Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword or section
Like this
3Activity

Table Of Contents

1. Abstract
2. Introduction
2.1. A brief history of removable storage malware
2.2. AutoRun and AutoPlay
2.3. Stuxnet and the LNK vulnerability
2.4. Attacks on physical systems
3. USB Architecture
3.1. About USB
3.2. Host controllers
3.3. Devices
3.3.1. Hubs
3.3.2. Functions
3.3.3. Interfaces
3.3.4. Endpoints
3.3.5. Device classes
3.3.6. USB descriptors
3.4. Mass storage class devices
3.5. Attacks using the USB protocols
3.6. Fuzzing USB drivers
3.6.1. Windows Device Simulation Framework
3.6.2. QEMU/BOCHS
4. USB operation on Windows 7
4.1. USB driver stack
4.1.1. Core stack
4.1.2. Class drivers
4.1.3. USB device recognition
4.1.4. The danger of drivers from Windows Update
4.2. Mass storage devices
4.2.1. USB storage port driver and Windows disk class driver
4.2.2. Partition and volume management
4.2.3. File system drivers
4.2.4. Fuzzing filesystem drivers on Windows
4.5.1. Shell Hardware Detection Service
4.5.2. ReadyBoost
5. Windows Explorer
5.1. Shell Extension Handlers
5.1.1. Registered file types and perceived types
5.1.2. Icon handlers
5.1.3. Thumbnail handlers
5.1.4. Image handlers
5.1.5. Preview handlers
5.1.6. Infotip handlers
5.1.7. COM object persistence and type confusion
5.1.8. Fuzzing shell extensions
5.1.9. Exploiting shell extensions
5.2. Property system
5.3. Folder customization
5.3.1. Shell namespace extensions
6. USB operation on GNU/Linux
6.1. Core
6.2. USB interface drivers
6.3. USB mass storage class driver
6.4. udev, udisks, D-Bus
6.5. File systems in Linux
7. GNOME and Nautilus
7.1. Automatic mounting of storage devices
7.2. Autorun capabilities
7.3. Thumbnailers
7.3.1. Exploiting thumbnailers
8. Conclusion
8.1. Acknowledgements
9. Appendix
9.1. USB descriptors for a mass storage class device
9.2. Default Shell Extension Handlers in Windows 7 Professional (32 bit)
9.2.1. Icon handlers
9.2.2. Image handlers
9.2.3. Thumbnail handlers
9.2.4. Property handlers
9.2.5. Preview handlers
9.3. Default GNOME Desktop thumbnailers in Ubuntu Desktop Linux 10.10 (32
10. Works cited
11. Legal notices
0 of .
Results for:
No results containing your search query
P. 1
BlackHat_DC_2011_Larimer_Vulnerabiliters_w-removeable_storage-wp

BlackHat_DC_2011_Larimer_Vulnerabiliters_w-removeable_storage-wp

Ratings: (0)|Views: 2,913 |Likes:
Published by Arun Reddy

More info:

Published by: Arun Reddy on Mar 27, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

05/02/2012

pdf

text

original

You're Reading a Free Preview
Pages 4 to 23 are not shown in this preview.
You're Reading a Free Preview
Pages 27 to 66 are not shown in this preview.

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->