OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: USB delivered attacks

From: Gadi Evron (gelinuxbox.org)
Date: Tue Jun 01 2004 - 12:22:12 CDT


> In order to put some 'practice' on this attack, I ve been trying this night
> to effectively use autorun mechanisms and see what could be possible.
>
> After reading the MSDN specs about autorun.inf file creation, I added
> an autorun.inf into my USB device along with a little batch script whose
> purpose was to copy the 'SAM' table and copy of the 'SET' command
> result into a specific folder on the usb device.
>
> Nothing happens... Even after being sure auto-run is enabled. Something
> should be missing... are there specific operating systems that disable
> auto-run by default ? (I am using windows 2000)
>
> However, burning the batch + autorun file onto a cd-rom and inserting
> it into the tray makes the auto-run sequence loading...
>
> So 2-cents question: which os'es do really use USB devices auto-run
> and on which USB devices does it work ? (not a usb hard-disk key it
> seems)...

USB devices install a driver, nothing to do with autorun.inf that I know
of.. You mis-understood.

As your test suggested, it does work when using a CD.
:)

        Gadi.

--
Email: gelinuxbox.org. Work: gadiecbs.gov.il. Backup: gewarp.mx.dk.
Phone: +972-50-428610 (Cell).

PGP key for attachments: http://vapid.reprehensible.net/~ge/Gadi_Evron.asc
ID: 0xD9216A06 FP: 5BB0 D3E2 D3C1 19B7 2104 C0D0 A7B3 1CF7 D921 6A06
GPG key for encrypted email:
http://vapid.reprehensible.net/~ge/Gadi_Evron_Emails.asc
ID: 0x06C7D450 FP: 3B88 845A DF1F 4062 E5BA 569A A87E 8DB7 06C7 D450