Abstract: Ethical Hacking has matured into a widely accepted and necessary part of the cybersecurity world. Actively probing and testing the defenses of a network or business system is essential to maintaining CIA benchmarks of Confidentiality, Integrity, and Availability. Penetration testing has evolved into a special subset of the industry. Companies and organization of all sizes and across a range of industries rely on Pen testers to proactively identify weakness in cyber-defenses before a real attack effects real damage. One of the primary objectives of penetration testers is the creation of a remotes access shell into a system. A common method of achieving this is through the use of “rubber ducky” USB devices that when inserted into computing services activate an active session from inside a network to allow remote access to the pen tester. This teaching case provides background and instructions on incorporating a proof-of-concept rubber ducky build into an undergraduate cybersecurity course.
Download this article: CPPJ - V1 N1 Page 40.pdf
Recommended Citation: Serapiglia, A., (2022). Rubber Duckies in the Wild: Proof of concept lab for USB pen testing tool. Cybersecurity Pedagogy and Practice Journal1(1) pp 40-43. http://CPPJ.org/2022-1/ ISSN#: 2832-1006. A preliminary version appears in The Proceedings of EDSIGCON 2021