[wesley mcgrew] has been playing around with Sandisk’s U3 Smart USB Drives technology. U3 is designed to make implementation of portable applications easier. The USB drive appears as a CDROM drive and can autorun applications. Wesley has a guide for how to patch in your own CD ISO. This ties in pretty well with the dangers of USB drives that we’ve covered before (one, two) and Schneier has a recent post on USB security issues as well.
[UPDATE: [matt] pointed out a recent Security Catalyst podcast with Abe Usher on podslurping]
interesting artical – goes to show why I have autorun turn off on everything…
off topic – but what usb drive that you have is chrome? looks cool haha
It’s silver plated http://www.engadget.com/2004/08/17/silver-plated-usb-flash-memory-drive/
The Security Catalyst, who you’ve listed in the past in your “roundup of security podcasts” has a great interview with Abe Usher, who wrote one of the original “podslurping” proof-of-concept utilities.
You can download, or listen direct, here:
http://www.securitycatalyst.com/2006/04/13/security-catalyst-25-insider-interviews-podslurping-with-abe-usher/
nice, but… can it be done with something a bit cheaper than a U3?
STOP teasing us with that ultra-sexy pendrive!
#4: if I understand what’s going on here correctly, the device acts like two devices, a USB CD and a USB storage device. It’s autoruns the files from the faux CD. So to answer your question: bus/battery-powered USB CD drive? Or is that not cheaper than a u3?
Happy national webloggers day.
The article about USB security that Schneier quotes is a very interesting one.
Social Engineering, the USB way:
http://www.darkreading.com/document.asp?doc_id=95556&WT
i’m just curious as to how these u3 drives are different from standard flash drives, and whether a standard drive could be “turned into” a u3-capable one.
u3 drives are on 20 bucks at buy.com for a 1 gig…. yeah yeah rebates…
#9: The only real difference to these U3 drives are basically what he stated in the article. They have a second method of talking to Windows which tells Windows that the device is not removable, thus enabling autorun. iPod’s actually use this non-removable flag as well, meaning that an iPod can do autorun in particular circumstances.
Microsoft has a USB FAQ that makes it a bit more clear: http://www.microsoft.com/whdc/device/storage/usbfaq.mspx
Q: What must I do to trigger Autorun on my USB storage device?
The Autorun capabilities are restricted to CD-ROM drives and fixed disk drives. If you need to make a USB storage device perform Autorun, the device must not be marked as a removable media device and the device must contain an Autorun.inf file and a startup application.
The removable media device setting is a flag contained within the SCSI Inquiry Data response to the SCSI Inquiry command. Bit 7 of byte 1 (indexed from 0) is the Removable Media Bit (RMB). A RMB set to zero indicates that the device is not a removable media device. A RMB of one indicates that the device is a removable media device. Drivers obtain this information by using the StorageDeviceProperty request.
I don’t want or need U3 compatability.
From what I’ve seen there isn’t that much U3 stuff that impresses me other than Firefox.
What I would like to do is remove the U3 stuff entirely and recover the space for my own use.
How can I do that?
awesome comments guys, glad you’re enjoying the writeup.
there is a u3 uninstaller floating around on the internet (and I could swear the u3 folks were hosting it too, but the url escapes me).
#11,
that’s really interesting. i wonder if there is firmware to hack on most usb keys that we can change that bit to zero?
Here’s the URL for the U3 uninstaller. You will have to reformat your stick afterwards. It worked fine for me.
http://rapidshare.de/files/12773731/U3_Uninstaller.exe.html
Here’s the URL for the U3 uninstaller. You will have to reformat your stick afterwards. It worked fine for me.
http://rapidshare.de/files/12773731/U3_Uninstaller.exe.html
reallt nice thing, i like alot.
I wish someone just came up with a hack where you could just put the U3 stuff on a drive, or am I missing something? Is there actually some hardware that allows U3 features?
I got to have the fun of playing with a co-worker’s u3 thumbdrive when they first came out. Seems that it has to install software on the computer they are used on, which is a big no-no at most place one would want to use one (Work, library, photo printing machine, etc). When it couldn’t install the software the drive refused to open. Needless to say it didn’t take a lot of talking to get her to take it back and get a standard thumbdrive as all she wanted to do was haul files tween work & home.
I have an older Jump Drive Secure 128 MB. Part of its software allows partitioning with a secure and public partitions. It also allows specifying a program to auto run. This bypasses my auto run dissable, and runs it anyways. Must be ran out of the driver, Nice! :D
http://www.u3.com/uninstall for the uninstall straight from the (w)hor(s)e’s mouth.
Thanks for the U3 uninstall stuff folks!
I saw this thing before on http://www.wiibay.nl that free auction site but that was a while ago
Very interesting article, and that drive. woah! nice i want it :P
someone come up with a way to create u3 fuctinonity to a generic flash drive
#23: no need, check out http://portableapps.com/ . you don’t have to pay, plus most software repackaged there is open source, unlike most of the apps available through u3. if you want something to start your programs, look into pstart in the utilities section.
Hmmm. Has anyone else tried this out? Some PCs state that they’ll need to reboot before installing the U3 drive… rendering the “slurp” considerably less effective…
Its all in the controler-chip guys.
IF your drive has the right one , you can flash it… well you can flah them ALL if you can find the tool.My FSC MemBird shows itself as a FIXED disk.
anyone know how to change the RMB bit to show the device as non-removable and therefor able to enable autorun???
