In today’s interconnected digital world, the Domain Name System (DNS) plays a pivotal role in translating human-readable domain names into IP addresses. It’s the backbone of the internet, ensuring that when you type a web address into your browser, you’re directed to the right website. However, lurking in the shadows of this system is a […]
You would also get several prompts asking if you want to do this, both from Windows under UAC (by default, even if you can escalate), the Android driver, and the phone itself. It’s rarely the case now that Windows users execute privileged actions without notification, but it’s possible.
I don’t want to discourage people testing ways to compromise security for the good of everyone, but this is a well known vector and a lot of jumps have to succeed to give the attacker value.
You can cut down a lot of room for failure by just using a rubber ducky USB instead. It doesnt have to be an Android phone. Even then, there’s more than a few controls in the way.
No one pays attention to the prompts. If you’ve ever watched a standard computer user they click away a prompt as fast as it appears without even reading it.
You would also get several prompts asking if you want to do this, both from Windows under UAC (by default, even if you can escalate), the Android driver, and the phone itself. It’s rarely the case now that Windows users execute privileged actions without notification, but it’s possible.
I don’t want to discourage people testing ways to compromise security for the good of everyone, but this is a well known vector and a lot of jumps have to succeed to give the attacker value.
You can cut down a lot of room for failure by just using a rubber ducky USB instead. It doesnt have to be an Android phone. Even then, there’s more than a few controls in the way.
No one pays attention to the prompts. If you’ve ever watched a standard computer user they click away a prompt as fast as it appears without even reading it.