Because Anti-Virus systems don’t normally scan keyboard input for attacks, it is imperative to protect physical access to devices or disable USB ports when they are not needed. Though some AV companies will detect the Metasploit payload used in the PowerShell example, as well as some Intrusion Detection Systems. This brings home the importance of using Network Security Monitoring, you are using NSM at your company, aren’t you?

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.