lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <BAY19-DAV544DBD629E44271AC644DD9B30@phx.gbl>
Date: Wed Aug 17 09:02:11 2005
From: se_cur_ity at hotmail.com (Morning Wood)
Subject: Re: pnp worm unknown variant -
	postinfectionactions

> Aditya Deshmukh wrote:
> > suppose we have VNC installed and that is used to take control of the
> > computer and the actions show up as done by the user - would it not be
> > caught by law enforcement ?
>
>
> What about Metasploit, which will gladly inject a RAM-only WinVNC server
> and give complete remote control without "installing" WinVNC anywhere on
> the hard drive?
>
> If your Windows box gets owned by such a thing, and you end up accused
> of the crimes that the attacker committed while they were in control of
> your box, you can kiss your ass goodbye.

exactly 100% correct, not to mention this defense will destroy a prosecution
in front of a jury
of people that can think for themselves, and an expert witness to properly
diagram the attack vector / scenario.

bravo,
mw

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