@ #29 (dude)
Yes , I know how,if you go to the http://www.911cd.net forum and search
you will find some VERY usefull tips
and links to tools that might let you do it,
but it all depends on what controler-chip your drive uses.
Hello all, maybe you can help me out. I’m trying to autoplay a software on my usb key. I configure the autorun.inf to start automaticaly with the program, but not the damn window that ask you what to do (media player, no action, and blablabla). Is that possible? i don’t have a u3, it’s a basic usb key. I read alot on that but, it doesn’t seems to work. Is there a solution? How can i partition my usb key like a cd?
thanks, chris
Dudes, U3 sucks balls.
Installers are for babys, just do it yourself.
I’ve got a 1GB USB with PStart installed and check out the programs I have on it:
Powerpoit Viewer; Firefox Portable;O pera 9 USB; Gaim Portable; Miranda IM; VLC Media Player; Process Explorer; DTask Manager; Portable Wackget; 7-Zip; VisualBoyAdvance; Sudoku Portable; The GIMP; Thunderbird; TweakUI; Xpy; Network Stumbler; ClamWin Portable; RegCleaner; Nokia Wireless Presenter, and I just don’t have the whole OpenOffice Suite because of the space it uses.
If you only use portable apps in PCs where you have Admin rigths, you can also check out MojoPac, which allows you to carry ANY program on your pocket. ANY.
Yes, It can handle stuff like M$Office, Counter-Strike Source (and Half-life 2, of course), Photoshop, etc, etc… whatever you may think of.
It’s here: http://www.mojopac.com
Bad thing I don’t know of any free or “freed” version.
U3 programs are of NO INTERST to most of the profesionals. Interesting part is in construction of a USB drive that lets you AUTORUN (any application) without any prompt (upon insertion into a computer).
I NEED “non-removable” usb drive to play with!!! :[
i wanna to download usb hack
Now it’s possible to hack launchpad. It has an option to erase whole partition when you forgot the password. I think it’s too simple , since with one click anyone that access sandisk pendrive can delete all protected data. Of course it would be necessary to block somehow launchpad unistaller from sandisk site, that would do the same. Any ideas?
I’ve got an idea. There is possibility to change file “version.dat” for a version that never existed ]-) This might cause uninstaller (from website) stop working. I saw a post that someone had an older version of launchpad and newer uninstaller from website. But I don’t know if the uninstaller on pendrive would stop working too. If so, it would be impossible to uninstall launchpad even if it was neccesery. Only sandisk could do it.
SOSO
Is there any prog which can copy all the data secretly from usb key whenever it is inserted. Please tell me about this. I am searching for this badly and if you know please tell me.
thanks…
A few months ago I saw an article re: installing software that would automatically and transparently copy data from thumb drives inserted in a PC. Reverse thumb sucking, I believe is what the author called it, but I can’t find the article. All I get is links to articles about the movie, Thumbsucker.
All my clients ask that I disable the USB ports for flash drive use, while a couple of others want to know what data employees are copying/stealing to their flash drives from the company network.
Can anyone recommend a program that will accomplish this?
Thanks!
there is a sftwre i developed that secretly copies the thumbdrives upon insertion, rar or 7zips them into 2mb chunks, n mails them to you.
i wanted to kno if i could run a U3 app on my non-U3
pen drive
yes just go to u3smart.com and it’ll ask u if u’d like to download it to ur flash drive but it may eat up half of ur memory..
I’ve been playing with autoruns and flash drives since before U3 drives were even available. I still have some of the original UD-RW drives from Hagiwara lying around. (Test models, 1GB each with a resizable U3-like partition.) I’ve used them for years to show why physical security is just as important as network security.
You can read more about my findings and creations here: http://www.GuidoZ.com/U3/
—
Peace. ~G
So, is there any way to crack a password or hack it if USB Drive (aka thumb drive) is password protected? I heard that it’s nearly impossible?
i want documentry on usb hacking + usb hacking software
i want document on usb hacking
GuidoZ’s http://www.guidoz.com/U3/GuidoZ%20SanDisk%20U3%20Hacker.zip is a Trojan !!!
BEWARE !!!!
No, it’s not a “Trojan.” Just crappy antivirus programs that have now managed to get my website blacklisted by Firefox and Chrome. If I was some “script kiddie” why in the hell would I be using the same website, same handle, and same files (that I used daily without issue)? I answer questions, I help people, and I continue to release new things. Google my handle “uberguidoz _at_ gmail.com” and you’ll see plenty from me. No funny business. Just poor software and ignorant people.
6 years have passed.
Here is the VirusTotal report for that scumsucker’s malware: http://www.virustotal.com/analisis/b30a1bf21fede5470b0174724426a3cf032eeafeec9a66065cccb69dfda8e58b-1264332064
No, it’s not a “Trojan.” Just crappy antivirus programs that have now managed to get my website blacklisted by Firefox and Chrome. If I was some “script kiddie” why in the hell would I be using the same website, same handle, and same files (that I used daily without issue)? I answer questions, I help people, and I continue to release new things. Google my handle “uberguidoz _at_ gmail.com” and you’ll see plenty from me. No funny business. Just poor software and ignorant people.
As a character witness, here’s a link where I assisted a friend from Rapid7. If anyone would know better, don’t you think they would? Check the comments and you’ll see Andrew’s comment using my site as a mirror. Yes, I know him IRL.
https://community.rapid7.com/community/metasploit/blog/2012/08/21/metasploit-portable-ios