Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Security with USB Devices
From: Jeff Shawgo <jeff.shawgo () verizon net>
Date: Fri, 05 Aug 2005 09:17:02 -0500 (CDT)

You need to be logged in as an Administrator to install hardware 
devices, by default, in Windows... And this kind of attack has been 
around for years (a small few-MB stick is overkill for a small script 
calling a local exploit and then running, say, pwdump2, and then 
bmail-ing the output to a remote mail server <total required size = 
about 50k>)...

J. Theriault
administrator () maginetworks com

Actually, you only need to have Admin rights to add a "NEW" driver to a system.  If you are utilizing one that is 
included with Windows by default (like many ATAPI CD devices use) then you are using one already present, and don't 
need rights.  Kind of like adding and removing a CD drive from a bay in a laptop.  

The same goes for USB drivers (and printer drivers).  If it's in the default Windows driver.cab (I belive) then you're 
golden.  When you add a new device to a machine, sometimes you need to provide a driver, and sometimes you don't.  
That's why.

~Jeff

------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]