[...]... launch automatically when inserted into a computer Bwww.intel.com/standards/case/Intel_and _USB_ Case_Study.pdf CSIsurvey2008.pdf, Page 2 Cwww .usb. org/press /USB- IF_Press_Releases/2008 _11 _17 _USB_ IF.pdf Dwww .usb. org/developers/logo_license/ Ehttp://cn.sandisk.com/Assets/File/pdf/SanDisk%20PR%20profile_EN.pdf 5 6 CHAPTER 1 USB Hacksaw To be fully compliant with the U3 standards, an application must be developed... significantly hinder the attacks covered in this book Endnote 1 http://csrc.nist.gov/publications/nistpubs/800 -12 /800 -12 -html/chapter1.html Accessed September 2009 chapter USB Hacksaw 1 Information in This Chapter • Sharing Away Your Future • Anatomy of the Attack • What is the Big Deal? • Evolution of the Portable Platform • Defending against This Attack The Universal Serial Bus (USB) Hacksaw was devised... build a portable platform to launch this or many other attacks Some of these alternate techniques will be discussed here and in the remaining sections of this chapter Universal Serial Bus In 19 96, the USB 1. 0 specification was first introducedB and was gradually adopted thereafter The design of USB is standardized by the USB- Implementers Forum (USB- IF), an industry body incorporating leading companies... peripheral devices The 1. 0 specification did prove to be a great way to consolidate the ­different types of connections, but the transfer speed was less than desired USB 2.0 improved upon many aspects but most importantly increased the transfer rate to 480 Mbps The USB 3.0 specification was released on November 12 , 2008, by the USB 3.0 Promoter Group.C Its maximum transfer rate is up to 10 times faster than... fully excluded as potential attack-packing apparatuses The following sections will highlight the contents of each chapter to help you understand why these were chosen as the seven deadliest attacks Chapter 1 USB Hacksaw” The USB Hacksaw takes a completely new approach to data compromise It combines several utilities that already exist in the wild to render an intriguing dataretrieval solution Microsoft’s... advertised USB flash drives were originally intended to provide a quick storage medium, and some people still prefer to use them in this manner You can create additional partitions on almost any flash drive using appropriate tools against the respective controller An example of this would be a Kingston DataTraveler with a Phison PS 213 4 ­controller, which can be configured with the PHISON UP13 UP14 UP12 V1.96... individual program files used to design the USB Hacksaw They are listed here for reference only and are not required to be downloaded in order to recreate the attack A link to the entire package containing all the necessary USB Hacksaw files is included in the next section • USB Dumper: www.secuobs.com/USBDumper.rar This tool is designed to silently duplicate files from any USB flash drive connected to a Windows... Hacksaw payload Figure 1. 1 illustrates a series of Hacksaw infections in action In this example, a USB drive was used to infect the hosts from a physical avenue A proxy is included to demonstrate the masking techniques an attacker might employ while retrieving data or using other tools Although a single proxy instance is Hotel computer Mall Kiosk Legend User’s USB flash drives User’s USB hard drive Proxy... fast-paced field of intrusive software Documentation is Awww.microsoft.com/whdc/archive/usbfaq.mspx Introduction also included to create a basic infection injected by a USB flash drive to show how easily this can be accomplished Chapter 4 USB Device Overflow” In Chapter 4, we will provide you with a real-world example of USB- based heap overflow, which was unveiled by researchers at a Black Hat conference... ­system resources (this includes hardware, software, firmware, information/data, and telecommunications). 1 Confidentiality, integrity, and availability are extremely vulnerable for the systems and environments susceptible to these types of attacks Included below is a short list of data types these specific attacks can acquire by leveraging a removable-media device • Exposure of data for keys or secrets housed . alt="" Seven Deadliest USB Attacks Syngress Seven Deadliest Attacks Series Seven Deadliest Microsoft Attacks ISBN: 978 -1- 59749-5 51- 6 Rob Kraus Seven Deadliest Network Attacks ISBN: 978 -1- 59749-549-3 Stacy. Prowell Seven Deadliest Social Network Attacks ISBN: 978 -1- 59749-545-5 Carl Timm Seven Deadliest Unified Communications Attacks ISBN: 978 -1- 59749-547-9 Dan York Seven Deadliest USB Attacks ISBN: 978 -1- 59749-553-0 Brian. 10 5 Overow Outlook 10 6 Defensive Strategies 10 7 Drivers 10 7 Physical Protection Mechanisms 11 4 Summary 11 5 Endnote 11 6 CHAPTER 5 RAM dump 11 7 Gadgets Gone Astray 11 8 Digital Forensic