RE: XP backdoors

jamesworld_at_intelligencia.com
Date: 01/06/04

  • Next message: Adams, Tom: "RE: XP backdoors"
    Date: Tue, 06 Jan 2004 14:39:45 -0600
    To: "J. Yoon" <supercool9000@hotmail.com>
    
    

    Sure!

    Have an improperly configure firewall
    Have someone send an email or put a link on a web page that has you machine
    try to connect to a netbios connection on the Internet
    You machine by default will send a LM hash of you password - this get's
    stored/captured by Joe's server
    Joe takes up to a few days to crack the hash
    \
    and he's got it

    There are other vectors. I might not even need your password if I can
    buffer overflow your box and create my own admin acct :-)

    At 13:11 01/06/2004, J. Yoon wrote:
    >Lets say I now have an extremely good password that would take NSA 200
    >years to crack.
    >
    >Assuming that my XP box is physically safe from others accessing it,
    >is there a way for Joe-cr/hacker to quickly obtain my password without
    >having to run a crackware?
    >
    >Backdoors that exploit software bugs need only install the proper patches
    >but are there any exploits that take advantage of the nature of
    >hardware/protocol/architecture
    >itself?
    >
    >_________________________________________________________________

    ---------------------------------------------------------------------------
    Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
    course! All of our class sizes are guaranteed to be 10 students or less.
    We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
    and many other technical hands on courses.
    Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
    any course!
    ----------------------------------------------------------------------------


  • Next message: Adams, Tom: "RE: XP backdoors"