Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: keyloggers?

Re: keyloggers?

From: Michael Silk <michaelslists_at_gmail.com>
Date: Thu, 7 Apr 2005 13:54:12 +1000

Antonio,

 Think about it this way - you can't trust _ANYTHING_ shown to you by
a computer that you do not trust.

-- Michael

On Apr 7, 2005 7:14 AM, Antonio Fontes <saphyr_at_infomaniak.ch> wrote:
>
> What would be your feeling about this scenario ?
>
> - setting a computer for remote access like vnc or remote desktop
> - encapsulate the connection into a ssh tunnel using cygwin
> or a linux/unix gateway with a ssh daemon running
> - connect to your personnal computer through the secured tunnel
> - launch a virtual keyboard on your personnal computer. this virtual
> keyboard can be made in any common RAD language or even
> a simple javascript : a keyboard is drawn on the screen, and you
> click the letters to compose your strings.
> - thanks to windows OLE stuff, you select the string with the mouse
> and drop it into a web form for example. the string does not get
> 'copied' to the clipboard through this manipulation.
> - disconnect when you're done.
>
> Some remarks:
>
> - they should be able to capture your keystrokes : there won't be any.
>
> - they should be able to capture your mouse click positions : just
> improve your virtual keyboard to redraw the keys in another position
> after X mouse clicks.
>
> - they should be able to capture your transmitted data. I admin they
> still can decode it through ssh sniffers and mitm attacks BUT : if you
> use a remote access sending graphical information, such as VNC ,
> that would need a huge effort to reconstitute 'what you saw'.
>
> - the last possible failure would be the case where they see or record
> everything you see. About 'seeing' : try to go to a cyber cafe running
> fully privileged accounts (there are many who simply restore disk images
> at reboot time) and kill every thing you can in the task manager.
>
> About 'recording' what you see : are there really many places where they
> can record every client's desktop view ?
>
> There's still a risk, I know there are tools which are unseen in the task
> manager but... come on... If you're that paranoid, you wouldn't even
> open an e-banking account.
>
> my 2 (swiss) cents...
>
> AF
>
>
Received on Apr 06 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]