>The USBKill is a device that stress tests hardware. When plugged in power is taken from a USB-Port, multiplied, and discharged into the data-lines, typically disabling an unprotected device.https://usbkill.com/So, there is protection against this thing?
Don't leave your laptop unsupervised
>>102410594fpbp /thread
>>102410573oh noes the super NSA hacker known as timmy the 13 year old destroyed my USB controller. i am hacked!
>>102410625USB stands for ultra serious business
So, nobody knows how to protect against this on /g/. What a surprise...
>>102410643same way you protect against something bashing your laptop with a sledgehammer.
>>102410643epoxynot your tech support
>>102410573i don't understand. why is this marketed as a "pentesting device" when it's just a high voltage source that fries a USB port? how is that penetration?
>>102410573>usbkillI thought this was already used for usb vulnerabilitiesis this exit scam product really trying to steal the term?
>>102410696oh nevermindI was thinking of badusb
>>102410686Legal reasons. If you sell a device specifically designed to destroy USB ports you could get sued.This way they can blame the user or laptop manufacturer when it breaks a USB port.
>>102410729we live in the most niggerlicious of times...
>>102410682Nobody asked for support, dumbarse.Sometimes I forget how shitty this place (the people here) is for anything.
Put a zener diode on the data line so it dumps the charge back to negative if the voltage exceeds a threshold? Idk I'm not very smart.
>>102410625>USB controllerMore like the motherboard, Timmy
>>102410863This. Imagine being able to get away with selling IEDs by declaring them as "doorbells with audio-visual alert functionality".
>>102410729Legally wouldn't fly because clearly the intention is to destroy the port. The law and court isn't as stupid as people think. Also the product literally says "USBKill".
>>102410573That's an awful lot of kit for what you can do with a pair of scissors and a mains power cable.
>>102411322Until it gets tested in court nobody knows. But clearly they believe there's a chance it will hold up, otherwise they wouldn't do it. And I can't see any other reason for them to market it as a pentesting device.
>>102410573>>102410643iphone 15 pro max cannot be killed by this devicehttps://youtu.be/9FkEQ_IMvy0
>>102410686>why is this marketed as a "pentesting device" when it's just a high voltage source that fries a USB port? how is that penetration?I do pentesting, basically these are for the absolute dumbest of fuck clients who will protest up and down that any pentesting done was a waste of money and try to skip on the bill or say we didn't actually do anything. These devices go in the "extreme use case" situations where the USB bricks the system in a way that physically cannot be argued. Common thing to do is label these as "Payroll Data" simply over the USB KILLER label, drop a few around the parking lot outside a building, and wait to see who's laptop 'mysteriously broke'.Usually, USB pen testing to get on networked machines are done via a script that will grab machine info then send it off to an FTP server or something to show 'gotcha' but some clients are stubborn, some clients have fully air gapped environments for equipment 99% of the day and only power it online at the end of work, etc. USB Killer shows this device was 100% used and someone failed the don't plug in random shit rule.
>>102410643It's called a security camera you can switch on when you're not around.
Why isn't USB lightgapped like all the normal good standards?
Won't work, zoomers don't know what a USB stick is
>>102410573>The CPUKill is a device that stress tests hardware. When applied to a computer, it leverages newtonian dynamics to stress-test computer components. This typically disables the tested device.Is there any protection against this thing?
>>102414126> Hammer vs rock. Who would win?
>>102410643If you really want a fix, you install a fuse on the data lines. Or if you don't want to bother replacing the fuse, install a diode with a low forward voltage on the data lines along with a resistor in series after the diode. No one does this though because breaking a USB port is a stupid attack.
>>102410573Yes, you can protect against that.>Force authentication for newly connected devices before USB input is enabled>Set up custom event logs and device power monitors to check for sudden surges from USB (or other) ports or huge amount of noise spiking on a USB data input. Immediately disable the targeted port and send an alert, or do whatever seems necessary (e.g., shut down the computer, especially if it has an encrypted drive).>Just disable USB connectivity through group policy (or whatever) if you're in a Windows domain. Typical vector-oriented approach; also good for other USB-based attacks. Generally if they get ahold of the hardware itself there's not a lot of options to stop them from destroying it but any kind of software-based attack is still detectable, especially if it's this noisy; if it's detectable, it's preventable. Not sure what the point of using something like this would be anyways if you already have access to the hardware there are much simpler solutions to destroying it that can't be blocked. The use-case here would have to be social engineering someone to destroy it on your behalf, so take that into consideration as well.
>>102410573>there is protection against this thing?same as GPUs getting on fire
>>102410573Disable USB controllers on your laptop. Disable AutoRun or configure authentication to read a USB. Or better yet, get a fucking knife or bulk up and protect your shit you pussy.
>>102410573>So, there is protection against this thing?>>102410682>epoxythis thread posted 6 hours ago, the best solution is just filling your USB ports with plastic? I guess you could also get a lock box to put your computer inside of so that no port is exposed.
>>102410923not your tech support
>>102414427>ask the USB what it is before you turn on the USBwow
>>102415597Not authentication for the USB itself. Guess I should have said user authorization. Force a requirement for elevated privileges to use the USB driver, basically.
>>102414427Anon, you are over thinking things. This device all it does is discharge a high voltage pulse into the data lines of usb ports to fry the hardware. There's literally nothing it can be done at software level. The only thing it can be done to prevent much damage is to put fuses or optic couplers in the data lines of usb ports. And even after doing that, while the UsbKiller device wouldn't kill the entire host device, it would still leave the port it was connected to permanently damaged.
>>102410573i'd assume:1. diode + resistor as has been suggested2. physical switch that disables the data lines in a hidden place3. destroying the data lines in the motherboard, this will make the usb port practically useless as you can imagine4. drill holes in the port and stick a padlock in it5. drip molten plastic into the ports6. drip molten copper into the ports, this is a lot better than the plastic as it it a stronger material7. redirect the data lines into an explosive8. using a hammer, bend the area around the ports down so that it is impossible to use them without carefully bending them back into position9. stick a usb into the ports and push down the usb forcefully until it snaps - the usb residue will ensure that no usbkill can be used10. shove your computer up your ass and stream it on youtube
>>102415708Well yeah I know it'd likely destroy the port, but that's a lot better than destroying everything on the computer.
>>102410573>stress tests hardwareyou what nigger? do you even understand what those words mean?
>>102410729it's doesn't just destroy USB ports it kills the device. I've only ever seen a few devices not completely die when this thing was used.
>>102416087those last five are absolutely KEK
>>102410625angry jeet detected
>>102410573A motherboard could protect against it at least somewhat by having something like a surge protector between the data line inputs and anything else. But an attacker requires physical access to plug this thing into your USB port. You may as well ask how to protect against an attacker taking a sledgehammer to your computer.
>>102410573The usual low tech method of protecting against any malicious USB attack will work: Block physical access to the back of the PC using a locked metal cage, and internally disconnect or epoxy fill all front ports.
>>102412276That's dumb.
>>102410573Yeah.But is there protection against THIS thing?
>>102418182You're dumb.