SV: XP backdoors

From: Kim Guldberg (kim_at_bufferzone.dk)
Date: 01/06/04

  • Next message: Monty Ree: "port security works well?"
    To: "'J. Yoon'" <supercool9000@hotmail.com>, <security-basics@securityfocus.com>
    Date: Tue, 6 Jan 2004 23:00:45 +0100
    
    

    Yes their is. A simple keylogger tool placed on your pc to grab the
    actual keystrokes. I know that this can be done via a small device
    placed as an adapter between your keyboard cable and your PC and it
    should be possible to make an software solution also. The hacker places
    the keylogger software on your machine and retrieves the logfile with
    the password in plain text later.

    If you are handy with electronics and have the right knowledge, you can
    tab the keystrokes form outside your home with an antenna and an
    oscilloscope, I have seen it done

    Regards
    Kim Guldberg
    CPSA

    -------
    Lets say I now have an extremely good password that would take NSA 200
    years
    to crack.

    Assuming that my XP box is physically safe from others accessing it,
    is there a way for Joe-cr/hacker to quickly obtain my password without
    having to run a crackware?

    Backdoors that exploit software bugs need only install the proper
    patches
    but are there any exploits that take advantage of the nature of
    hardware/protocol/architecture
    itself?
    -----
    _________________________________________________________________
    Have fun customizing MSN Messenger - learn how here!
    http://www.msnmessenger-download.com/tracking/reach_customize

    ------------------------------------------------------------------------

    ---
    Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off
    any 
    course! All of our class sizes are guaranteed to be 10 students or less.
    We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion
    Prevention, 
    and many other technical hands on courses. 
    Visit us at http://www.infosecinstitute.com/securityfocus to get $720
    off 
    any course!  
    ------------------------------------------------------------------------
    ----
    ---------------------------------------------------------------------------
    Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
    course! All of our class sizes are guaranteed to be 10 students or less. 
    We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
    and many other technical hands on courses. 
    Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
    any course!  
    ----------------------------------------------------------------------------
    

  • Next message: Monty Ree: "port security works well?"

    Relevant Pages

    • RE: Auditing / Logging
      ... pun) key limitation - it only replays the keystrokes. ... you raise a valid point as to the commands not being logged. ... > We provide Ethical Hacking, Advanced Ethical Hacking, ... We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, ...
      (Security-Basics)
    • Re: Domain HiJacking by SPAMMERS
      ... Subject: Domain HiJacking by SPAMMERS ... >> We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ... >> and many other technical hands on courses. ... We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, ...
      (Security-Basics)
    • RE: UDP Port 137 Question
      ... >We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ... >and many other technical hands on courses. ... >We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, ...
      (Security-Basics)
    • Re: Outpost firewall Pro 2.0.238.3121(290) has Back Orifice trojanprogram
      ... 162,SNMPTRAP,SNMPTRAP (Simple Network Management Protocol) ... Ethical Hacking at InfoSec Institute. ... and many other technical hands on courses. ... We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, ...
      (Security-Basics)
    • RE: Auditing / Logging
      ... pun) key limitation - it only replays the keystrokes. ... you raise a valid point as to the commands not being logged. ... > We provide Ethical Hacking, Advanced Ethical Hacking, ...
      (Pen-Test)