Enviar pesquisa
Carregar
Ce hv6 module 41 hacking usb devices
•
1 gostou
•
1,283 visualizações
Vi Tính Hoàng Nam
Seguir
Ce hv6 module 41 hacking usb devices
Leia menos
Leia mais
Tecnologia
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 54
Baixar agora
Baixar para ler offline
Recomendados
Ce hv6 module 46 securing laptop computers
Ce hv6 module 46 securing laptop computers
Vi Tính Hoàng Nam
Ce hv6 module 48 corporate espionage by insiders
Ce hv6 module 48 corporate espionage by insiders
Vi Tính Hoàng Nam
File000149
File000149
Desmond Devendran
Ceh v5 module 17 physical security
Ceh v5 module 17 physical security
Vi Tính Hoàng Nam
Ce hv6 module 45 privacy on the internet
Ce hv6 module 45 privacy on the internet
Vi Tính Hoàng Nam
Ceh v5 module 19 evading ids firewall and honeypot
Ceh v5 module 19 evading ids firewall and honeypot
Vi Tính Hoàng Nam
Ceh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilities
Vi Tính Hoàng Nam
Ceh v5 module 06 trojans and backdoors
Ceh v5 module 06 trojans and backdoors
Vi Tính Hoàng Nam
Recomendados
Ce hv6 module 46 securing laptop computers
Ce hv6 module 46 securing laptop computers
Vi Tính Hoàng Nam
Ce hv6 module 48 corporate espionage by insiders
Ce hv6 module 48 corporate espionage by insiders
Vi Tính Hoàng Nam
File000149
File000149
Desmond Devendran
Ceh v5 module 17 physical security
Ceh v5 module 17 physical security
Vi Tính Hoàng Nam
Ce hv6 module 45 privacy on the internet
Ce hv6 module 45 privacy on the internet
Vi Tính Hoàng Nam
Ceh v5 module 19 evading ids firewall and honeypot
Ceh v5 module 19 evading ids firewall and honeypot
Vi Tính Hoàng Nam
Ceh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilities
Vi Tính Hoàng Nam
Ceh v5 module 06 trojans and backdoors
Ceh v5 module 06 trojans and backdoors
Vi Tính Hoàng Nam
Ce hv6 module 52 hacking rss and atom
Ce hv6 module 52 hacking rss and atom
Vi Tính Hoàng Nam
Ce hv6 module 50 software piracy and warez
Ce hv6 module 50 software piracy and warez
Vi Tính Hoàng Nam
File000143
File000143
Desmond Devendran
File000142
File000142
Desmond Devendran
Ceh v5 module 08 denial of service
Ceh v5 module 08 denial of service
Vi Tính Hoàng Nam
Ceh v5 module 16 virus and worms
Ceh v5 module 16 virus and worms
Vi Tính Hoàng Nam
Ce hv6 module 66 security convergence
Ce hv6 module 66 security convergence
Vi Tính Hoàng Nam
File000138
File000138
Desmond Devendran
File000150
File000150
Desmond Devendran
File000139
File000139
Desmond Devendran
System monitoring and network intrusion using DDS and CEP
System monitoring and network intrusion using DDS and CEP
Gerardo Pardo-Castellote
File000144
File000144
Desmond Devendran
Ceh v5 module 07 sniffers
Ceh v5 module 07 sniffers
Vi Tính Hoàng Nam
File000141
File000141
Desmond Devendran
Ce hv6 module 62 case studies
Ce hv6 module 62 case studies
Vi Tính Hoàng Nam
File000148
File000148
Desmond Devendran
File000175
File000175
Desmond Devendran
Ceh v5 module 04 enumeration
Ceh v5 module 04 enumeration
Vi Tính Hoàng Nam
Ce Hv6 Module 44 Internet Content Filtering Techniques
Ce Hv6 Module 44 Internet Content Filtering Techniques
Kislaychd
File000140
File000140
Desmond Devendran
Computer viruses
Computer viruses
Alfred George
introduction to malwares,virus,trojan horse
introduction to malwares,virus,trojan horse
Spandan Patnaik
Mais conteúdo relacionado
Mais procurados
Ce hv6 module 52 hacking rss and atom
Ce hv6 module 52 hacking rss and atom
Vi Tính Hoàng Nam
Ce hv6 module 50 software piracy and warez
Ce hv6 module 50 software piracy and warez
Vi Tính Hoàng Nam
File000143
File000143
Desmond Devendran
File000142
