Network Security: Detailed info on Re: Boot floppy

Subject:	Re: Boot floppy
Date:	Wed, 11 Apr 2007 01:14:25 -0700

How about you doing a remote image with Encase this way he will never know what you did.

----- Original Message ----- From: "Shreyas Zare" <shreyas@technitium.com> To: "Pen-Testing" <pen-test@securityfocus.com> Sent: Tuesday, April 10, 2007 10:48 PM Subject: Re: Boot floppy

Hi,
Try using social engineering. Tell him you are given a job to patch
all machines in the company for some security update then patch his
machine with a good rootkit. You may give him the update (infected) in
any CD or USB media so that he would install it himself. Or use any
idea which will not look suspicious to the target.
Regards,
On 4/10/07, Mifa <mifa@stangercorp.com> wrote:
We have a user who takes a company computer home with them (no its not a lap top). We have a good reason to need to look at their files. However, we want to do so without that employ knowing. They seem to know something about security becasue auto runs is disabled and the workstation is always locked with a third party software. INserting a U3 drive will not run a program either. Are there any programs that will boot from a floppy then copy a program to the c drive then wite an auto start entry into the registry? This was the only way I can think of to get the user to install a program..

Any other ideas how we maight gain access? It has to be fast (bathroom breaks ect). I dont have time to load a live cd. Further, robooting would cause the user to loose work.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
--
(This e-mail was composed and sent completely using recycled electrons)
Shreyas Zare
Co-Founder, Technitium
eMail: shreyas@technitium.com
..::< The Technitium Team >::..
Visit us at www.technitium.com
Contact us at theteam@technitium.com
Technitium Personal Computers
We belive in quality.
Visit http://pc.technitium.com for details.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
Boot floppy, Mifa Re: Boot floppy, Clint P. Garrison MBA, CISSP, QSA Re: Boot floppy, Shreyas Zare Re: Boot floppy, jasper . o . waale 答复: [SPAM] - Re: Boot floppy - Sending mail server found on relays.ordb.org, Cony.Zhou Re: Boot floppy, Chris Zevlas <= Re: Boot floppy, Curt Purdy Re: Boot floppy, berg Re: Boot floppy, Anders Thulin RE: Boot floppy, Marvin Simkin RE: Boot floppy, Pretorius, Wynand (ZA - Johannesburg) Re: Boot floppy, Zed Qyves RE: Boot floppy, Scott Ramsdell Re: Boot floppy, Tim Re: Boot floppy, Sat Jagat Singh Re: Boot floppy, Danyelle Gragsone

Previous by Date:	RE: Boot floppy, Wiedemann, Adrian
Next by Date:	RE: publications concerning port forwarding, Jason L. Ellison
Previous by Thread:	答复: [SPAM] - Re: Boot floppy - Sending mail server found on relays.ordb.org, Cony.Zhou
Next by Thread:	Re: Boot floppy, Curt Purdy
Indexes:	[Date] [Thread] [Top] [All Lists]