I need to develop an encrypted USB Flash drive to protect my data. Here is the high level idea:
When USB will be plugged in PC, it will show one application, for example "openfile.exe"
When I run the "openfile.exe" it will open the USB (need to give password) for saving other files in it.
Now user can save file in the USB as usual which will be encrypted.
When I plug out the USB from the PC and plugin again, it will start from Step 1
So user always see the "openfile.exe" after plugin it until they run my application
placed in USB. And data will be secured.
I have no idea, how about creating Virtual USB Simulator?
Any one have idea how to proceed?
Thank you.
It's not virtual USB simulator, but a virtual file system (you create a virtual disk with a drive letter that is mapped to real location with help of drivers). Several of our products (namely CBFS Storage and CBFS Connect) can be used for this task.
The drawback of this approach is that you have to install the kernel-mode drivers to the system. Your application can do this on the fly, but it needs to have administrative privileges for this task. I.e. the scenario when you come to internet cafe, plug your USB stick and have an encrypted disk is almost never possible (cause admins of internet cafe won't give you admin rights).
Related
I am designing a security utility for USB sticks that when a memory stick has been plugged in,an email is sent to the user with the computer's name and IP address. I have got the email part working, but do not know how to execute the .exe file I have made when the USB is plugged in. I know autorun.inf hasn't worked for a while now, and I would like it to run automatically regardless of the PC it is plugged into. Any suggestions? Thanks.
I am pretty sure there is no way to store an executable onto a USB mass storage device in such a way that it runs automatically on all Windows PCs, because that would be a security risk.
You can configure Windows to use AutoPlay though: go to Settings > Devices > Autoplay.
If you have control over the firmware of the USB device, you might try emulating an HID keyboard and taking control of the user's computer that way. See BadUSB and USB Rubber Ducky.
Is there any way Not to detect USB from windows PC?
The USB device should not mount on windows PC ,It should be handled by my application..
Suggestions please...
As far as I know there is no way of stopping the mount on the windows PC, however, you could set it up to autorun so that when it is plugged it in attempts to launch your application. This answer has some information on how to do this: https://stackoverflow.com/a/255067
There is also the option to hide a drive in windows by removing is drive letter (http://www.howtogeek.com/97203/how-to-hide-a-drive-in-windows-so-that-no-one-will-know-its-there/) however, this is almost certainly going to stop your application from reading it too.
If this is for a specific security reason then perhaps you could look at encrypting the drive and allowing only the application to decrypt the data. Thus, whilst mounted in windows it will be of little use.
Sorry I couldn't be of much more help.
Microsoft provides a utility called devcon for free download.
It's a "Command Line Uility Alternative to Device Manager".
It can actually do many things that I won't get into here, but removing a plug & play device is a simple operation once you know the unique name of the device you want to manipulate.
Refer this to check how to work with it.
It sounds like you don't want your device to show up as a drive in My Computer. In that case, why are you using the Mass Storage Device class at all? You could make a custom, vendor-specific device and talk to it using control/interrupt/bulk transfers with WinUSB. You would need to change the Device's USB descriptors to indicate it is a vendor-specific device and not a mass-storage device.
I have a crypto USB device which is used to store PKI certificates including the private key.
It can be read/written to using the Microsoft Crypto APIs. And it is protected by a PIN. I am investigating if the device is in fact secure.
In my opinion, the security of the device hinges on how the PIN is used/stored. This is related to a different question I posted on crypto.stackexchange - https://crypto.stackexchange.com/questions/5929/crypto-usb-devices-where-is-the-pin-password-stored
When I insert the device into my USB slot, it presents itself as a CD drive containing a setup program which installs the driver/CSP middleware/UI for the device. After the setup program is run and I store certificates in the device, I still see only the setup program in Windows Explorer when I look at the drive assigned for the device.
So in order to prove that the device is secure or not secure, I want to access the raw data on the device. And I want to know what APIs on Windows, I can use to access the device bypassing the Crypto APIs.
Alternately are there tools to do the same?
