China Product Hacking Report

PRODUCT HACKING REPORTStandard Fingerprint USB

1 Table of Contents2 INTRODUCTION.................................................................................................................................2

2.1 Aims/Objectives.............................................................................................................................2

2.2 Equipment......................................................................................................................................2

2.3 System Requirements for PC.........................................................................................................2

3 PROCEDURES......................................................................................................................................3

3.1 Before Hacking..............................................................................................................................3

3.2 Hacking Procedures.......................................................................................................................4

4 RESULTS..............................................................................................................................................7

5 CONCLUSION......................................................................................................................................8

Page 1 of 8 Dated 12-03-09


INTRODUCTIONThis Fingerprint USB drive is a biometric enabled communication and entertainment centre that enables to store data within a fingerprint-protected area, enjoy favourite online radio, communicate with friends/colleagues by voice and/or chat and many more, most commonly found selling at a cheap price in China. The owner of the device can access his private information, settings and applications. Fingerprint or password authentication is necessary to operate the device.

1.1 Aims/Objectives

a) To hack a standard Fingerprint USB device by using plscsi.exe. b) To prove that cheaper swipe sensor product is no longer secure for data storage after a 3

minute hacking procedure.

1.2 Equipmenta) PCb) Biometric devicec) PLSCSI.exe software, which can download from the link below.

http://home.comcast.net/~plavarre/plscsi/2002/09/22/win/plscsi.exe

1.3 System Requirements for PCa) Windows XP Service Pack 1 or later or Server 2003 operating system b) Intel P-III 800Mhz or higher CPU c) 128Mb of RAM d) One free USB port


http://home.comcast.net/~plavarre/plscsi/2002/09/22/win/plscsi.exe


2 PROCEDURES

2.1 Before Hacking1. Plug in device into USB port.

2. It will request for fingerprint scanning as shown in the picture below, assume that the device is already registered.

3. Swipe finger for authentication.

4. Fingerprint authentication failed for unauthorised person.



5. Content in drive before authentication. Data stored in this device is not accessible.

2.2 Hacking Procedures1. Plug in device into USB port.

2. Click start runOpen: cmd then click OK.



3. Drag in plscsi.exe file into the command window and key in –w after a space and then press enter.

4. On the command window key in set PLSCSI =\\.\F:. F is used because the device is in F drive.

5. Drag in the plssci.exe file again into command window and with key in –p –v –x with a space in between and “FC 00 00 00 00 00 00 00 01 00” x 00000000 FC 00 00:00:00:00 00 00:01 00 .. .. .. .. .. .. “|@@@@@@@A@” then press enter.



| | Enter

\/

6. Upon pressing enter, the F drive will open without any authentication.



2.3 RESULTS1. Able to open and view the files inside the drive, which previously were protected.

2. The files are able to copy out from the drive.



3 CONCLUSIONAny standard Password encrypted Fingerprint USBs are able to hack quickly and without much effort, if the sources of hack application is relevant. The data stored in this device are able to open and read. It is accessible after performing hacking procedure.


China Product Hacking Report

Documents