You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi there, first of all nice project, i didnt find another way to contact you so i'll post something here.
Have you ever thought about adding something like a pattern recognition ? After working with the rubber ducky for quite some time i came up with the thought that some smart attacker, who knows about this tool, might work very efficitiently with the delay method of the ducky script language and by pass your prevention. My suggestion is to check for odd occurences in the keystrokespeed list like: a suspicous amount of the same entry (e.g. 5x 200ms?) or for entrys which are most likely not possible to happen more often like (..50ms,..20ms, ..00ms)
I dont know if it makes sense, but if an attackers knows about your tool this could be a possible vulnerability. Pls tell me what you think about this.
Best regards, Colin
The text was updated successfully, but these errors were encountered:
Hi there, first of all nice project, i didnt find another way to contact you so i'll post something here.
Have you ever thought about adding something like a pattern recognition ? After working with the rubber ducky for quite some time i came up with the thought that some smart attacker, who knows about this tool, might work very efficitiently with the delay method of the ducky script language and by pass your prevention. My suggestion is to check for odd occurences in the keystrokespeed list like: a suspicous amount of the same entry (e.g. 5x 200ms?) or for entrys which are most likely not possible to happen more often like (..50ms,..20ms, ..00ms)
I dont know if it makes sense, but if an attackers knows about your tool this could be a possible vulnerability. Pls tell me what you think about this.
Best regards, Colin
The text was updated successfully, but these errors were encountered: