Re: defences from incognito

["5.K1dd" <5.k1dd () austinhackers org>]

> There isn't really a defense if you have system access to a machine with
> a logged in administrative user. I have heard that enabling kerberos can
> help in terms of session lifetime, but since you can just sniff the
> user's clear-text keystrokes when they authenticate, its not a real
> solution.
>
> A fun trick us injecting into winlogon, start the keystroke monitor,
> then locking the user's screen. When they authenticate to get back to
> their desktop, you have the clear-text password.

That does sound like a fun trick!  Is there a keylogger built into
metasploit or would you need to upload a 3rd party tool?

-Brian
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework