Home page logo

fulldisclosure logo Full Disclosure mailing list archives

RE: Backdoor not recognized by Kaspersky
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Thu, 04 Mar 2004 16:46:21 +1300

"Larry Seltzer" <larry () larryseltzer com> asked "'Thor Larholm'":

if you can read the users login credentials to his corporate
mailserver you are far
better off.

Rather casually put. How would you do this? I've heard how Swen asks the
user for their credentials, but if you know a general crack for
obtaining them I'd say that's news.

Think outside the square Larry.

Think "cached passwords".  Think "what use are they if a program cannot 
ask for them?".

Think "key logger".

Think "what do minimum privilege and XP Home have in common?"

Hell, just _think_.

It's not difficult -- well, if you work at Redmond it may be, but in 
the real world we pretty much knew how to avoid writing really insecure 
software for quite some time before Microsoft put the opposite into 
practise, implementing it all as a proof of concept in the guise of an 
OS that was then accidentally sent to the marketing group instead of 
the  "fix the security flaws" group as a test for the latter...


Nick FitzGerald

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]