Comments on: - Hacking U3 USB Drives http://www.mcgrewsecurity.com Sat, 13 Mar 2010 16:07:37 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Hacking the U3 into a Switchblade on Windows Vista and Windows 7 - ./hadak http://www.mcgrewsecurity.com/pub/hackingu3/comment-page-1/#comment-49184 Hacking the U3 into a Switchblade on Windows Vista and Windows 7 - ./hadak Sun, 21 Feb 2010 22:57:52 +0000 http://www.mcgrewsecurity.com/?page_id=394#comment-49184 [...] and in moments you will have a working USB Switchblade. This hack can be attributed to Andre. Share and [...] [...] and in moments you will have a working USB Switchblade. This hack can be attributed to Andre. Share and [...]

]]> By: shiro http://www.mcgrewsecurity.com/pub/hackingu3/comment-page-1/#comment-48662 shiro Wed, 10 Feb 2010 13:40:01 +0000 http://www.mcgrewsecurity.com/?page_id=394#comment-48662 Good analyse. Actually I have first head of Universal Customizer for hacking u3 devices (thanks to hacking exposed 6). I was looking for a solution under Linux, BSD or any other unix OS. If someone has a clue on how to make it, please tell me ! Davd, I don't know if your solution works for a standard sandisk usb drive, but the idea must remain the same. I think there should be a sort of key used to tell the device to accept writing, something like that. I've tried to ``dd'' a crafted iso file on it, dd process was in state of ``bioswait'', meaning the hardware didn't accept _my_ input data. It may accept the key and then any other data until it is not power supplied anymore. What do you think ? There are tools on windows for monitoring input/outputs, maybe someone should try to experiment a bit with it, I don't think anything will break up, if you screw up your partition, all you have to do is use the vendor software again. Another question : Cannot one fake a u3 USB key ? I mean just formatting a usb drive in 2 partition and create a cd9660 filesystem on one of these two partitions. There should be a way to fool windows, isn't it ? Good analyse.
Actually I have first head of Universal Customizer for hacking u3 devices (thanks to hacking exposed 6).

I was looking for a solution under Linux, BSD or any other unix OS. If someone has a clue on how to make it, please tell me !
Davd, I don’t know if your solution works for a standard sandisk usb drive, but the idea must remain the same.
I think there should be a sort of key used to tell the device to accept writing, something like that. I’ve tried to “dd” a crafted iso file on it, dd process was in state of “bioswait”, meaning the hardware didn’t accept _my_ input data. It may accept the key and then any other data until it is not power supplied anymore. What do you think ?

There are tools on windows for monitoring input/outputs, maybe someone should try to experiment a bit with it, I don’t think anything will break up, if you screw up your partition, all you have to do is use the vendor software again.

Another question : Cannot one fake a u3 USB key ? I mean just formatting a usb drive in 2 partition and create a cd9660 filesystem on one of these two partitions. There should be a way to fool windows, isn’t it ?

]]> By: -nilzZZz-™ http://www.mcgrewsecurity.com/pub/hackingu3/comment-page-1/#comment-47069 -nilzZZz-™ Thu, 14 Jan 2010 00:53:41 +0000 http://www.mcgrewsecurity.com/?page_id=394#comment-47069 try Process hacker to view working dir. and such. greez ;) i hope 4 more posts try Process hacker to view working dir. and such. greez ;) i hope 4 more posts

]]> By: Davd http://www.mcgrewsecurity.com/pub/hackingu3/comment-page-1/#comment-46759 Davd Thu, 07 Jan 2010 23:31:04 +0000 http://www.mcgrewsecurity.com/?page_id=394#comment-46759 Kingston, SanDisk and Verbatim USB Flash drives with AES 256-bit hardware encryption that supposedly meet the highest security standards FIPS 140-2 Level 2, have been hacked. Cracking the drives is therefore quite simple. The SySS experts wrote a small tool for the active password entry program's RAM which always made sure that the appropriate string was sent to the drive, irrespective of the password entered and as a result gained immediate access to all the data on the drive. The vulnerable devices include the Kingston DataTraveler BlackBox, the SanDisk Cruzer Enterprise FIPS Edition and the Verbatim Corporate Secure FIPS Edition. http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html Kingston, SanDisk and Verbatim USB Flash drives with AES 256-bit hardware encryption that supposedly meet the highest security standards FIPS 140-2 Level 2, have been hacked.

Cracking the drives is therefore quite simple. The SySS experts wrote a small tool for the active password entry program’s RAM which always made sure that the appropriate string was sent to the drive, irrespective of the password entered and as a result gained immediate access to all the data on the drive. The vulnerable devices include the Kingston DataTraveler BlackBox, the SanDisk Cruzer Enterprise FIPS Edition and the Verbatim Corporate Secure FIPS Edition.

http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html

]]> By: pyr8noob http://www.mcgrewsecurity.com/pub/hackingu3/comment-page-1/#comment-46753 pyr8noob Thu, 07 Jan 2010 19:36:39 +0000 http://www.mcgrewsecurity.com/?page_id=394#comment-46753 Trying to bypass U3 security to see contents. How do I get past the door? Everyone says its secure, I don't think anything is secure. I need to recover the password or bypass U3. Any ideas? Trying to bypass U3 security to see contents. How do I get past the door? Everyone says its secure, I don’t think anything is secure. I need to recover the password or bypass U3.

Any ideas?

]]> By: SifJar http://www.mcgrewsecurity.com/pub/hackingu3/comment-page-1/#comment-46166 SifJar Sat, 26 Dec 2009 12:31:22 +0000 http://www.mcgrewsecurity.com/?page_id=394#comment-46166 I was wondering: Do you have a link to a guide on how to use Ethereal (or WireShark, Ethereal's successor) like you used it in this post, to monitor the network activity of a program? I am trying to see where another program downloads something from, and I can't work out how to use the software... I was wondering: Do you have a link to a guide on how to use Ethereal (or WireShark, Ethereal’s successor) like you used it in this post, to monitor the network activity of a program? I am trying to see where another program downloads something from, and I can’t work out how to use the software…

]]> By: manioc http://www.mcgrewsecurity.com/pub/hackingu3/comment-page-1/#comment-45224 manioc Wed, 09 Dec 2009 03:38:42 +0000 http://www.mcgrewsecurity.com/?page_id=394#comment-45224 I followed the instructions on this site in order to automount a TrueCrypt travelers disk partition on the U3 partition and it worked like a charm for me. http://www.instructables.com/id/Using_U3_Technology_to_its_fullest_on_an_8G_Cruzer/ I followed the instructions on this site in order to automount a TrueCrypt travelers disk partition on the U3 partition and it worked like a charm for me.

http://www.instructables.com/id/Using_U3_Technology_to_its_fullest_on_an_8G_Cruzer/

]]> By: Ben Jones http://www.mcgrewsecurity.com/pub/hackingu3/comment-page-1/#comment-42363 Ben Jones Mon, 19 Oct 2009 18:52:45 +0000 http://www.mcgrewsecurity.com/?page_id=394#comment-42363 *bump* U3Customizer (all versions that I can find)- "Failed to access your U3 smart drive" GuidoZ- fails after about 7 seconds Lpinstaller local- also fails quickly Because I can load smaller files, around 700-800MB, I'm thinking possibly it's because of the CDFS formatting of the U3 partition. Is there a way to force any of the above programs to format the U3 partition as UDF or is there something I am missing. Also, instead of being vague, the 7.12GB file I am trying to put onto the U3 partition is OS X 10.5. I successfully accomplished it about a year ago, so I know it WAS possible. Any help would be greatly appreciated. *bump*
U3Customizer (all versions that I can find)- “Failed to access your U3 smart drive”
GuidoZ- fails after about 7 seconds
Lpinstaller local- also fails quickly
Because I can load smaller files, around 700-800MB, I’m thinking possibly it’s because of the CDFS formatting of the U3 partition. Is there a way to force any of the above programs to format the U3 partition as UDF or is there something I am missing. Also, instead of being vague, the 7.12GB file I am trying to put onto the U3 partition is OS X 10.5. I successfully accomplished it about a year ago, so I know it WAS possible. Any help would be greatly appreciated.

]]> By: Ben Jones http://www.mcgrewsecurity.com/pub/hackingu3/comment-page-1/#comment-40929 Ben Jones Sat, 26 Sep 2009 10:45:46 +0000 http://www.mcgrewsecurity.com/?page_id=394#comment-40929 OK, I am really at a loss here. I have tried every suggestion on this site and every other site I can find. NOTHING WORKS!!!! I find it so incredible that I had it working at one point and cannot get it back to save my life. It's like I got lucky once. Any other suggestions are very much appreciated! OK, I am really at a loss here. I have tried every suggestion on this site and every other site I can find. NOTHING WORKS!!!! I find it so incredible that I had it working at one point and cannot get it back to save my life. It’s like I got lucky once. Any other suggestions are very much appreciated!

]]> By: GuidoZ http://www.mcgrewsecurity.com/pub/hackingu3/comment-page-1/#comment-40653 GuidoZ Tue, 22 Sep 2009 22:12:16 +0000 http://www.mcgrewsecurity.com/?page_id=394#comment-40653 Check out the info I posted - there is utilities for putting everything back the way it was, as well as fully customizing the ISO U3 uses. Works like a charm everytime, and has been for years! http://www.GuidoZ.com/U3/ -- Peace. ~G Check out the info I posted – there is utilities for putting everything back the way it was, as well as fully customizing the ISO U3 uses. Works like a charm everytime, and has been for years!

http://www.GuidoZ.com/U3/


Peace. ~G

]]>