Security Basics mailing list archives
RE: XP backdoors
From: jamesworld () intelligencia com
Date: Tue, 06 Jan 2004 14:39:45 -0600
Sure! Have an improperly configure firewallHave someone send an email or put a link on a web page that has you machine try to connect to a netbios connection on the Internet You machine by default will send a LM hash of you password - this get's stored/captured by Joe's server
Joe takes up to a few days to crack the hash \ and he's got itThere are other vectors. I might not even need your password if I can buffer overflow your box and create my own admin acct :-)
At 13:11 01/06/2004, J. Yoon wrote:
Lets say I now have an extremely good password that would take NSA 200 years to crack.Assuming that my XP box is physically safe from others accessing it,is there a way for Joe-cr/hacker to quickly obtain my password without having to run a crackware?Backdoors that exploit software bugs need only install the proper patchesbut are there any exploits that take advantage of the nature of hardware/protocol/architectureitself? _________________________________________________________________
---------------------------------------------------------------------------Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- RE: XP backdoors J. Yoon (Jan 06)
- Re: XP backdoors Greg Tracy (Jan 06)
- RE: XP backdoors jamesworld (Jan 06)
- RE: XP backdoors vojko kočevnik (Jan 06)
- SV: XP backdoors Kim Guldberg (Jan 06)
- Re: SV: XP backdoors Arias Hung (Jan 07)
- <Possible follow-ups>
- RE: XP backdoors Adams, Tom (Jan 06)