Home page logo

pen-test logo Penetration Testing mailing list archives

RE: Hacking to Xp box
From: <chad () mr-lew com>
Date: Sat, 3 Sep 2005 14:24:54 -0400

    Another approach would be to create a CD with a 
malicious autorun program. You could easily create a little 
script to use netcat (nc.exe) to connect out to your machine 
and take control of the box with the same privilege level as 
the user who loaded the CD. With a little bit of work you 
could make a legitimate looking CD of something the CEO 
normally uses, and reburn it with something nasty you 
implanted. Making it work is simple, the tricky part is just 
getting him to put it in his machine. I covered the scenario 
for my GCFW practical.

    Also, if users have the ability to access personal e-
mail via the web, run a sniffer for a few days and monitor 
when the CEO checks his personal e-mail (or anything else 
personal with a password). Once you find out a time that he 
normally does it, set up a sniffer to capture his traffic 
(like ethereal). Then show him how the Follow TCP Stream 
option will show you everything he did. I would make sure he 
understands beforehand that by proving the point that more 
money needs to be spent on security, you may end up showing 
a problem that "could" be embarassing.

    Once you show the CEO the WIIFM (What's In It For Me), 
he may be more apt to realize you are raising valid concerns.

Good Luck

Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]