RubberNugget
Search…
What is the RubberNugget?
Guides
Update Your RubberNugget with Chrome Browser
Update Your RubberNugget with ESPtool
Writing Your First Payload
Loading Payloads on the Nugget
Fundamentals
Wi-Fi Interface
Live Control
Set up CircuitPython
Set up Arduino
Advanced Projects
Wi-Fi Sniffing
SSDP Phishing
Damn Vulnerable Nugget
Use Cases
For Designers
For Developers
For Support
Powered By GitBook
SSDP Phishing
Pose as network devices to phish Windows users
Warning: This will erase your current RubberNugget installation, and you'll need to update your RubberNugget again before using it as a USB attack platform
The RubberNugget receiving phished credentials via Simple Service Discovery Protocol
The RubberNugget can be flashed to act as a SSDP (Simple Service Discovery Protocol) device, connecting to a Wi-Fi network appearing to nearby Windows users as a network-attached drive.
This attack can be used to redirect users to phishing pages when they click on the drive. We created a demo you can find here: https://github.com/HakCat-Tech/Nugget-SSDP-Phisher/raw/main/img/Nugget-SSDP.png
You can check out the guide below to try the attack yourself:
Advanced Projects - Previous
Wi-Fi Sniffing
Next - Advanced Projects
Damn Vulnerable Nugget
Last modified 1mo ago
Copy link