Header Ads

A pirate USB key is enough to steal your Windows logins or macOS

5:22 AM 0
Une clé USB pirate suffit à voler vos identifiants Windows ou macOS
One to hack succeeded in simulating a local area network with a programmable USB key. The computer, seeing only fire there, automatically sends requests of connection with logins, even if it is locked.




The persons in charge of security in company are likely to have some cold sweats. The researcher in security Rob Fuller has just shown a hack of a frightening effectiveness. Let us suppose that a user absent from his station, after having locked its computer. It is then enough to connect on this machine an USB key to recover – in the space of about fifteen seconds – the logins of this user. Namely its login and its password in chopped form. This “hash” can then be directly used in attacks of the type “not the hash” to reach other parts of the network. The pirate can also try to break the hash to find the password in light, which is far from being impossible.

Obviously, Rob Fuller did not take an unspecified USB key to make this hack, but was pressed on a programmable device under Linux such as LAN Turtle or USB Armory.  The idea is then to modify it in such a way that the computer has the feeling which it is about an adapter USB Ethernet connected to a true local area network. With this intention, to hack it on its key a waiter DHCP embarked, which is given the responsibility to allocate an address IP with the machine, as well as a software baptized Responder, which will simulate a waiter of authentification. Once connected, the computer automatically will send requests of connection incorporating the aforementioned logins.


“Why does it go? Because USB technology is plug and play. What wants to say that even when a computer is locked, the device is nevertheless installed”, explains Rob Fuller in a note of blog, before adding: “The computers create traffic network permanently, even if no browser or another application is used. And most computers trust their local area network. ” In addition, like the key a network simulates fixes rather fast in response times, it will replace preexistent connection automatically, that it is telegraphic or not. Rob Fuller tested his attack on Windows 98 SE, Windows 2000 SP4, Windows XP SP3, Windows 7 SP1 and Windows 10 (Enterprise and Home). It also functioned on macOS El Capitan/Mavericks.
In any case, this clever trick seems to create sensation in the world of the hackers. The site of sale of LAN Turtle is renewing its stock because of an increasing demand for this kind of tool. A rise of the directly dependent request on a tour of this attack. How to protect itself? Rob Fuller does not give any indication on this point. The desactivation of the USB ports seems to be for the moment the only parade.
Source:
Note de blog de Rob Fuller
Tags:

No comments

Subscribe to: Post Comments ( Atom )
Powered by Blogger.