[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] USB Attacks Going Commercial?

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] USB Attacks Going Commercial?
From: "Wolf" <wolf.schiedler@xxxxxxxxx>
Date: Tue, 19 Sep 2006 00:21:58 +0300

Well if You have physical access
to the computer its possible "on the fly"
takeout copies of the SAM and system files with this tool:

 DiskInternals NTFS Reader 2.0 - Works XpSp2 - tested
 http://www.diskinternals.com/download/NTFS_Reader_Setup.zip

So with this tool You dont need any "boot" or restarting of windows...

I have tested it by having this tool in USB stick
and taken copies out those files and then "breaked" the
LMHashes with Rainbow crack or 
http://lasecwww.epfl.ch/~oechslin/projects/ophcrack/index.php


Regards - Wolf


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] McAfee VirusScan Enterprise - disabling the client side "On-Access Scan"
Next by Date: [Full-disclosure] [RLSA_02-2006] OSU httpd for OpenVMS path and directory disclosure - is this a bug or a feature?
Previous by thread: Re: [Full-disclosure] McAfee VirusScan Enterprise - disabling the client side "On-Access Scan"
Next by thread: [Full-disclosure] [RLSA_02-2006] OSU httpd for OpenVMS path and directory disclosure - is this a bug or a feature?
Index(es):
- Date
- Thread