Re: Bootable CD Attack disk + NTFS question

From: okrehel@loews.com
Date: Wed Feb 22 2006 - 13:39:42 EST

This is the package that you can look for in the specific boot distro.
Helix, Knoppix and many others have it (customize it if kernel version
is at least 2.6.14 - needs Fuse)

Thanks to Jan Kratochvil "captive-ntfs "
http://www.jankratochvil.net/project/captive/ provides full support
of read/write to the ntfs file system.

Ondrej Krehel

                                                                           
             Petr.Kazil@eap.nl
                                                                           
             02/22/2006 11:42 To
             AM pen-test@securityfocus.com
                                                                        cc
                                                                           
                                                                   Subject
                                       Re: Bootable CD Attack disk + NTFS
                                       question
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           

If you want to read/write NTFS file systems on a "victim" workstation then
this one is good:
http://trinityhome.org/trk/

It's a Linux CD but you can add Windows drivers to it, and then it
reads/writes to NTFS.
Not many Linux CD's can do that. Do you know more?

Has anyone ever tried to "inject" a trojan file + autostart link into a
Windows file system using a CD like this?
That looks like a doable exploit.

------------------------------------------------------------------------------

Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers
do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:34 EDT