PaulDotCom mailing list archives
Can a sys admin see a gmail account
From: aqabiz at gmail.com (Abdul Qabiz)
Date: Wed, 16 Dec 2009 19:09:10 +0530
I think, one can use tools like ettercap and really do mitm and dns-spoofing. I believe, this would only work on switched network? On 16/12/09 6:40 PM, Michael Douglas wrote:
Perhaps I'm not aware of how google or modern web browsers handle things... but I thought an admin would be able to mount your C$ share (yes I know I can't assume everyone's running windows... but come on!) Once they have access to your HD, it's just a matter of reading the local cache. Here's an older BlackHat Briefings talk about this from 2003 www.blackhat.com/presentations/bh-usa-03/bh-us-03-akin.pdf (yes it is a pdf) The techniques in the above link are far from perfect... sent mail isn't cached for instance... I need to try this out again. But I had... I mean Bob had -- Yeah Bob -- had lots of fun with this a while back. - Mick On Wed, Dec 16, 2009 at 1:49 AM, Joel Esler<eslerj at gmail.com> wrote:Let's assume this. Is it possible? Yes. However, it'd be extremely difficult and extremely unlikely. Theoretically, yes, they can see what you are doing. But I'd bet not. J On Tue, Dec 15, 2009 at 8:55 PM, Abdul Qabiz<aqabiz at gmail.com> wrote:You are right, many admins don't have that much time. However, I learnt, any user on network can actually find out about your cookies, that can be scary situation. I would not trust any network, except the one I control. On 16/12/09 12:23 AM, Michael Miller wrote:I would have to agree. If I was a "EVIL BOFH" I would use slidejacking to get into the users session. One question I'm asking my self right now is, How much time do the admins have to do this? Unless it's sanctioned by management. They would be violating any number of state& federal laws, and possibly company policy. If you fear you are being investigated at work. Don't use your work computer for non-business related communications. -mmiller On Tue, Dec 15, 2009 at 1:25 AM, Abdul Qabiz<aqabiz at gmail.com> wrote:What I have learnt, if you are on switched network, one can play MITM attack or dns spoofing, to get the GX cookies. That's all you need, GX cookies. One can use GX cookies to login into your gmail account. On 15/12/09 2:00 AM, Shawn McGovern wrote: Ok so my question was posted in a forum and someone gave me and answer but didnt explain it and then the forum post was when closed on me. So I will ask here for clarity and try not to kill me for this, I am trying to learn. So if someone uses a corporate network to check a Gmail (using SSL). If they check to make sure that they have a secure connection -- once connected -- and then they check the certificate to see if the cert hierarchy has been tampered with. Everything looks fine. Are any admin or whomever able to see you emails? Forget about software on the computer you are using, only through the network monitoring. I was told in the forum that they could use a monitoring program like wireshark to view them. In the wireshark forum I read that you would need the private key to decrypt the messages and in the forum they said that a sys admin can get the private key? Is that information correct? and if so how would they be able to get the private key? Thanks in advance _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- Joel Esler | 302-223-5974 | gtalk: jesler at sourcefire.com _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Can a sys admin see a gmail account, (continued)
- Can a sys admin see a gmail account Bradley McMahon (Dec 14)
- Can a sys admin see a gmail account Chris Merkel (Dec 14)
- Can a sys admin see a gmail account Kennith Asher (Dec 14)
- Can a sys admin see a gmail account David Auclair (Dec 15)
- Can a sys admin see a gmail account Abdul Qabiz (Dec 15)
- Can a sys admin see a gmail account Michael Miller (Dec 15)
- Can a sys admin see a gmail account Abdul Qabiz (Dec 15)
- Can a sys admin see a gmail account bhoff at itworldclass.com (Dec 15)
- Can a sys admin see a gmail account Joel Esler (Dec 15)
- Can a sys admin see a gmail account Michael Douglas (Dec 16)
- Can a sys admin see a gmail account Abdul Qabiz (Dec 16)
- Can a sys admin see a gmail account d4ncingd4n at gmail.com (Dec 16)
- Can a sys admin see a gmail account Michael Miller (Dec 15)
- Can a sys admin see a gmail account Butturini, Russell (Dec 16)