hak5.org — The USB Hacksaw is an evolution of the popular USB Switchblade that will automatically infect Windows PCs with a payload that will retrieve documents from USB drives plugged into the target machine and securely transmit them to an email account.PoC shows how to deliver the payload instantly with a U3 autorun hack borrowed from the Switchblade
Oct 6, 2006 View in Crawl 4
heartoffireOct 7, 2006
This is pretty weak on details. If you have auto-run disabled (as anyone should), then no content should automatically run upon insertion of a new device... be that a floppy or be that a CD-ROM... or be that an USB drive.If there is some problem with disabling autorun, or the problem is simply that autorun is set by default... then this same condition is there for other media formats, such as DVDs or CDs. And these kinds of infectors are not new, but very old.Regardless, they need to be explicit and mention these extremely pertinant facts. That is, "what is the bug, exactly", and "what can be done, exactly, to fix it", and "what does the Vendor need to do to fix the bug". (Such infectors were part of the first run of virii out there, the main ones would operate off of floppy drives. However, that has been last seen in about a decade, so maybe people do not remember. That said, boot infectors remain relatively common, and some new methodologies have been used in the past few years, to, for instance, insert a floppy and subvert control of the entire OS with the help of a remote tftp server.)
setecOct 7, 2006
I think Google should look at this hack and attempt to block the hack's access to smtp.gmail.com
securestealthOct 7, 2006
so will this only work with the U3 sandisk cruzer? or will it work with other U3 thumb drives?
williamdyerOct 7, 2006
@patiencef**k off. Eat s**t. Die.We have creeping fascism. We need to get the tools of overthrow in the hands of the people. p0wn a government goon for freedom.
patienceOct 7, 2006
@WilliamDyer: How is life in the Middle East?When you leave messages like "f**k off. Eat s**t. Die." make surepeople can't start tracking you down., okay.A word of advice: stop trolling.
patienceOct 7, 2006
@WilliamDyer: You are not a bad graphic designer.Stick to that and not trolling. There are plenty of crazy people on the internet.
student91Oct 9, 2006
Hey,at my highschool, we were each given mac os x laptops this year. It's great, but everything on them is locked up. we can't even change our preferences (desktop pics, screen saver...). Does anyone here have any suggestions as to how to open up some of those things, and/or have a little fun with the machines? the computer administrator is a grumpy, authoritative guy, and it would be fun to keep him on his toes. not create too much hell, just enough. please email me with suggestions: bigcheez04@hotmail.com
massivehMar 18, 2008
This "payload" will only run on U3 (all U3) drives. You must have a U3 compatible drive to make this work, as U3 drives have special hardware in them to make the virtual CD drive. You cannot hack a non-U3 drive to make a U3 drive without the proper hardware in the drive. There are other payloads that may do the same thing on non-U3 drives, but require special auto run files and may not have the same outcome that U3 ones have.