Hacking USB Hacksaw

January 7, 2007 by paul
Filed under: Uncategorized

I saw a bit about USB Hacksaw on Call For Help yesterday (show #467) and it looked interesting – USB Hacksaw is a collection of tools (hacks) which will email you the contents of a USB flash drive each time one is inserted into your (Windows) PC’s USB port.

Given that I have two UFD that I use between home and work, and I’ve already written a script to take a copy of them onto my PC, I thought I’d investigate this new hack.

In HAK.5 episode #2×03 the guys suggested it might be installed on a public PC to steal data from unwitting users, but I just tried it (on my home PC) and I think it’s way too obvious to fool most people – when I inserted a 2Gb UFD the busy indicator flashed for a good minute or more as the data (only about 130Mb) was copied to a hidden temporary folder on the PC. If you tried to remove the UFD while it was copying you’d see a warning message, but by then some of your data has already been stolen.

There are a few other clues that someone might be stealing your data: the first time I ran the hack there were lots of warnings from my firewall telling me the tools were trying to access the internet – of course anyone who is setting this up will know to grant access and then subsequent users won’t see the warnings.

Another problem is that it’s taken about 15 minutes so far and it’s still only sent about half of the data to my Gmail account; if I was to insert another UFD then the folder with the temporary copy would be overwritten, messing up the ongoing process. (I just tried it and I also got a pop-up telling me it couldn’t start a second instance of stunnel.)

Having said all that, I’m going to hack the tools a bit and use them to backup my UFDs when I choose to run them. Better yet, I’ll hack it some more and make it so that I can use the Windows “Send To” menu to backup any folder.