PaulDotCom mailing list archives
Really cool "evil maid" tool
From: Ron <ron () skullsecurity net>
Date: Sun, 23 Sep 2012 13:28:27 -0500
Hey everybody, A friend of mine (@AlexWebr) wrote a neat tool I wanted to share. It's a bootloader written in 512 bytes that emulates Windows Checkdisk and prompts the user for their password. When they type it in, it saves it to the drive and marks it as non-bootable, then reboots, so the system starts as usual. The attacker can later retrieve the evil usb stick/sdcard/etc and read the password back. The code's super tight, and he squeezed everything he could out of those 512 bytes. Totally worth checking out! Here's the link to github: https://github.com/AlexWebr/evilmaid_chkdsk And a video of the attack in action: http://ascii.io/a/1201 It works on all my machines (although I might be a bit suspicious, since I'm running Linux. :) ) Here's his Twitter: https://twitter.com/AlexWebr Ron _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Really cool "evil maid" tool Ron (Sep 23)