This task could be as easy as having a scheduled task on the windows box
the prof is using.
for example:
create a scheduled task that xcopy's the usb drives contents to a local
subdirectory on the hard disk drive. Then a person could get it later.
Or.. someone installed an ftp server on the machine.. then the drive could
be accessed as soon as it is put into the machine.
Or.. someone turned on windows share for that device while it was plugged
into the machine
Their are many-many not-so-super technical ways to get the data
Neil Moore CCIE4 #10044
On Mon, 24 Jul 2006, R. DuFresne wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, 24 Jul 2006, Shenk, Jerry A wrote:
There are lots of other options too....maybe the exam was stored in a
temp file. I guess you could say that software to copy a usb drive in
the background might be high tech but not that high tech...a vbscript
running on the machine could easily do it. It (the software to do that)
certainly would NOT be expensive...free would be closer.
And the med stuent could easily ask someone in compsci to write it for him,
perhaps for beer. Dou gain for the compsic there, he gets beer, and likely
uses the program for class! Course, of the med student knows no compsci
majors, he asks his little brother or a cousin to do it for him <smile>.
Point being the med student is likely not the computer savvy one writing the
nefarious tool, and might not even be the one that ends up placing it into
use, directly...
Thanks,
Ron DuFresne
-----Original Message-----
From: Rocky [mailto:pixscreenpoint@gmail.com]
Sent: Monday, July 24, 2006 9:20 AM
To: pen-test@securityfocus.com
Subject: Hidden Copying Software
Hi list,
A friend of mine who is a medical professor asked me if
it is possible to copy his usb thumb drive from their
class room pc without knowing it? he told me maybe
there's a hidden software that copying it in the background?
His exam from his usb thumbdrive was exposed all over
to his student.I told him that you need a very high tech
software or expensive to do it? Is any such software capable
of this? this some kind of impossible task in my views.
Thanks.
------------------------------------------------------------------------
------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's
Choice Award from eWeek. As attacks through web applications continue to
rise,
you need to proactively protect your applications from hackers. Cenzic
has the
most comprehensive solutions to meet your application security
penetration
testing and vulnerability management needs. You have an option to go
with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service
can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm
your
results from other product. Contact us at request@cenzic.com for
details.
------------------------------------------------------------------------
------
**DISCLAIMER
This e-mail message and any files transmitted with it are intended for the
use of the individual or entity to which they are addressed and may contain
information that is privileged, proprietary and confidential. If you are
not the intended recipient, you may not use, copy or disclose to anyone the
message or any information contained in the message. If you have received
this communication in error, please notify the sender and delete this
e-mail message. The contents do not represent the opinion of D&E except to
the extent that it relates to their official business.
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to
rise,
you need to proactively protect your applications from hackers. Cenzic has
the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629
...We waste time looking for the perfect lover
instead of creating the perfect love.
-Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFExVNvst+vzJSwZikRAtNUAJ9chHkD3r25/YqCdB/hSOTStxg8JQCguBJY
Mi2rPRoX9t8mbsKEimZntjY=
=4RO8
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security? Why not go with the #1 solution -
Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks
through web applications continue to rise, you need to proactively protect
your applications from hackers. Cenzic has the most comprehensive solutions
to meet your application security penetration testing and vulnerability
management needs. You have an option to go with a managed service (Cenzic
ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE
whitepaper on how a managed service can help you:
http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we
can do a FREE audit for you to confirm your results from other product.
Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
