Re: USB delivered attacks
From: H D Moore (sflist_at_digitaloffense.net)
Date: 06/02/04
- Previous message: Erwin van der Zwan: "XML firewall/gateway needed"
- Maybe in reply to: Balaji Prasad: "Re: USB delivered attacks"
- Next in thread: PID4x: "Re: USB delivered attacks"
- Reply: PID4x: "Re: USB delivered attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: pen-test@securityfocus.com Date: Tue, 1 Jun 2004 18:39:28 -0500
Some friends and I looked into this a while back as a way to bypass the
security of kiosk machines. We discovered that Windows 2000 (and possibly
XP as well) will not execute AutoRun scripts on USB or other "removable
storage" media types. Even though there is a registry key that can be
changed that "enables" AutoRun, it does not work.
"Autoplay is triggered by a Media Change Notification (MCN) message from
the CD-ROM driver. If the Windows 2000 interface does not receive this
message, Autoplay does not operate, regardless of the value of this"
http://www.tburke.net/info/regentry/topics/91525.htm
http://www.tburke.net/info/regentry/topics/30300.htm
-HD
On Thursday 27 May 2004 21:06, Jerry Shenk wrote:
> I recently inserted some guy's USB drive into a machine and was a but
> surprised when it went into an auto-run sequence. I think turning off
> auto-run is a REALLY good idea. On a USB drive, it seems like it could
- Previous message: Erwin van der Zwan: "XML firewall/gateway needed"
- Maybe in reply to: Balaji Prasad: "Re: USB delivered attacks"
- Next in thread: PID4x: "Re: USB delivered attacks"
- Reply: PID4x: "Re: USB delivered attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
