Page 1 of 4 123 ... LastLast
Results 1 to 10 of 33

Thread: Flash Drive of Death!

  1. #1
    Junior Member cyberconsole's Avatar
    Join Date
    Aug 2007
    Posts
    57

    Default Flash Drive of Death!

    My mind then moved to pentesting and data exfiltration. What if the flash drive wasnt left by accident? What if it was a Flash Drive a Death loaded with malicious logic! I was also pondering in my head how you could convince an organization to lock down usb ports because of the associated risks just like this. Windows systems have the ability to prohibit the use of storage devices through USB while allowing things like mice and keyboards to work but I see very few companies using it. Perhaps demonstrating a Flash Drive of Death would convince them to lock workstations down a little bit more. [/long story]

    I kindof just made up the name flash drive of death but I was wanting to get input from you all what might make a good demonstrative flash drive of death.

    I figure maybe something that dumps stored passwords from IE and/or Mozilla. Dumps password hashes from registry, maybe spawn a backdoor connection to a listening server. Maybe change interface settings to point to a rogue dns server.

    I'm sure you guys have some good ideas so lets hear 'em. I will gladly try and code up something good to share with you all.
    There's no fate but what we make for ourselves.

    -I already know I cant spel-

  2. #2
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by cyberconsole View Post
    My mind then moved to pentesting and data exfiltration. What if the flash drive wasnt left by accident? What if it was a Flash Drive a Death loaded with malicious logic! I was also pondering in my head how you could convince an organization to lock down usb ports because of the associated risks just like this. Windows systems have the ability to prohibit the use of storage devices through USB while allowing things like mice and keyboards to work but I see very few companies using it. Perhaps demonstrating a Flash Drive of Death would convince them to lock workstations down a little bit more. [/long story]

    I kindof just made up the name flash drive of death but I was wanting to get input from you all what might make a good demonstrative flash drive of death.

    I figure maybe something that dumps stored passwords from IE and/or Mozilla. Dumps password hashes from registry, maybe spawn a backdoor connection to a listening server. Maybe change interface settings to point to a rogue dns server.

    I'm sure you guys have some good ideas so lets hear 'em. I will gladly try and code up something good to share with you all.
    It seems as though you jumped into this in mid thought.

    You also seem to be talking about the Hak5 Switchblade, or some variant.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  3. #3

  4. #4
    Junior Member cyberconsole's Avatar
    Join Date
    Aug 2007
    Posts
    57

    Default

    Quote Originally Posted by pureh@te View Post
    aww man... looks like someones already done it. oh well.
    There's no fate but what we make for ourselves.

    -I already know I cant spel-

  5. #5
    Member
    Join Date
    Jan 2008
    Posts
    194

    Default

    uh yeah, been around for a while. keep the thinker going though...

  6. #6
    Junior Member duwey96's Avatar
    Join Date
    Nov 2007
    Posts
    41

    Default

    Wow, I wish I would have known about that switchblade thing before I went and made my own..

    What I did was use autorun.inf, a batch file, pstools, and some password dumping programs for an information gathering demonstration at school. But I would always have to click the autorun option when the dialog box appeared after inserting the USB device. :/

  7. #7
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by duwey96 View Post
    Wow, I wish I would have known about that switchblade thing before I went and made my own..

    What I did was use autorun.inf, a batch file, pstools, and some password dumping programs for an information gathering demonstration at school. But I would always have to click the autorun option when the dialog box appeared after inserting the USB device. :/
    Save yourself the effort and get a switchblade. Autorun has to be enabled on the target PC, but it works wonders. Aside from pentesting, I've used them in the past with clients who can't remember things like their own passwords. (Yes, some lusers are that stupid.)

    Beakmyn's latest and greatest version is a pure joy to use. He was kind enough to upgrade mine at shmoocon. Thanks, beakmyn!
    Thorn
    Stop the TSA now! Boycott the airlines.

  8. #8
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Radio Shack is selling 1Gb Sandisk U3's for $12.99. That's the perfect one for making a switchblade.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  9. #9
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    Here's another where it doesn't require the U3 technology. I don't know if this is the best one out there but it does work.

    http://www.irongeek.com/i.php?page=v...nd-batch-files

  10. #10
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by hhmatt81 View Post
    Here's another where it doesn't require the U3 technology. I don't know if this is the best one out there but it does work.

    http://www.irongeek.com/i.php?page=v...nd-batch-files
    I keep about 8 or so USB dongles one of my Shmoocon neckbands attached to my bag. 1 of them is the switchblade. A good SE trick is to pull the switchblade one out and have someone look for a file on it, because "I can never remember which one the file is on" and then when they don't find the file on it, give them the right one.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Page 1 of 4 123 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •