Metasploit mailing list archives
Re: defences from incognito
From: "5.K1dd" <5.k1dd () austinhackers org>
Date: Sun, 09 May 2010 17:34:14 -0500
There isn't really a defense if you have system access to a machine with a logged in administrative user. I have heard that enabling kerberos can help in terms of session lifetime, but since you can just sniff the user's clear-text keystrokes when they authenticate, its not a real solution. A fun trick us injecting into winlogon, start the keystroke monitor, then locking the user's screen. When they authenticate to get back to their desktop, you have the clear-text password.
That does sound like a fun trick! Is there a keylogger built into metasploit or would you need to upload a 3rd party tool? -Brian _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- defences from incognito Robin Wood (May 09)
- Re: defences from incognito HD Moore (May 09)
- Re: defences from incognito Robin Wood (May 09)
- Re: defences from incognito HD Moore (May 09)
- Re: defences from incognito Robin Wood (May 09)
- Re: defences from incognito Robin Wood (May 09)
- Re: defences from incognito 5.K1dd (May 09)
- Re: defences from incognito HD Moore (May 09)
- <Possible follow-ups>
- Re: defences from incognito Sherif Eldeeb (May 09)