[security-alerts] New tool for USB attacks

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

Message: 2
Date: Tue, 19 Sep 2006 00:21:58 +0300
From: "Wolf" <wolf.schiedler@xxxxxxxxx>
Subject: [Full-disclosure]  USB Attacks Going Commercial?
To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Cc: ge@xxxxxxxxxxxx
Message-ID: <007101c6db68$7c11a250$e101a8c0@pcddyy2006>
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
        reply-type=original

Well if You have physical access
to the computer its possible "on the fly"
takeout copies of the SAM and system files with this tool:

 DiskInternals NTFS Reader 2.0 - Works XpSp2 - tested
 http://www.diskinternals.com/download/NTFS_Reader_Setup.zip

So with this tool You dont need any "boot" or restarting of windows...

I have tested it by having this tool in USB stick
and taken copies out those files and then "breaked" the
LMHashes with Rainbow crack or 
http://lasecwww.epfl.ch/~oechslin/projects/ophcrack/index.php


Regards - Wolf