Connect USB and hack login details from a PC or Mac, a new vulnerability

39
561

A new vulnerability discovered by Rob Fuller, a security engineer at R5 Industries, which make it easy to hack PC and Mac locked computers. You need only a USB-mounted computer and it will take only 30 seconds. Both PC and Mac computer affected by this new vulnerability.

With the help of flash-sized minicomputer into locked PC, you can get the username and password hash. Computer security protocols called NT LAN Manager (NTLM) are responsible these hashes leak. Rob Fuller created a script to the attack minicomputers, which disguising them as USB Ethernet devices.

Rob Fuller explains,

What is happening in the video, is the USB Armory is being plugged into a locked (but logged in) system. It boots up via the USB power, and starts up a DHCP server, and Responder. While it’s doing this, the victim is recognizing it as a Ethernet adapter. The victim then makes route decisions and starts sending the traffic it was already creating to the Armory instead of the “real” network connection. Responder does its job and responds to all kinds of services asking for authentication, and since most OSs treat their local network as “trusted” it sees the authentication request and automatically authenticates. Seeing that the database of Responder has been modified the Armory shuts down (LED goes solid).

For more details check out here.

39 COMMENTS

  1. It’s actually a nice and useful piece of info. I’m satisfied that you
    just shared this helpful info with us. Please stay us up
    to date like this. Thank you for sharing.

  2. It’s a shame you don’t have a donate button! I’d without a doubt donate to this brilliant blog!
    I guess for now i’ll settle for book-marking and adding your RSS feed to my Google account.
    I look forward to brand new updates and will share this site with my Facebook group.
    Chat soon!

  3. Oh my goodness! Amazing article dude! Thank you, However I am going through issues with your RSS.
    I don’t understand the reason why I can’t subscribe to it.
    Is there anyone else having the same RSS problems?
    Anyone that knows the solution will you kindly respond?

    Thanx!!

  4. I am really pleased to glance at this web site
    posts which consists of tons of useful facts, thanks
    for providing such statistics.

  5. These are actually fantastic ideas in concerning blogging.
    You have touched some pleasant things here. Any way keep up wrinting.

  6. hello!,I like your writing very a lot! share we communicate extra approximately
    your article on AOL? I require a specialist in this
    space to unravel my problem. Maybe that’s you! Having a look ahead to
    look you.

  7. Heya i am for the first time here. I found this board and
    I find It truly useful & it helped me out much.
    I hope to give something back and aid others like you aided me.

  8. This is really attention-grabbing, You are an excessively professional blogger.

    I’ve joined your rss feed and look forward to searching for extra of your magnificent post.
    Also, I have shared your web site in my social networks

  9. We are a gaggle of volunteers and starting a brand new scheme in our community.
    Your website provided us with valuable information to work on. You have performed a formidable job and our entire group
    will likely be grateful to you.

  10. Thank you for every other informative site. Where else could I am
    getting that kind of information written in such an ideal way?
    I have a mission that I am just now running on, and I have been on the glance out for such info.

  11. I’m gone to tell my little brother, that he should also pay a quick visit
    this web site on regular basis to get updated from most
    up-to-date gossip.

  12. I really like your blog.. very nice colors & theme.

    Did you create this website yourself or did you hire someone
    to do it for you? Plz answer back as I’m looking to create my
    own blog and would like to find out where u got this from.
    appreciate it

  13. I’ll immediately seize your rss feed as I can not find your e-mail subscription hyperlink or newsletter service.
    Do you have any? Please let me recognize in order that I may just subscribe.
    Thanks.

  14. We stumbled over here by a different website and thought I might
    as well check things out. I like what I see so i am just following
    you. Look forward to checking out your web page repeatedly.

  15. Its like you read my mind! You appear to know a lot about this, like you wrote the book in it or something.
    I think that you can do with some pics to drive the message home a little bit, but instead of that, this is excellent blog.
    An excellent read. I will certainly be back.

  16. Do you have a spam issue on this blog; I also am a blogger, and I was curious about
    your situation; we have created some nice practices and we are
    looking to swap methods with others, be sure
    to shoot me an email if interested.

Comments are closed.