Re: [Full-Disclosure] USB risks - working autorun example (fwd from pen-test)
- From: Nick FitzGerald <nick@xxxxxxxxxxxxxxxxxxx>
- Date: Wed, 22 Mar 2006 10:38:45 +1200
Pego, Victor wrote:
I need to figure out how to autorun a file on a USB flash pen drive.
My limited understanding of how this works is that either you have to
change the default configuration of the target machine(s) so they will
autorun removable drives (that's simply a registry tweak in Windows,
but may require driver changes in other OSes??) OR you need a USB
device that "lies" about its device type.
... but there are companies who sell the pen
drives with autorun software or something, they promote it. ...
I believe that these devices work through the latter method. That is,
although they are "physically" USB pen drives, they tell the USB
interface that they are CD drives. As most modern machines autorun CDs
by default, these devices can carry autorunnable code.
Regards,
Nick FitzGerald
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- Re: [Full-Disclosure] USB risks - working autorun example (fwd from pen-test)
- From: Michael Holstein
- Re: [Full-Disclosure] USB risks - working autorun example (fwd from pen-test)
- References:
- [Full-Disclosure] USB risks - working autorun example (fwd from pen-test)
- From: Pego, Victor
- [Full-Disclosure] USB risks - working autorun example (fwd from pen-test)
- Prev by Date: Re: [Full-disclosure] Re: Noise on the list
- Next by Date: Re: [Full-disclosure] Re: Noise on the list
- Previous by thread: Re: [Full-Disclosure] USB risks - working autorun example (fwd from pen-test)
- Next by thread: Re: [Full-Disclosure] USB risks - working autorun example (fwd from pen-test)
- Index(es):
Relevant Pages
|
