Penetration Testing mailing list archives

Re: Covert Microphone Application

From: Shreyas Zare <shreyasonline () yahoo com>
Date: Fri, 28 Jul 2006 05:14:46 -0700 (PDT)

Writting as customised app is needed as any crappy AV
on the laptop will detect any popular
backdoors/trojans. As you said a simple app in VB will
be good, and could be developed fast. I have developed
a trojan The_SPY_v2.1 in VB, with all advance I/O
facility (any plugin dll can be loaded on the remote
machine and used), but its not for public release ;)

Shreyas Zare

--- "Thor (Hammer of God)" <thor () hammerofgod com>
wrote:

Well, the challenge was to get a recording... And it
really isn't that
elaborate... I can write a VB app that you can
telnet to with a media
control in it in no time (but I'm not going to
unless I get paid ;)

What would be even easier would be to load "NetBus"
on the thing... Seems
like we were doing remote recording and all that
good stuff with NetBus
about 10 years ago... No hax0r skillz needed.

t


On 7/27/06 8:58 AM, "Matt Burnett" <marukka () mac com>
spoketh to all:

Wouldnt it just be a lot easier for you or your

boss to disconnect

the microphone cable than going though some

elaborate scheme to prove

it could possibly be done? If they can "ruled" any

laptop at will

then couldnt they also get into your mail servers?

Wouldnt anything

that would be discussed in your meeting generate

followups in a email?


On Jul 26, 2006, at 4:55 AM, shiri_yacov () yahoo com

wrote:

Hi all,

I have recently entered with my boss to our corp.

conference room

to discover a new (shining) internet laptop on a

side desk in the

room.

During our chat I mentioned that the laptop has a

builtin

microphone and therefore enables covert

eavsdropping in case the

laptop is "ruled" from remote position, and

therefore, a conference

room PC should have no builtin mic.

My sceptic boss replied instantly - "I challange

you, bring me a

recording of any meeting - I`ll replace the

laptop, and you`ll receive


it."


I therefore need a small covert application (no

need in process

hiding), which will record microphone input to

file. command line

application is perfect.


Do any of you know any ?


Guys, I gotta have this laptop...


Regards,

Shiri

----------------------------------------------------------------------

--------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the

only one to win the

Analyst's
Choice Award from eWeek. As attacks through web

applications

continue to rise,
you need to proactively protect your applications

from hackers.

Cenzic has the
most comprehensive solutions to meet your

application security

penetration
testing and vulnerability management needs. You

have an option to

go with a
managed service (Cenzic ClickToSecure) or an

enterprise software

(Cenzic Hailstorm). Download FREE whitepaper on

how a managed

service can
help you:

http://www.cenzic.com/news_events/wpappsec.php

And, now for a limited time we can do a FREE

audit for you to

confirm your
results from other product. Contact us at

request () cenzic com for

details.

----------------------------------------------------------------------

--------

------------------------------------------------------------------------------

This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only

one to win the Analyst's

Choice Award from eWeek. As attacks through web

applications continue to rise,

you need to proactively protect your applications

from hackers. Cenzic has the

most comprehensive solutions to meet your

application security penetration

testing and vulnerability management needs. You

have an option to go with a

managed service (Cenzic ClickToSecure) or an

enterprise software

(Cenzic Hailstorm). Download FREE whitepaper on

how a managed service can

help you:

http://www.cenzic.com/news_events/wpappsec.php

And, now for a limited time we can do a FREE audit

for you to confirm your

results from other product. Contact us at

request () cenzic com for details.

------------------------------------------------------------------------------

------------------------------------------------------------------------------

This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only
one to win the Analyst's 
Choice Award from eWeek. As attacks through web
applications continue to rise, 
you need to proactively protect your applications
from hackers. Cenzic has the 
most comprehensive solutions to meet your
application security penetration 
testing and vulnerability management needs. You have
an option to go with a 
managed service (Cenzic ClickToSecure) or an
enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how
a managed service can 
help you:
http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit
for you to confirm your 
results from other product. Contact us at
request () cenzic com for details.

------------------------------------------------------------------------------




Shreyas Zare
Co-Founder, Technitium

eMail: shreyas () technitium com

..::< The Technitium Team >::..
Visit us at www.technitium.com
Contact us at theteam () technitium com


Technitium Personal Computers
We belive in quality.
Visit http://pc.technitium.com for details.







__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------

Current thread:

Covert Microphone Application shiri_yacov (Jul 27)
- Re: Covert Microphone Application S.A.B.R.O. Net Security (Jul 27)
  - Re: Covert Microphone Application reden () sekure ch (Jul 27)
    - Re: Covert Microphone Application mikeiscool (Jul 27)
- Re: Covert Microphone Application Matt Burnett (Jul 27)
  - Re: Covert Microphone Application Thor (Hammer of God) (Jul 27)
    - Re: Covert Microphone Application mikeiscool (Jul 27)
    - Re: Covert Microphone Application Shreyas Zare (Jul 29)
  - Re: Covert Microphone Application Ralph Forsythe (Jul 27)
    - Re: Covert Microphone Application Tonnerre Lombard (Jul 29)
    - Re: Covert Microphone Application Volker Tanger (Jul 30)
    - Re: Covert Microphone Application Matt Burnett (Jul 31)
    - Re: Covert Microphone Application Aaron (Jul 31)
    - Re: Covert Microphone Application Matt Burnett (Jul 29)
- Re: Covert Microphone Application Kish Pent (Jul 27)
- Re: Covert Microphone Application David Bergert (Jul 27)
- Re: Covert Microphone Application Frank Knobbe (Jul 29)
- <Possible follow-ups>
- RE: Covert Microphone Application Shenk, Jerry A (Jul 27)

(Thread continues...)