USBdriveby (http://samy.pl/usbdriveby) is a device you stylishly wear around your neck which can quickly and covertly install a backdoor and override DNS settings on any unlocked machine via USB in a matter of seconds. It does this by emulating a keyboard and mouse, blindly typing things, flailing the mouse pointer around and weaponizing mouse clicks.
A version for Windows and OS X is available on github.
It also evades several security measures in OS X, including hacking the accessibility settings, window positioning, overriding network settings, and disabling portions of the Little Snitch firewall.
By Samy Kamkar
Want to attack *locked* or password protected computers? Then check out PoisonTap: https://youtu.be/Aatp5gCskvk
Subscribe to my channel for more Applied Hacking videos: https://www.youtube.com/subscription_center?add_user=s4myk
Follow me on Twitter: https://twitter.com/samykamkar
More USBdriveby details: http://samy.pl/usbdriveby
Also check out BadUSB: https://srlabs.de/badusb/
Music by Epoch Rises: http://soundcloud.com/epochrises
aka USB Driveby / USB Drive By
A Windows version is available on the Github linked from https://samy.pl/usbdriveby/
Another user posted an alternate version for Windows: https://youtu.be/FfRhKzbgmeU
FOR LINUX: You can simply open a terminal, add a new directory to the beginning of $PATH, install a malicious “sudo” in that user-owned path that siphons credentials and performs the same attacks and more (and still send the sudo password to the real sudo to prevent the user from noticing.)
DETECTING OPERATING SYSTEM: You can detect OS by the unique way each OS communicates with the USB device.
WHY NOT RUBBER DUCKY?
Rubber Ducky is an awesome tool but lacks the HID mouse emulation required to pull off the mouse-based DNS attack we perform here! Additionally, this is half the price!