It seems as though you jumped into this in mid thought.Originally Posted by cyberconsole
You also seem to be talking about the Hak5 Switchblade, or some variant.
Flash Drive of Death!
My mind then moved to pentesting and data exfiltration. What if the flash drive wasnt left by accident? What if it was a Flash Drive a Death loaded with malicious logic! I was also pondering in my head how you could convince an organization to lock down usb ports because of the associated risks just like this. Windows systems have the ability to prohibit the use of storage devices through USB while allowing things like mice and keyboards to work but I see very few companies using it. Perhaps demonstrating a Flash Drive of Death would convince them to lock workstations down a little bit more. [/long story]
I kindof just made up the name flash drive of death but I was wanting to get input from you all what might make a good demonstrative flash drive of death.
I figure maybe something that dumps stored passwords from IE and/or Mozilla. Dumps password hashes from registry, maybe spawn a backdoor connection to a listening server. Maybe change interface settings to point to a rogue dns server.
I'm sure you guys have some good ideas so lets hear 'em. I will gladly try and code up something good to share with you all.
There's no fate but what we make for ourselves.
-I already know I cant spel-
It seems as though you jumped into this in mid thought.
You also seem to be talking about the Hak5 Switchblade, or some variant.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
aww man... looks like someones already done it. oh well.
There's no fate but what we make for ourselves.
-I already know I cant spel-
uh yeah, been around for a while. keep the thinker going though...
Wow, I wish I would have known about that switchblade thing before I went and made my own..
What I did was use autorun.inf, a batch file, pstools, and some password dumping programs for an information gathering demonstration at school. But I would always have to click the autorun option when the dialog box appeared after inserting the USB device. :/
Save yourself the effort and get a switchblade. Autorun has to be enabled on the target PC, but it works wonders. Aside from pentesting, I've used them in the past with clients who can't remember things like their own passwords.(Yes, some lusers are that stupid.)
Beakmyn's latest and greatest version is a pure joy to use. He was kind enough to upgrade mine at shmoocon. Thanks, beakmyn!
Thorn
Stop the TSA now! Boycott the airlines.
Radio Shack is selling 1Gb Sandisk U3's for $12.99. That's the perfect one for making a switchblade.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Here's another where it doesn't require the U3 technology. I don't know if this is the best one out there but it does work.
http://www.irongeek.com/i.php?page=v...nd-batch-files
I keep about 8 or so USB dongles one of my Shmoocon neckbands attached to my bag. 1 of them is the switchblade. A good SE trick is to pull the switchblade one out and have someone look for a file on it, because "I can never remember which one the file is on" and then when they don't find the file on it, give them the right one.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Posting Permissions