|
Full Disclosure
mailing list archives
Re: [Full-Disclosure] USB risks - working autorun example (fwd from pen-test)
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Wed, 22 Mar 2006 10:38:45 +1200
Pego, Victor wrote:
I need to figure out how to autorun a file on a USB flash pen drive.
My limited understanding of how this works is that either you have to
change the default configuration of the target machine(s) so they will
autorun removable drives (that's simply a registry tweak in Windows,
but may require driver changes in other OSes??) OR you need a USB
device that "lies" about its device type.
... but there are companies who sell the pen
drives with autorun software or something, they promote it. ...
I believe that these devices work through the latter method. That is,
although they are "physically" USB pen drives, they tell the USB
interface that they are CD drives. As most modern machines autorun CDs
by default, these devices can carry autorunnable code.
Regards,
Nick FitzGerald
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
Intro
