Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 24

Thread: Using "Hot Spots" for Malicious Activity

  1. #11
    Member
    Join Date
    Oct 2002
    Posts
    52
    That's a good point. Never thought of that. But still if you do that you wont know who is connected to you. They could spoof their mac address, and you could have multiple neighbor's with notebooks. Does the computer connected keep any other kinds of logs of networks it attached to, using say XP?

    Is there an application of some sort that will alert computers on a network when another computer joins?
    I'm pretty sure that their is. I know they have something like that for netstumbler. With that software it could also email you if someone connects with the details (mac address, date, time, etc..) that way you know something is going on. Doesnt really sound that hard to make. Why isnt this included with most routers?

    Keith

  2. #12
    programs like that solidify my point, because lets say our trojan access point has a program like that, it could have a script set up to read the email or log file setup, so that all the automated process has to do, is mount the shared directories using Samba and then just dump all the files onto their hard drives, then even if the client disconnects, the server still has backed up copies to mull over at their leisure. another point, ALOT of people have default C$ shares, and just set up a brute force routine to crack the passwords, and then just try to copy the interesting folders. I know SP2 doesn't play nice when you try to download C:\Documents and Settings\ and then you have all the time in the world to get what you want out of em. cookies taste good to some malicious minded people. Another vector of attack i've thought of, is reminiscent of the old school AOL booters that floated around back in 96-97. Where it used Send Keys in VB to preform automated tasks. get all your key combinations right, and then you can perform just about any trick in the book, and unless the user is fast enough, everything will be performed as the user themselves. Not sure if this works anymore, but it worked wonders in win95. Combine that with an unpatched exploit, a tool that was posted on this forum a bit ago (at least i think so, it was an attack demonstrated at one of the many CONS around, and {bear with me, this is only from memory} it had the ability to replace all requested pages with an attacker specified one, or replace all images with one attacker specified, in the demonstrations case - the infamous goatse) and you just opened up a giagantic whole. of course, it all relies on if Send Keys still works in VB, and if the modern Windows OSes still let that kind of code do what it wants. All from a public access point. I posted all this just to give everyone something to think about, don't try this at home, and don't get me in any trouble for posting this.

  3. #13
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534
    On the flipside of the coin, i pondered some people setting up hot spots to further there malicious activities.
    Just out in the UK on the TV as well, so it MUST be true .................

    EVIL TWINS.
    A legitimate wireless network sets up.
    Along comes a not so legit set up and they set up their network to match the first / legit one [pay attention at the back] Now customers of the legit can be 'fooled' into logging onto the EVIL TWIN ...............Phishing comes of age

    PS: the telly called them 'Hackers' *groan* and their experts [ex = a has been. spurt = a drip under pressure.] showed just how easy it was to do ..........................
    All I needed was the VCR running, and I would have had my very own "How to Hack" movie.
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  4. #14
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Unsecured WAP's are the way of the future for anonymous malicious activity. It's just too easy... Netstumble your way through the residential area of your city and see how many, (50%), of the available WAP's have the default SSID and no WEP/WPA. You know for a start that the user who set it up doesn't know what a log is and wouldn't know what it told them if you slapped them silly with it. If you want to be really cautious there isn't much to stop you checking and deleting any that might exist..... After that the world is your oyster..... Then, having dutifully marked it as "used" by noting the GPS co-ords you never use that one again.... job done....

    There is a proggie out there, I have it on this laptop, called AirSnare, that monitors your wireless network and allows you to mark MACs as trusted that logs other MACs attempting to connect and what activity they try to carry out.... It's pretty basic in the version I have but it works.

    As Foxy rightly pointed out, "Evil Twins" are also a no brainer and probably trivial to set up.... You might need more powerful gear, (read costly), but if your reward outweighs the cost it's worth it and very difficult to get caught if you don't "outstay your welcome", then move on to an unprotected WAP to reap your profit....

    Let's be realistic... Unprotected WAPs are the biggest hole in the internet. They allow unfettered access by anyone at any time to do anything they please..... It doesn't take a lot of "pondering" to realize the possibilities.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #15
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  6. #16
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    Then, having dutifully marked it as "used" by noting the GPS co-ords you never use that one again.... job done....
    Assuming you do not have something like Intels failed processor id running or WMP uneque id.
    Why not spoof your cards mac or use a different one and go back.
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  7. #17
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Why not spoof your cards mac or use a different one and go back.
    Jinx... You will never be a successful criminal.... Give it up now....

    The old adage that a criminal always returns to the scene of the crime would indicate to the LEO's that, despite the fact your MAC is different, you are the crim.... They only need 1 chap with computer forensics experience, (but not much), to point out to them that he MAC was spoofed and you are the same person that did the dirty deed. Then, depending upon the dirty deed, they will spend enough money to catch you which may include a proper forensic investigation of your box.... and your computer too...

    If you don't think like a successful criminal you will never be a successful security person either... They don't _want_ to be caught so you need to look at the system and decide how they _couldn't_ get caught.... then mitigate.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  8. #18
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    Jinx... You will never be a successful criminal.... Give it up now.
    I have known that! since my scrumbing days, being caught with loads of apples hidden (not so well)
    In my tracky bottoms. The copper slapped me around the legs and produced none alcholic cider............But then I was easily led a stray

    I am fully aware of what forencic evidence can be gleaned from a pc. I recently recovered a lost drive for a Mormon aquaintance, complete with their MSN chat friends regaled in scimpy underware.
    Rowing the boat home (i'm sure you know what i mean) .

    I may be green but I can assure you, I am know cabbige patch kid.
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  9. #19
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Jinxy... It was a joke....

    My point was more that with a gazillion unsecured WAP's out there why would you ever need to return to the scene of the crime.... Just slide on over to the next street and start anew.... It's not like getting onto a shiney new unsecured WAP is a lifetime's work....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  10. #20
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534
    http://www.vnunet.com/news/1160672
    It's also out on VNUNet.
    Anyone care to speculate about just how you can go about making a CITY safe ?

    I suppose they could just ASK the people to be good .......................
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •