Penetration Testing mailing list archives
Re: Hacking demo - most spectacular techniques
From: Gary Flynn <flynngn () jmu edu>
Date: Thu, 04 Oct 2001 14:15:47 -0400
Joerg Over wrote:
Make sure you're showing the room-sound-recording available through Sub7 with a soundcard(+ mike) installed on the compromised host. I don't know why, but from my experience that's shocking the unsavvy more'n anything else.
I'll second that. It seemed to be a shocker here. I found creating an entire scenario helpful. I spoofed email from department heads and "Information Security" saying a new virus was spreading rapidly through campus and that the user needed to use the attached program to update their anti-virus software. I had previously attached subseven to a Norton Anti-virus update program. I had two computers set up projected on the wall. On one of them, I said "Oh, my god" and clicked the attachment. It looked like a standard Norton update. On the other computer I got email from the subseven server and took over from there...grabbing account passwords to the financial system, taking action from the compromised computer for which the owner would have been blamed, digging through the My Documents and email folders, screen shots, etc. It was particularly effective because the compromised computer showed no signs of all the activity going on. Previously skeptical people became believers. Then we talked about what ILOVEYOU, CodeRed, and other "damaging" worms might have done. I didn't include the microphone in the demo because of the equipment I had but word got back to me that was a major concern. -- Gary Flynn Security Engineer - Technical Services James Madison University Please R.U.N.S.A.F.E. http://www.jmu.edu/computing/runsafe ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Re: Hacking demo - most spectacular techniques, (continued)
- Re: Hacking demo - most spectacular techniques Nexus (Oct 04)
- Re: Hacking demo - most spectacular techniques talisker (Oct 04)
- RE: Hacking demo - most spectacular techniques Martin Jr., Wally G. (Oct 02)
- RE: Hacking demo - most spectacular techniques Steve Maks (Oct 02)
- Re:Hacking demo - most spectacular techniques bluefur0r bluefur0r (Oct 02)
- RE: Hacking demo - most spectacular techniques Aleksander Czarnowski (Oct 02)
- Re: Hacking demo - most spectacular techniques Kingbiscuit (Oct 04)
- RE: Hacking demo - most spectacular techniques Joshua Wright (Oct 04)
- RE: Hacking demo - most spectacular techniques Jose Nazario (Oct 04)
- RE: Hacking demo - most spectacular techniques Joerg Over (Oct 04)
- Re: Hacking demo - most spectacular techniques Gary Flynn (Oct 04)
- RE: Hacking demo - most spectacular techniques Frank Knobbe (Oct 04)
- Hacking demo - most spectacular techniques Mike Ahern (Oct 04)