File000142
Desmond Devendran
Ceh v5 module 08 denial of service
Ceh v5 module 08 denial of service
Vi Tính Hoàng Nam
Ceh v5 module 16 virus and worms
Ceh v5 module 16 virus and worms
Vi Tính Hoàng Nam
Ce hv6 module 66 security convergence
Ce hv6 module 66 security convergence
Vi Tính Hoàng Nam
File000138
File000138
Desmond Devendran
File000150
File000150
Desmond Devendran
File000139
File000139
Desmond Devendran
System monitoring and network intrusion using DDS and CEP
System monitoring and network intrusion using DDS and CEP
Gerardo Pardo-Castellote
File000144
File000144
Desmond Devendran
Ceh v5 module 07 sniffers
Ceh v5 module 07 sniffers
Vi Tính Hoàng Nam
File000141
File000141
Desmond Devendran
Ce hv6 module 62 case studies
Ce hv6 module 62 case studies
Vi Tính Hoàng Nam
File000148
File000148
Desmond Devendran
File000175
File000175
Desmond Devendran
Ceh v5 module 04 enumeration
Ceh v5 module 04 enumeration
Vi Tính Hoàng Nam
Ce Hv6 Module 44 Internet Content Filtering Techniques
Ce Hv6 Module 44 Internet Content Filtering Techniques
Kislaychd
File000140
File000140
Desmond Devendran
Mais procurados
(20)
Ce hv6 module 52 hacking rss and atom
Ce hv6 module 52 hacking rss and atom
Ce hv6 module 50 software piracy and warez
Ce hv6 module 50 software piracy and warez
File000143
File000143
File000142
File000142
Ceh v5 module 08 denial of service
Ceh v5 module 08 denial of service
Ceh v5 module 16 virus and worms
Ceh v5 module 16 virus and worms
Ce hv6 module 66 security convergence
Ce hv6 module 66 security convergence
File000138
File000138
File000150
File000150
File000139
File000139
System monitoring and network intrusion using DDS and CEP
System monitoring and network intrusion using DDS and CEP
File000144
File000144
Ceh v5 module 07 sniffers
Ceh v5 module 07 sniffers
File000141
File000141
Ce hv6 module 62 case studies
Ce hv6 module 62 case studies
File000148
File000148
File000175
File000175
Ceh v5 module 04 enumeration
Ceh v5 module 04 enumeration
Ce Hv6 Module 44 Internet Content Filtering Techniques
Ce Hv6 Module 44 Internet Content Filtering Techniques
File000140
File000140
Semelhante a Ce hv6 module 41 hacking usb devices
Computer viruses
Computer viruses
Alfred George
introduction to malwares,virus,trojan horse
introduction to malwares,virus,trojan horse
Spandan Patnaik
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
eLiberatica
Module 16 (virus)
Module 16 (virus)
Wail Hassan
Computer viruses and antiviruses
Computer viruses and antiviruses
Sanguine_Eva
Computer viruses and antiviruses PPT
Computer viruses and antiviruses PPT
Eva Harshita
File000173
File000173
Desmond Devendran
Iss lecture 9
Iss lecture 9
Ali Habeeb
Ch02 System Threats and Risks
Ch02 System Threats and Risks
Information Technology
File000152
File000152
Desmond Devendran
viruses
viruses
khadija habib
Introductions To Malwares
Introductions To Malwares
Cyber Vignan
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
CAS
ISDD Hacking and Viruses
ISDD Hacking and Viruses
Forrester High School
Antiviruse.ppt
Antiviruse.ppt
AthiraKrishnan57
Presentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad Almajali
webhostingguy
Computer virus
Computer virus
Rohit Nayak
Virus and antivirus
Virus and antivirus
zain Ul abadin
Cyber Security – Virus and the Internet
Cyber Security – Virus and the Internet
Love Steven
Computer Virus ICT 402.pptx
Computer Virus ICT 402.pptx
AkshayIngole17
Semelhante a Ce hv6 module 41 hacking usb devices
(20)
Computer viruses
Computer viruses
introduction to malwares,virus,trojan horse
introduction to malwares,virus,trojan horse
