Its a full Debian computer: - Quad Core cpu @1.6GHz - 8GB SSD Storage - (ram not mentioned but in the video he is seen running top on it and says KiB mem 508264 total ) - Serial shell access
Has a Male USB port that once connected to a victim computer, can emulate two different types of Ethernet adapters at 2Gbps. The device then runs a dhcp server that the victim computer will then associate with, then the attack vectors are endless.
It ALSO can type like a Rubber Ducky at the same time the Ethernet adapter is active.
The amount of things you can do with this is starting to hurt my head.
Wow, looks pretty interesting. You could even make one out of a Raspberry Pi Zero. Also the new wireless version was just released two days ago. I know it's not as powerful as this think but you can equip it with a lot more storage.
Right, you could make this from a RPi and add more storage. But how much storage do you really need for an attack that is supposed to be quick? You don't have time to transfer large files in a pen-test unless you had unfettered access. Most of what you'd be transferring with something like this would be SAM databases, small executables and maybe stored browser passwords.
You could make the attack more versatile, which means larger files that need to make the attack working. You're right about the small file transfer overall.
From what I've seen playing with Lumension, I think it could be setup to protect against this, but not sure. Wish my work had the budget to let us get things like this and test- they just worry about compliance...