One idea would be to boot into a Linux Live CD and view the drive contents that way. You could, for example, try one of the latest Ubuntu builds, all of which can be run from the CD without installing the operating system onto your Windows machine.
My theory is that when your device is accessed from Linux, the raw data will be available. When it is accessed from Windows, I suspect some kind of clever AutoPlay comes into effect in order to present your device as a CD drive.
I'm using a Limited User account under Windows XP, and I'm having a bit of trouble getting my Adaptoid (the most coveted N64 controller -> USB adapter, because of it's support for sending raw N64 controller commands + the fact that it's been discontinued) to work smoothly: as installed, the included software requires Administrator privileges to load the driver.
Presumably, it is possible to arrange for the driver to be loaded automatically when the Adaptoid is inserted by adding some stuff to the INF file for the driver (wishna1.inf):
the question is, what stuff?
(It would also suit me just as well if the driver could be automatically loaded when anything attempted to open \Device\Wish_NA1, or even to have it automatically loaded at every boot, really, but doing it on insertion seems like the right way.)
Note: I do have access to an administrative account, it's just that I prefer not to have to use it day-to-day.
First of all, let's clarify that a USB device has a Plug & Play driver on Windows 2000 and higher, so services start modes are irrelevant. The driver will have an entry as a "service" in the registry, but its start mode is irrelevant here.
Let's split the problem into two parts:
Installing driver for the device: This requires administrative privileges. This happens when you insert a USB device into a port for the first time. Windows goes over your .INF files to find one that matches your hardware. If the driver is WHQL-certified, it'll load automatically. Otherwise, you'd see the dreaded Add New Hardware wizard. If you're running as admin, a few clicks on Next should be enough to install it. Otherwise, better have that Administrator password ready.
Loading the driver for the device: Once the device is installed, the driver will be loaded each time this device is inserted into this USB port without requiring any additional user intervention. Ever noticed how a USB printer, camera or disk drive load much faster the second time you plug it in? That's because that's just loading, without installing.
From looking at the .INF, it looks valid. Also, it's not WHQL-certified, so you'd have to install it manually.
I'm assuming when you insert the Adaptoid, you get an Add New Hardware wizard. If you point it manually to the installation directory, does the Adaptoid install and function? Does it appear in the Device Manager?
P.S. USB devices which have a serial number are an exception. They're installed once for all USB ports. Those devices are rather uncommon, though.
I need to create a application that will allow a Windows PC (XP/Vista) to emulate a thumbdrive. That is, when the PC is plugged into either another Windows system, or in this case, a piece of hardware that allows for USB thumbdrives to be plugged in, a folder on the computer looks like a giant thumbdrive. Any thoughts on where a guy would start to investigate this?
Update (more specific description):
I need to connect my PC to one of the newer multifuction devices that support scanning to a USB thumbdrive that is inserted into the front of the device. These units do not support WIA or TWAIN via the rear USB connector that you'd typically use for connectivity to a PC.
Most USB controllers in regular pc's dont have the possibility to function as an USB slave. So I'd start with investigating what kind of hardware you're going to use.
Another way to go: there are USB Link cables to link up 2 pc's over USB, maybe that's usable for you?
You cannot do this in an application. At the lowest level, the USB ports on your computer are controlled by an Host Controller Interface. This chip will manage up to 127 slave USB devices. You would need to seriously reprogram this chip before it implements the slave side of the USB protocol. Of course, at that point any USB hub in your PC will break down - those 8 USB ports you probably have are usually implemented by 2 smart USB hubs connecting to both USB1 and USB2 host controllers. Next, your USB keyboard and mouse will stop working.
Take an MCU with two Slave USBs. Write a simple frimware which makes one USB act as a Special Device Class and wait until PC on this USB provides mandatory data (including Device Class, of course) for the other USB. Write a PC program which connects to the Special Device (your MCU), uploads Mass Storage Device Class and redirects I/O to a dedicated partition. The other USB on the MCU will become an emulated Mass Storage Device.
Some of those code can be taken from Linux.