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
Module 16 (virus)
Module 16 (virus)
Computer viruses and antiviruses
Computer viruses and antiviruses
Computer viruses and antiviruses PPT
Computer viruses and antiviruses PPT
File000173
File000173
Iss lecture 9
Iss lecture 9
Ch02 System Threats and Risks
Ch02 System Threats and Risks
File000152
File000152
viruses
viruses
Introductions To Malwares
Introductions To Malwares
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
ISDD Hacking and Viruses
ISDD Hacking and Viruses
Antiviruse.ppt
Antiviruse.ppt
Presentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad Almajali
Computer virus
Computer virus
Virus and antivirus
Virus and antivirus
Cyber Security – Virus and the Internet
Cyber Security – Virus and the Internet
Computer Virus ICT 402.pptx
Computer Virus ICT 402.pptx
Mais de Vi Tính Hoàng Nam
CATALOGUE QUESTEK (Tiếng Việt)
CATALOGUE QUESTEK (Tiếng Việt)
Vi Tính Hoàng Nam
CATALOG KBVISION (Tiếng Việt)
CATALOG KBVISION (Tiếng Việt)
Vi Tính Hoàng Nam
Catalogue 2015
Catalogue 2015
Vi Tính Hoàng Nam
Tl wr740 n-v4_user_guide_1910010682_vn
Tl wr740 n-v4_user_guide_1910010682_vn
Vi Tính Hoàng Nam
CATALOGUE CAMERA GIÁM SÁT
CATALOGUE CAMERA GIÁM SÁT
Vi Tính Hoàng Nam
HƯỚNG DẪN SỬ DỤNG ĐẦU GHI QTD-6108
HƯỚNG DẪN SỬ DỤNG ĐẦU GHI QTD-6108
Vi Tính Hoàng Nam
Các loại cáp mạng
Các loại cáp mạng
Vi Tính Hoàng Nam
Catalogue 10-2014-new
Catalogue 10-2014-new
Vi Tính Hoàng Nam
Qtx 6404
Qtx 6404
Vi Tính Hoàng Nam
Camera QTX-1210
Camera QTX-1210
Vi Tính Hoàng Nam
Brochua đầu ghi hình QTD-6100 Series
Brochua đầu ghi hình QTD-6100 Series
Vi Tính Hoàng Nam
NSRT: Dụng cụ tháo đầu báo
NSRT: Dụng cụ tháo đầu báo
Vi Tính Hoàng Nam
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
Vi Tính Hoàng Nam
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
Vi Tính Hoàng Nam
PEX-xx: Bộ hiển thị phụ 5-210 zone cho tủ RPP, RPS, RPQ
PEX-xx: Bộ hiển thị phụ 5-210 zone cho tủ RPP, RPS, RPQ
Vi Tính Hoàng Nam
HRA-1000: Hiển thị phụ cho TT HCP-1008E
HRA-1000: Hiển thị phụ cho TT HCP-1008E
Vi Tính Hoàng Nam
RPP-ABW: TT báo cháy 10-20 kênh
RPP-ABW: TT báo cháy 10-20 kênh
Vi Tính Hoàng Nam
RPP-ECW: TT báo cháy 3-5 kênh
RPP-ECW: TT báo cháy 3-5 kênh
Vi Tính Hoàng Nam
HCP-1008E: TT báo cháy 8-24 kênh
HCP-1008E: TT báo cháy 8-24 kênh
Vi Tính Hoàng Nam
HCV-2/4/8: TT báo cháy 2,4,8 kênh
HCV-2/4/8: TT báo cháy 2,4,8 kênh
Vi Tính Hoàng Nam
Mais de Vi Tính Hoàng Nam
(20)
CATALOGUE QUESTEK (Tiếng Việt)
CATALOGUE QUESTEK (Tiếng Việt)
CATALOG KBVISION (Tiếng Việt)
CATALOG KBVISION (Tiếng Việt)
Catalogue 2015
Catalogue 2015
Tl wr740 n-v4_user_guide_1910010682_vn
Tl wr740 n-v4_user_guide_1910010682_vn
CATALOGUE CAMERA GIÁM SÁT
CATALOGUE CAMERA GIÁM SÁT
HƯỚNG DẪN SỬ DỤNG ĐẦU GHI QTD-6108
HƯỚNG DẪN SỬ DỤNG ĐẦU GHI QTD-6108
Các loại cáp mạng
Các loại cáp mạng
Catalogue 10-2014-new
Catalogue 10-2014-new
Qtx 6404
Qtx 6404
Camera QTX-1210
Camera QTX-1210
Brochua đầu ghi hình QTD-6100 Series
Brochua đầu ghi hình QTD-6100 Series
NSRT: Dụng cụ tháo đầu báo
NSRT: Dụng cụ tháo đầu báo
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
PEX-xx: Bộ hiển thị phụ 5-210 zone cho tủ RPP, RPS, RPQ
PEX-xx: Bộ hiển thị phụ 5-210 zone cho tủ RPP, RPS, RPQ
HRA-1000: Hiển thị phụ cho TT HCP-1008E
HRA-1000: Hiển thị phụ cho TT HCP-1008E
RPP-ABW: TT báo cháy 10-20 kênh
RPP-ABW: TT báo cháy 10-20 kênh
RPP-ECW: TT báo cháy 3-5 kênh
RPP-ECW: TT báo cháy 3-5 kênh
HCP-1008E: TT báo cháy 8-24 kênh
HCP-1008E: TT báo cháy 8-24 kênh
HCV-2/4/8: TT báo cháy 2,4,8 kênh
HCV-2/4/8: TT báo cháy 2,4,8 kênh
Último
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
