Penetration Testing mailing list archives

RE: Hacking to Xp box

From: <chad () mr-lew com>
Date: Sat, 3 Sep 2005 14:24:54 -0400

Juan,
    Another approach would be to create a CD with a 
malicious autorun program. You could easily create a little 
script to use netcat (nc.exe) to connect out to your machine 
and take control of the box with the same privilege level as 
the user who loaded the CD. With a little bit of work you 
could make a legitimate looking CD of something the CEO 
normally uses, and reburn it with something nasty you 
implanted. Making it work is simple, the tricky part is just 
getting him to put it in his machine. I covered the scenario 
for my GCFW practical.
 
http://www.giac.org/certified_professionals/practicals/gcfw/0
480.php

    Also, if users have the ability to access personal e-
mail via the web, run a sniffer for a few days and monitor 
when the CEO checks his personal e-mail (or anything else 
personal with a password). Once you find out a time that he 
normally does it, set up a sniffer to capture his traffic 
(like ethereal). Then show him how the Follow TCP Stream 
option will show you everything he did. I would make sure he 
understands beforehand that by proving the point that more 
money needs to be spent on security, you may end up showing 
a problem that "could" be embarassing.

    Once you show the CEO the WIIFM (What's In It For Me), 
he may be more apt to realize you are raising valid concerns.

Good Luck

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

Re: Hacking to Xp box, (continued)
- Re: Hacking to Xp box Marco Monicelli (Sep 02)
- RE: Hacking to Xp box Omar A. Herrera (Sep 02)
- RE: Hacking to Xp box Michael Gargiullo (Sep 02)
  - RE: Hacking to Xp box Omar A. Herrera (Sep 03)
  - RE: Hacking to Xp box Enrique A. Sanchez Montellano (Sep 03)
- RE: Hacking to Xp box Michael Gargiullo (Sep 02)
- RE: Hacking to Xp box Josh perrymon (Sep 02)
- RE: Hacking to Xp box John Forristel (SunGard-Chico) (Sep 02)
- RE: Hacking to Xp box Eduardo Suzuki (Sep 03)
  - RE: Hacking to Xp box Marco Monicelli (Sep 05)
- RE: Hacking to Xp box chad (Sep 03)
- RE: Hacking to Xp box Eduardo Suzuki (Sep 05)
  - RE: Hacking to Xp box Marco Monicelli (Sep 05)
- RE: Hacking to Xp box McKinley, Jackson (Sep 05)
- Re: Hacking to Xp box Kelly Scroggins (Sep 06)
  - Re: Hacking to Xp box Marco Monicelli (Sep 07)
- RE: Hacking to Xp box Steve.Cummings (Sep 06)
- RE: Hacking to Xp box Enrique A. Sanchez Montellano (Sep 06)
- Re: Hacking to Xp box Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Sep 06)
  - Re: Hacking to Xp box Marco Monicelli (Sep 06)
- Re: Hacking to Xp box Marco Monicelli (Sep 06)