Penetration Testing mailing list archives

Re: Covert Microphone Application

From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Thu, 27 Jul 2006 14:47:26 -0700

Well, the challenge was to get a recording... And it really isn't that
elaborate... I can write a VB app that you can telnet to with a media
control in it in no time (but I'm not going to unless I get paid ;)

What would be even easier would be to load "NetBus" on the thing... Seems
like we were doing remote recording and all that good stuff with NetBus
about 10 years ago... No hax0r skillz needed.

t


On 7/27/06 8:58 AM, "Matt Burnett" <marukka () mac com> spoketh to all:

Wouldnt it just be a lot easier for you or your boss to disconnect
the microphone cable than going though some elaborate scheme to prove
it could possibly be done? If they can "ruled" any laptop at will
then couldnt they also get into your mail servers? Wouldnt anything
that would be discussed in your meeting generate followups in a email?

On Jul 26, 2006, at 4:55 AM, shiri_yacov () yahoo com wrote:

Hi all,

I have recently entered with my boss to our corp. conference room
to discover a new (shining) internet laptop on a side desk in the
room.

During our chat I mentioned that the laptop has a builtin
microphone and therefore enables covert eavsdropping in case the
laptop is "ruled" from remote position, and therefore, a conference
room PC should have no builtin mic.

My sceptic boss replied instantly - "I challange you, bring me a
recording of any meeting - I`ll replace the laptop, and you`ll receive

it."


I therefore need a small covert application (no need in process
hiding), which will record microphone input to file. command line
application is perfect.


Do any of you know any ?


Guys, I gotta have this laptop...


Regards,

Shiri

----------------------------------------------------------------------
--------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's
Choice Award from eWeek. As attacks through web applications
continue to rise,
you need to proactively protect your applications from hackers.
Cenzic has the
most comprehensive solutions to meet your application security
penetration
testing and vulnerability management needs. You have an option to
go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed
service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to
confirm your
results from other product. Contact us at request () cenzic com for
details.
----------------------------------------------------------------------
--------



------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------




------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------

Current thread:

Covert Microphone Application shiri_yacov (Jul 27)
- Re: Covert Microphone Application S.A.B.R.O. Net Security (Jul 27)
  - Re: Covert Microphone Application reden () sekure ch (Jul 27)
    - Re: Covert Microphone Application mikeiscool (Jul 27)
- Re: Covert Microphone Application Matt Burnett (Jul 27)
  - Re: Covert Microphone Application Thor (Hammer of God) (Jul 27)
    - Re: Covert Microphone Application mikeiscool (Jul 27)
    - Re: Covert Microphone Application Shreyas Zare (Jul 29)
  - Re: Covert Microphone Application Ralph Forsythe (Jul 27)
    - Re: Covert Microphone Application Tonnerre Lombard (Jul 29)
    - Re: Covert Microphone Application Volker Tanger (Jul 30)
    - Re: Covert Microphone Application Matt Burnett (Jul 31)
    - Re: Covert Microphone Application Aaron (Jul 31)
    - Re: Covert Microphone Application Matt Burnett (Jul 29)
- Re: Covert Microphone Application Kish Pent (Jul 27)
- Re: Covert Microphone Application David Bergert (Jul 27)

(Thread continues...)