LoriGlavin3
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
mohitsingh558521
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
Dilum Bandara
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
LoriGlavin3
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
Alex Barbosa Coqueiro
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
LoriGlavin3
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Lorenzo Miniero
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
DianaGray10
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
Lars Bell
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
Nathaniel Shimoni
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
LoriGlavin3
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Databarracks
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Addepto
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
HarshalMandlekar2
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Sergiu Bodiu
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
UiPathCommunity
Último
(20)
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
Ce hv6 module 41 hacking usb devices
1.
E hi l
H ki dEthical Hacking and Countermeasures V i 6Version 6 Module XLIModule XLI Hacking USB Devices
2.
News EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Source: http://www.vnunet.com/
3.
Module Objective This module
will familiarize you with: • USB Devices • USB attacks • Viruses and worms • USB Hacking Tools • USB Security Tools • Countermeasures EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
4.
Module Flow USB Devices
USB Hacking Tools USB attacks USB Security ToolsUSB attacks USB Security Tools CountermeasuresViruses and worms EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
5.
Introduction to USB
Devices Universal Serial Bus (USB) is a serial bus standard to interface devicesUniversal Serial Bus (USB) is a serial bus standard to interface devices It is pluggable, allowing device to be connected or removed while computer is running A pen drive is a compact, removable storage device just like a floppy disk or a CD A pen drive can be plugged into the USB port EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited A pen drive can be plugged into the USB port
6.
kUSB Attacks EC-Council Copyright ©
by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
7.
Electrical Attack Electrical attacks
mounted against the USB keys require physicalElectrical attacks mounted against the USB keys require physical access to the device circuit boards Primary goal is to access private data, which is supposed to be protected by legitimate user's PIN number or password without detection by the legitimate user A design flaw common to the USB keys is the improper storage of password values, which can allow the extraction of all data, including private informationincluding private information Changing the password value which is stored in an EEPROM EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited g g p allows access to the device and extract all private information
8.
Software Attack Attacker examines
the communication channels between the USB device and hhost computer It analyzes and determines the possibility to brute-force a password whichIt analyzes and determines the possibility to brute force a password which will give access to the USB key device B di i t d k USB k t t th USB k USBBy sending incorrect and known erroneous USB packets to the USB key, USB may leak information such as the contents of protected memory areas EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
9.
