I would add that NTFS writing has been available on knoppix for some
time through through the use of "captive-ntfs". It will scan an ntfs
disk for necessary drivers or you can manually install them from a usb
stick.
While knoppix is not security focused it has been useful being able to
update nessus plugins without having to load some script that rewrites
the pluggins to ramdisk. This was particularly a pain with
knoppix-std. STD was great when it first came out, then they stopped
updating it and I haven't used it in years.
I've been wasting my copious spare time at work making a bartPE live
windows cd that has some nice features such as static binaries and
programs that work in an already booted windows environment
(adaware,mcafee, and static bins taken from the FIRE distro)
It's been useful to give to first responders of incidents. I would
like to expand this to more pen-testing (can you do that with windows?
:)) with tools such as metasploit and possibly vmware player and a
light pentesting distro. We'll see.
- Jeremiah
On 2/22/06, Petr.Kazil@eap.nl <Petr.Kazil@eap.nl> wrote:
If you want to read/write NTFS file systems on a "victim" workstation then
this one is good:
http://trinityhome.org/trk/
It's a Linux CD but you can add Windows drivers to it, and then it
reads/writes to NTFS.
Not many Linux CD's can do that. Do you know more?
Has anyone ever tried to "inject" a trojan file + autostart link into a
Windows file system using a CD like this?
That looks like a doable exploit.
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers
do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
