Basically…
1) turn off a PC / laptop.
2) plug this plain looking lightning cable in
3) turn on PC / laptop
4) rather than boot up as normal it will boot from cable (if USB boot enabled)
5) prompts for a web URL
6) you enter a specific URL
7) PC / laptop boots an OS from the URL, boots a shell into RAM only
8) You now have an OS shell running on the PC / laptop in RAM (volatile), it doesn’t touch the disc and it loads all this from an OS image that you do not even possess.
Why bother?
This leaves no trace of your session on the host, no logs, the host never even booted.
The only trace that a session happened is on the rooter logs where the host machine IP will appear, but it always appears there so doesn’t look odd.
If you are caught with the hardware, it just looks like a charger and not a flash drive it’s overlooked, if someone does trys plugging it into a machine anyway, it has no data on it, no credentials, no applications, no operating system.
Just a boot.ini package that boots to an iPXE prompt.
My plan is to see if I can squeeze a mag switch into the connector so that I can wire it as a cable and then use magnet (in the lighting end) to switch it to the hidden flash.
It’s just a fun little project.