USB Attack on
Windows Buffer-overflow vulnerabilities in USB device allow an attacker to bypass the i d i d i d i i i i il f h h hiWindows security and gain administrative privileges of the host machine Attacker having idea about the vulnerability in a USB device driver can programg y p g one USB device, known as portable memory stick, to pose as the kind of device that uses the vulnerable driver Attacker then plugs the device into the host system and triggers the exploit when the host system loads the flawed driver This allows an attacker to take control of host computer EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
10.
Viruses And WormsViruses
And Worms EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
11.
Virus: W32/Madang-Fam W32/Madang-Fam is
a family of viruses for the Windows platform, which spreads via Removable storage devices It attempts to infect files with an EXE or SCR extension on all drives and on connected network shares It contains the code to download and execute code from one or more remote websites It may attempt to run the files <System>setupx exe and<System>setupx.exe and <System>Updatex.exe It attempts to inject itself into the Kernel or into EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited It attempts to inject itself into the Kernel or into another process that is already running
12.
Worm: W32/Hasnot-A W32/Hasnot-A is
a worm and companion virus for the Windows platform whichW32/Hasnot-A is a worm and companion virus for the Windows platform, which spreads via Removable storage devices W32/Hasnot-A will hide files and folders, appending the original file or folder name to a copy of itself Once installed, W32/Hasnot-A spreads through network shares and removable storage devices, including USB keys File <Root>autorun.inf is designed to start the worm once the drive is mounted EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
13.
W32/Fujacks-AK W32/Fujacks-AK spreads to
other network computers through available network shares and removable storage devicesavailable network shares and removable storage devices It copies itself with the filenames GameSetup.exe and setup.exe correspondinglycorrespondingly It also creates the file autorun.inf to insure that the file setup.exe is t dexecuted It has the functionality to access the Internet and communicate with a remote server via HTTP It attempts to periodically copy itself to removable drives, EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited p o p od y opy o o b d , including floppy drives and USB keys
14.
W32/Fujacks-E W32/Fujacks-E is a
prepending virus and worm withW3 / ujac s s a p epe d g v us a d o t backdoor functionality for the Windows platform It d i t k t th h il blIt spreads in network computers through available network shares and removable storage devices with the filenames GameSetup.exe and setup.exe correspondingly It runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computerp It has the functionality to access the Internet and i t ith t i HTTP d it EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited communicate with a remote server via HTTP and it may change HTML files
15.
W32/Dzan-C W32/Dzan-C is a
virus for the Windows platform that also spreads via removable storage devices It runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access andserver which allows a remote intruder to gain access and control over the computer It adds its 66048 Bytes of code at the end of the original file, so whenever the file is executed, the virus is also executed EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
16.
W32/SillyFD-AA W32/SillyFD-AA is a
worm for the Windows platform Once installed, W32/SillyFD-AA spreads through removableOnce installed, W32/SillyFD AA spreads through removable storage devices, including floppy drives and USB keys This worm attempts to create a hidden file Autorun.inf on the removable drive and copies itself to the removable drive with the hidden filename <Root>handydriver.exe EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
17.
W32/SillyFDC-BK W32/SillyFDC-BK is a
worm for the Windows platform W32/SillyFDC-BK spreads via removable shared drives by copying itself to <Root>krage.exe and creating the file <Root>autorun.inf<Root>autorun.inf File <Root>autorun.inf is designed to run the worm when g the removable drive is connected to an uninfected computer EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
18.
W32/LiarVB-A W32/LiarVB-A is a
worm for the Windows l tfplatform O i t ll d W32/Li VB A dOnce installed, W32/LiarVB-A spreads through network shares and removable storage devices, including floppy drives and USB keys W32/LiarVB-A copies itself to the root folder of the drive and adds an autorun.inf file W32/LiarVB-A leaves an html file on the i f d i h b AIDS EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited infected system with a message about AIDS
19.
W32/Hairy-A W32/Hairy-A is a worm
for the Windows platform W32/Hairy-A will attempt to copy itself and create autorun inf to W32/Hairy-A changes settings for Microsoft Internet Explorer byWindows platform autorun.inf to removable drives Explorer by modifying values EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
20.
W32/QQRob-ADN W /QQR b
ADN i f th Wi d l tfW32/QQRob-ADN is a worm for the Windows platform W32/QQRob-ADN spreads by copying itself to removable storage devices W32/QQRob-ADN copies itself to removable storage devices as the hidden file oso.exe and creates a hidden autorun.inf to launch oso.exe automatically when the device is plugged inoso.exe automatically when the device is plugged in W32/QQRob-ADN attempts to block access to security-related EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited 3 /QQ p y sites by modifying the HOSTS file
21.
W32/VBAut-B W /VBA t
B h f ti lit t d i bl t d iW32/VBAut-B has functionality to spread via removable storage devices and Instant Messaging protocols and to download, install, and run new software This worm attempts to copy itself with the filename boot.exe to the available removable storage device creating Autorun.inf to ensure that h f h i d d i i dthe copy of the worm is executed once device is accessed EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
22.
HTTP W32.Drom HTTP W32.Drom
is a worm for the Windows platform W32.Drom is a worm that downloads and executes malicious files on the compromised computer and spreads through removable storage devices EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
23.
Hacking ToolsHacking Tools EC-Council Copyright
© by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
24.
USB Dumper USB Dumper
is an application that when installed on a system runs awhen installed on a system runs a background process which copies files from any USB flash drive installed to it silently Simplicity of this application is what k it it d it dmakes it quite dangerous, it needs a user to double click the executable Once this is done, application runs in the background and any USB drive that is connected will automatically have its EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited is connected will automatically have its contents downloaded to the system
25.
USB Dumper: Screenshot EC-Council Copyright
© by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
26.
USB Switchblade USB Switchblade
is the outcome of community project to merge various tools and techniques that take advantage of various Microsoft Windows securitytec ques t at ta e adva tage o va ous c oso t W dows secu ty vulnerabilities, the majority of which are related to USB ports P f thi t l i tPurpose of this tool is to: • Silently recover information from Windows systems, such as password hashes, LSA secrets, IP information, browser history, and auto fill informationsecrets, IP information, browser history, and auto fill information • Create a backdoor to the target system for later access It takes advantage of a security hole in U3 drives that allows the creation of a virtual CD ROM drive which allows the Windows auto run feature to workvirtual CD-ROM drive, which allows the Windows auto run feature to work If auto run or a U3 drive is not used, the application can still be started by EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited 3 , pp y executing a single script on the drive
27.
USB Hacksaw USB Hacksaw
is an application created as a proof of concept developed by Hak5 and as an extension to the USB Switchblade USB Hacksaw uses a modified version of USB Dumper that once installed on a system will run a process in the background whenever that computer startsa system will run a process in the background whenever that computer starts, waiting for a USB thumb drive to be installed Once a USB thumb drive is inserted into a system its contents is automatically sent via an encrypted SMTP connection to a remote email account which is configured EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
28.
USB Security ToolsUSB
Security Tools EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
29.
MyUSBonly Prevents data theft
by blocking all but your trusted USB storage devices St fil f lki th b d iStops files from walking away on thumb drives, mp3 players, flash cards, and portable USB hard drives Secretly logs all USB connect and disconnect activity Gives an email notification message when an unauthorized USB storage device is connected to EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited unauthorized USB storage device is connected to your PC
30.
MyUSBonly: Screenshot 1 EC-Council Copyright
© by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
31.
MyUSBonly: Screenshot 2 EC-Council Copyright
© by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
32.
USBDeview USBDeview is a
small utility that lists all USB devices that are currently connected to your PC or have been connected to it in the past Along with the device name and description, it displays the serial number date the device was added and last connectedserial number, date the device was added and last connected, VendorID, and other information USBDeview can also be used to gather USB devices from a remote computer via command line EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
33.
USBDeview: Screenshot 1 EC-Council Copyright
© by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
34.
USBDeview: Screenshot 2 EC-Council Copyright
© by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
35.
USBDeview: Screenshot 3 EC-Council Copyright
© by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
36.
