Penetration Testing mailing list archives
答复: [SPAM] - Re: Boot floppy - Sending mail server found on relays.ordb.org
From: <Cony.Zhou () cpic-ing com cn>
Date: Wed, 11 Apr 2007 18:04:43 +0800
Mifa's way sounds not an official way. So I guess you are not a IT guy, neither approved by management? And according to the requirement, you don't want him know that you already have his files. Actually it is not so difficult if you are approved by management. So if you are finding evidence, but you don't want to let him know what you are doing, then you can talk to your management, if approved, you can ask someone to corporate with you. Regards Cony -----邮件原件----- 发件人: listbounce () securityfocus com [mailto:listbounce () securityfocus com] 代表 jasper.o.waale () kh pwc com 发送时间: 2007年4月11日 14:32 收件人: shreyas () technitium com 抄送: listbounce () securityfocus com; Pen-Testing 主题: [SPAM] - Re: Boot floppy - Sending mail server found on relays.ordb.org Root kit and other things ? Sound like from the wild west, Only problem you have is if the staff is not to know you doing this, If that's not a problem I don't see any issues but do me a favour do not install root kits unless you made them your self 100% or you want to risk losing your job and make a lot of the ones approving your action red faced its far more simple unless you not allowed to do this, replaces the computer updated the hardware make a image, I guess that this is not part of some hit and run operations, and you are infact doing this on behalf of the company, My 5C Jasper O Waale "Shreyas Zare" <shreyas@techniti um.com> To Sent by: Pen-Testing listbounce@securi <pen-test () securityfocus com> tyfocus.com cc Subject 11/04/2007 12:48 Re: Boot floppy Hi, Try using social engineering. Tell him you are given a job to patch all machines in the company for some security update then patch his machine with a good rootkit. You may give him the update (infected) in any CD or USB media so that he would install it himself. Or use any idea which will not look suspicious to the target. Regards, On 4/10/07, Mifa <mifa () stangercorp com> wrote:
We have a user who takes a company computer home with them (no its not a
lap top). We have a good reason to need to look at their files. However, we want to do so without that employ knowing. They seem to know something about security becasue auto runs is disabled and the workstation is always locked with a third party software. INserting a U3 drive will not run a program either. Are there any programs that will boot from a floppy then copy a program to the c drive then wite an auto start entry into the registry? This was the only way I can think of to get the user to install a program..
Any other ideas how we maight gain access? It has to be fast (bathroom
breaks ect). I dont have time to load a live cd. Further, robooting would cause the user to loose work.
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
-- (This e-mail was composed and sent completely using recycled electrons) Shreyas Zare Co-Founder, Technitium eMail: shreyas () technitium com ..::< The Technitium Team >::.. Visit us at www.technitium.com Contact us at theteam () technitium com Technitium Personal Computers We belive in quality. Visit http://pc.technitium.com for details. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ ForwardSourceID:NT00079BA6 _________________________________________________________________ The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ ----------------------------------------------------------------------- 注意: 本电子邮件所载的,是向收件人所发出的私人的、保密的讯息。如 您误收本邮件,请注意任何对该邮件的披露,复制、传播或使用的 行为均被严格禁止。就误收邮件的情况,请您以回复方式通知发件 人,并删除该邮件,不得打开或复制。 所有讯息和附件都已进行病毒检测。如本讯息附有密码保护的附件, 则太平洋安泰的邮件系统并没有对其进行病毒检测。 ----------------------------------------------------------------------- The information in this Internet email is confidential and may be legally privileged.It is intended solely for the addressee. Access to this Internet email by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying,distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this Internet email are subject to the terms and conditions expressed in any applicable governing Pacific-Antai's terms of business or client engagement letter. Visit us at www.Cpic-Ing.Com.Cn ----------------------------------------------------------------------- ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Boot floppy Mifa (Apr 10)
- Re: Boot floppy Clint P. Garrison MBA, CISSP, QSA (Apr 10)
- Re: Boot floppy Shreyas Zare (Apr 10)
- Re: Boot floppy jasper . o . waale (Apr 11)
- 答复: [SPAM] - Re: Boot floppy - Sending mail server found on relays.ordb.org Cony.Zhou (Apr 11)
- Re: Boot floppy Chris Zevlas (Apr 11)
- Re: Boot floppy Curt Purdy (Apr 13)
- Re: Boot floppy jasper . o . waale (Apr 11)
- Re: Boot floppy berg (Apr 10)
- Re: Boot floppy Zed Qyves (Apr 11)
- RE: Boot floppy Scott Ramsdell (Apr 11)
- Re: Boot floppy Tim (Apr 11)
- Re: Boot floppy Anders Thulin (Apr 11)
- RE: Boot floppy Marvin Simkin (Apr 11)
- RE: Boot floppy Pretorius, Wynand (ZA - Johannesburg) (Apr 11)
- Re: Boot floppy Sat Jagat Singh (Apr 11)
(Thread continues...)