Penetration Testing mailing list archives
RE: Autorun programs from flash drive.
From: "Morris Sgt Derek P" <derek.p.morris () usmc mil>
Date: Wed, 16 Apr 2008 10:34:58 -0700
I haven't tried this, (mostly I try to keep this from happening, but making it happen might be fun too) but maybe this article can help. http://dailycupoftech.com/usb-drive-autoruninf-tweaking/ -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Joe Klein Sent: Wednesday, April 16, 2008 10:12 To: arckeda () yahoo com; pen-test () securityfocus com Subject: RE: Autorun programs from flash drive. This is the functionality that U3 provide. Also, Microsoft's StartKey program plans on providing similar capabilities to non usb drives. http://www.everythingusb.com/microsoft-startkey-14376.html -joe -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of arckeda () yahoo com Sent: Tuesday, April 15, 2008 10:09 PM To: pen-test () securityfocus com Subject: Autorun programs from flash drive. Hello, and thanks for reading this. I am sure we are all know of the Autorun feature in Cdroms and Dvdroms, how the program just runs out of the box. I am trying to figure out how to include this functionality in flash drives. /* I have a SD card with a USB adapter to test with. */ This would allow, say, for me to quickly insert a drive into a computer, have it silently run something like Meterpreter or another backdoor program, and then have remote access to the computer, assuming Windows runs it and doesn't detect a malicious program. I understand that Windows by default will not run Autorun.inf by default on flash drives, except the U3s. But I have also heard that you can format a flash drive to look like a cdrom to Windows. This is about all I know. If you have any more information, or would know about how to go about doing this, please tell me. Thank you again. -ARCKEDA ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Attachment:
smime.p7s
Description:
Current thread:
- Autorun programs from flash drive. arckeda (Apr 16)
- RE: Autorun programs from flash drive. Erin Carroll (Apr 16)
- RE: Autorun programs from flash drive. Joe Klein (Apr 16)
- RE: Autorun programs from flash drive. Morris Sgt Derek P (Apr 16)
- Re: Autorun programs from flash drive. Shreyas Zare (Apr 16)
- Re: Autorun programs from flash drive. Gadi Evron (Apr 16)
- Re: Autorun programs from flash drive. Victor DaViking (Apr 18)
- <Possible follow-ups>
- Re: Re: Autorun programs from flash drive. arckeda (Apr 19)