USB Blocker USB Blocker
enforces centralized access control to prevent unauthorized use of removable mediaprevent unauthorized use of removable media that connects to computer USB ports Hardens endpoint security Enables regulatory compliance, such as SOX, GLBA, and HIPAA Seamlessly integrates with Active Directory EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited y g y
37.
USB Blocker: Screenshot EC-Council Copyright
© by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
38.
USB CopyNotify if i
f ili h ifi h i k iUSB CopyNotify is a software utility that notifies when a USB Stick is being used on any of the PCs on the network As soon as someone uses removable media such as a USB drive or an iPod, the sophisticated detection system of the software notifies the samesame EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
39.
Remora USB File
Guard Remora USB File Guard is designedRemora USB File Guard is designed to do file encryption and compression in USB storage devices It can secure all files and store themIt can secure all files and store them in USB disk anytime and anywhere Fast encryption and compression using strong 128 bits encryption technique, and at least a 50% EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited compression rate to double storage capacity
40.
Remora USB File
Guard: Screenshot 1Screenshot 1 EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
41.
Remora USB File
Guard: Screenshot 2Screenshot 2 EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
42.
Advanced USB Port
Monitor Advanced USB Port Monitor is USB Bus, USB Device, and Protocol Analyzer Advanced USB Port Monitor packs the robustp b functionality to capture, view, and process USB traffic It offers sophisticated viewing and intelligent searching to accurately and efficiently debug and test High (480Mbps), Full (12Mbps), and Low (1.5Mbps) speed USB devices and software EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited USB devices and software
43.
Advanced USB Port
Monitor: ScreenshotScreenshot EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
44.
Folder Password Expert
USB Folder Password Expert USB is a security softwareFolder Password Expert USB is a security software designed to protect folders against unauthorized access to their contents Install Folder Password Expert USB right on flash, USB external or removable driveUSB external, or removable drive No need to install the program on each computer EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
45.
Folder Password Expert
USB: ScreenshotScreenshot EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
46.
USBlyzer USBlyzer is an
USB protocol analyzer for WindowsUSBlyzer is an USB protocol analyzer for Windows It provides a view for analyzing USB Host Controllers, USB Hubs, and USB Devices activity USBlyzer can view detailed information about all USB devices and their child components USBlyzer allows to capture, decode, and display important EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited information going through USB device stack
47.
USBlyzer: Screenshot EC-Council Copyright ©
by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
48.
USB PC Lock
Pro It turns any USB Flash Drive into a key that prevents unauthorized people from using computer USB PC Lock will automatically lock your computer and performUSB PC Lock will automatically lock your computer and perform other actions when you step away from it Features: • Locks workstation when you step away • Locks MSN Messenger • Stops streaming media traffic • Mutes audio EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Mutes audio • Starts or stops event logger
49.
USB PC Lock
Pro: Screenshot EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
50.
Virus Chaser USB Virus
Chaser USB supports Anti-Virus Vaccine software based on USB Flash Drive Features: It can scan, cure, delete, or monitor for virus infections of your computer • Virus Scanning • System Monitoring Features: EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
51.
Countermeasures Conformal Coatings, such
as epoxy, help protect critical components from probing and tampering All functionality not used or needed in the production unit should be completelyy p p y removed from the firmware Scan the removable storage media by certain antivirus software whenever it isScan the removable storage media by certain antivirus software whenever it is plugged into a computer i blDisable autorun EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Disable USB ports and CD-ROM’s use on Windows using Group Policy
52.
Summary USB (Universal Serial
Bus) acts as an interface and add on deviceUSB (Universal Serial Bus) acts as an interface and add on device Primary goal was to attempt to access private data, which is supposed to be protected by legitimate user's PIN number or password without detection by the legitimate user Once the modified buffer is programmed back into the Serial, EEPROM attacker canp g login using the default PIN and make use of the legitimate user’s credentials USB Dumper is an application up that when installed on a system will run a backgroundUS u pe s a app cat o up t at e sta ed o a syste u a bac g ou d process that will copy files from any USB flash drive installed to it silently USB Blocker enforces centralized access control to prevent unauthorized use of EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited USB Blocker enforces centralized access control to prevent unauthorized use of removable media that connects to computer USB ports
53.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
54.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Baixar agora