| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040619161947.42997.qmail@web51501.mail.yahoo.com> Date: Sat, 19 Jun 2004 09:19:47 -0700 (PDT) From: Harlan Carvey <keydet89@...oo.com> To: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com Subject: Re: USB risks - working autorun example (fwd from pen-test) > Attached is a proof-of-concept as made available by > mak_pen@...mail.com > for using autorun with USB. I haven't been able to get it to work on Win2K or XP, and the OP doesn't seem to have specified the manufacturer and model of the device used. > This should work. As it was already released, I see > nothing wrong with > relaying it again (with due credit) here. "Should" work? The OP also mentions using a Reg file to modify the NoDriveTypeAutorun Registry key, which by default, is already configured (0x095, or 149) to NOT allow this type of thing to work. > I'd strongly suggest to people to read the > (different) threads on the > subject on the pen-test list, a lot of questions > were answered there. Unfortunately, that's not really the case. A lot of things are said and claims are made...but not a lot of questions are answered. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists