In DOS, LPT1 refers to the printer port, and Windows supports this for backwards compatibility. The details of how Panda USB Vaccine does this is outlined here.Įssentially the software creates a folder named autorun.inf (which prevents a file with the same name being created there), and then in that folder, a file called LTP1 is created. This is a clever bit of filesystem trickery that exploits a reserved name in the Win32 namespace. Setting the Y bit to 1 could easily be abused by a malicious application, by, e.g., creating an undeletable file that takes up the drive's entire free space. Ubuntu leaves the X intact if it is set to 1, since it does no harm. I downloaded and installed Panda USB Vaccine and "vaccinated" my flash drive, dumped the flash drive's partition with dd for windows using the commands dd -listĭd if=\\.\VolumeĤ While a blatant deviation from the specification, it seems to be thought-out one. If you know how it works, you can reverse the effects and the "vaccine" becomes useless. Panda doesn't seem to reveal the exact mechanism of its "vaccine", which is understandable, since it's basically security through obscurity.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |