USBdriveby ( is a device you stylishly wear around your neck which can quickly and covertly install a backdoor and override DNS settings on any unlocked machine via USB in a matter of seconds. It does this by emulating a keyboard and mouse, blindly typing things, flailing the mouse pointer around and weaponizing mouse clicks.\r<br>\r<br>A version for Windows and OS X is available on github.\r<br>\r<br>It also evades several security measures in OS X, including hacking the accessibility settings, window positioning, overriding network settings, and disabling portions of the Little Snitch firewall.\r<br>\r<br>By Samy Kamkar\r<br>\r<br>Want to attack *locked* or password protected computers? Then check out PoisonTap: \r<br>\r<br>Subscribe to my channel for more Applied Hacking videos: \r<br>Follow me on Twitter: \r<br>\r<br>More USBdriveby details: \r<br>Also check out BadUSB: \r<br>\r<br>Music by Epoch Rises: \r<br>aka USB Driveby / USB Drive By\r<br>\r<br>WINDOWS VERSION\r<br>A Windows version is available on the Github linked from \r<br>\r<br>Another user posted an alternate version for Windows: \r<br>\r<br>FOR LINUX: You can simply open a terminal, add a new directory to the beginning of $PATH, install a malicious sudo in that user-owned path that siphons credentials and performs the same attacks and more (and still send the sudo password to the real sudo to prevent the user from noticing.)\r<br>\r<br>DETECTING OPERATING SYSTEM: You can detect OS by the unique way each OS communicates with the USB device.\r<br>\r<br>WHY NOT RUBBER DUCKY?\r<br>Rubber Ducky is an awesome tool but lacks the HID mouse emulation required to pull off the mouse-based DNS attack we perform here! Additionally, this is half the price!
