Penetration Testing mailing list archives

Re: Boot floppy

From: jasper.o.waale () kh pwc com
Date: Wed, 11 Apr 2007 13:32:05 +0700

Root kit and other things ?

Sound like from the wild west,  Only problem you have is if the staff is
not to know you doing this,

If that's not a problem I don't see any issues but do me a favour do not
install root kits unless you made them your self 100% or you want to risk
losing your job
and make a lot of the ones approving your action red faced

its far more simple unless you not allowed to do this, replaces the
computer updated the hardware make a image,
I guess that this is not part of some hit and run operations, and you are
infact doing this on behalf of the company,

My 5C

Jasper O Waale
                                                                           
             "Shreyas Zare"                                                
             <shreyas@techniti                                             
             um.com>                                                    To 
             Sent by:                  Pen-Testing                         
             listbounce@securi         <pen-test () securityfocus com>        
             tyfocus.com                                                cc 
                                                                           
                                                                   Subject 
             11/04/2007 12:48          Re: Boot floppy                     
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           




Hi,

Try using social engineering. Tell him you are given a job to patch
all machines in the company for some security update then patch his
machine with a good rootkit. You may give him the update (infected) in
any CD or USB media so that he would install it himself. Or use any
idea which will not look suspicious to the target.

Regards,

On 4/10/07, Mifa <mifa () stangercorp com> wrote:

We have a user who takes a company  computer home with them (no its not a

lap top).  We have a good reason to need to look at their files.  However,
we want to do so without that employ knowing.  They seem to know something
about security becasue auto runs is disabled and the workstation is always
locked with a third party software.  INserting a U3 drive will not run a
program either.  Are there any programs that will boot from a floppy then
copy a program to the c drive then wite an auto start entry into the
registry?  This was the only way I can think of to get the user to install
a program..


Any other ideas how we maight gain access?  It has to be fast (bathroom

breaks ect).  I dont have time to load a live cd. Further, robooting would
cause the user to loose work.




------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW

------------------------------------------------------------------------




--
(This e-mail was composed and sent completely using recycled electrons)

Shreyas Zare
Co-Founder, Technitium
eMail: shreyas () technitium com

..::< The Technitium Team >::..
Visit us at www.technitium.com
Contact us at theteam () technitium com

Technitium Personal Computers
We belive in quality.
Visit http://pc.technitium.com for details.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW

------------------------------------------------------------------------


ForwardSourceID:NT00079BA6
_________________________________________________________________
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material.  Any review, retransmission, dissemination or other use of, or
taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited.   If you received
this in error, please contact the sender and delete the material from any
computer.


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

Current thread:

Boot floppy Mifa (Apr 10)
- Re: Boot floppy Clint P. Garrison MBA, CISSP, QSA (Apr 10)
- Re: Boot floppy Shreyas Zare (Apr 10)
  - Re: Boot floppy jasper . o . waale (Apr 11)
    - 答复: [SPAM] - Re: Boot floppy - Sending mail server found on relays.ordb.org Cony.Zhou (Apr 11)
  - Re: Boot floppy Chris Zevlas (Apr 11)
    - Re: Boot floppy Curt Purdy (Apr 13)
- Re: Boot floppy berg (Apr 10)
- Re: Boot floppy Zed Qyves (Apr 11)
  - RE: Boot floppy Scott Ramsdell (Apr 11)
  - Re: Boot floppy Tim (Apr 11)
- Re: Boot floppy Anders Thulin (Apr 11)
  - RE: Boot floppy Marvin Simkin (Apr 11)
  - RE: Boot floppy Pretorius, Wynand (ZA - Johannesburg) (Apr 11)

(Thread continues...)