Home page logo

pen-test logo Penetration Testing mailing list archives

RE: Hacking USB Thumbdrives, Thumprint authentication
From: "Atul Porwal" <atul_porwal () infosys com>
Date: Tue, 27 Jan 2004 20:53:14 +0530

I am even intersted in knowing any sploits for Flash drives...without Biometric Authentication (Only password 

Any Pointer


-----Original Message-----
From: m e [mailto:mje () list intersec com]
Sent: Sunday, January 25, 2004 11:01 AM
To: pen-test () securityfocus com
Subject: Hacking USB Thumbdrives, Thumprint authentication

I'm interested in research regarding hacking USB drives

unlocked with a thumbprint


Or any thumbprint biometric hacking.

Client is considering USB drives to offload laptop data 

and at first glance seems like a better solution

than keeping sensitive data on laptops. Encryption software

on laptops requires more password management and software

hassles. The above device has no software drivers to install

so deployment headaches are minimized with (what seems) like

better security (obviously not maximum security) at low

deployment cost.

I'm guessing one can take the flash chip off the device

and plug into regular USB drive. Or rewrite the thumbprint hash.

Or hacks to fool the drivers. Or reverse engineer the

login program to always return "Yes".



mje () secev com



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]