Penetration Testing mailing list archives

Re: Autorun programs from flash drive.

From: "Shreyas Zare" <shreyas () technitium com>
Date: Wed, 16 Apr 2008 22:48:51 +0530

Hi,

Windows wont Autorun on USB storage device automatically like in
CDROMs but will Autorun when user double clicks the Drive Icon in My
Comp. U3 on other hand would add a CDROM device which would make
windows Autorun *that* U3 CDROM hence U3 is indirectly achieving
Autorun on USB storage. Also, its pretty easy to stop Autorun feature
from registry (HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom
 Value=AutoRun, DWORD, Disable=0).

Regards,

On Wed, Apr 16, 2008 at 8:38 AM,  <arckeda () yahoo com> wrote:

Hello, and thanks for reading this.  I am sure we are all know of the Autorun feature in Cdroms and Dvdroms, how the 
program just runs out of the box.  I am trying to figure out how to include this functionality in flash drives.

 /* I have a SD card with a USB adapter to test with. */

 This would allow, say, for me to quickly insert a drive into a computer, have it silently run something like 
Meterpreter or another backdoor program, and then have remote access to the computer, assuming Windows runs it and 
doesn't detect a malicious program.  I understand that Windows by default will not run Autorun.inf by default on 
flash drives, except the U3s.  But I have also heard that you can format a flash drive to look like a cdrom to 
Windows.  This is about all I know.  If you have any more information, or would know about how to go about doing 
this, please tell me.

 Thank you again.

     -ARCKEDA

 ------------------------------------------------------------------------
 This list is sponsored by: Cenzic

 Need to secure your web apps NOW?
 Cenzic finds more, "real" vulnerabilities fast.
 Click to try it, buy it or download a solution FREE today!

 http://www.cenzic.com/downloads
 ------------------------------------------------------------------------




-- 
("Computers are useless. They can only give you answers." - Pablo Picasso)

Shreyas Zare
Co-Founder, Technitium
eMail: shreyas () technitium com

..::< The Technitium Team >::..
Visit us at www.technitium.com
Contact us at theteam () technitium com

Technitium Personal Computers
We believe in quality.
Visit http://pc.technitium.com for details.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

Autorun programs from flash drive. arckeda (Apr 16)
- RE: Autorun programs from flash drive. Erin Carroll (Apr 16)
- RE: Autorun programs from flash drive. Joe Klein (Apr 16)
  - RE: Autorun programs from flash drive. Morris Sgt Derek P (Apr 16)
- Re: Autorun programs from flash drive. Shreyas Zare (Apr 16)
- Re: Autorun programs from flash drive. Gadi Evron (Apr 16)
- Re: Autorun programs from flash drive. Victor DaViking (Apr 18)
- <Possible follow-ups>
- Re: Re: Autorun programs from flash drive. arckeda (Apr 19)