.

Video: USB Hacksaw

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Mon Oct 09, 2006 4:24 pm

Video: USB Hacksaw

Link to a video from the people at Hak.5. The description says it all...

This hack is based on a modified version of USBDumper. Once installed on a targert machine it will stay resident and wait for a USB flash drive to be inserted. Once a USB flash drive is inserted the hacksaw will download the contents of the drive to a temporary location using the modified USBDumper, then silently run the send.bat file located in the same directory, which will then archive the contents using RAR, eastablish an SSL SMTP connection to smtp.gmail.com using Stunnel and Blat, email the downloaded data to an email address, and remove the documents and archives.


http://www.hak5.org/wiki/USB_Hacksaw

I don't know if this qualifies as a tutorial, but it's the closest thing I could think.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

slimjim100

User avatar

EH-Net Columnist
EH-Net Columnist

Posts: 385

Joined: Wed Nov 08, 2006 12:50 pm

Location: Atlanta

Post Mon Nov 20, 2006 8:13 am

Re: Video: USB Hacksaw

Wow that is scary!!! Time to put hot glue into all the USB ports at work. I wonder how long it will take for the anti-virus companies to tag this (they may not since this is not really a virus or a worm). Great post Don and thanks for keeping us in the know for all the new ways our computers can become infected. Awareness is the only way to have a defensive posture in networking. I just thought of something even scarier... With all the MP3 players out there and Microsoft’s new Zune player. Just think about the risks when this thing finds its way into a Microsoft Zune player that can transfer songs and files wirelessly. You could have networks get hacked because one employee decided to dock his/her MP3 player at work after getting it infected at the gym. There really needs to be more security when dealing with USB. Remember disable auto-run always!

Slimjim100
Last edited by slimjim100 on Mon Nov 20, 2006 8:23 am, edited 1 time in total.
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP

Return to Tutorials

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software