Home | Community | Message Board


This site includes paid links. Please support our sponsors.


Welcome to the Shroomery Message Board! You are experiencing a small sample of what the site has to offer. Please login or register to post messages and view our exclusive members-only content. You'll gain access to additional forums, file attachments, board customizations, encrypted private messages, and much more!

Shop: Original Sensible Seeds Bulk Cannabis Seeds   North Spore North Spore Mushroom Grow Kits & Cultivation Supplies   Unfolding Nature Unfolding Nature: Being in the Implicate Order

Jump to first unread post Pages: 1
Offlinedebianlinux
Myconerd - DBK
Male User Gallery

Folding@home Statistics
Registered: 12/09/02
Posts: 8,334
Loc: Over There
Last seen: 10 months, 19 days
Email Espionage
    #2397506 - 03/03/04 07:55 AM (20 years, 2 months ago)

Let us assume that this is an entirely hypothetical situation.
Let us also ignore all legal issues involved as I am quite aware of them.

That said, I'd like to hear ideas on how to pull of a very specific "attack".

The end goal is to have a mark's Outlook email automatically and surreptously email copies of all incoming and outgoing email to an email account of my choice.

Let's say that I don't have access to the mark's computer but I do have access to a computer on the same network. Let's assume that while I have access to the network it is through a fairly computer illiterate person so any means of accomplishing the end goal will have to be fairly simplified (e.g. stick in a disk, goto My Computer, Double click trojan/spyware/whatever, remove disk, flee area). Let's also assume that the computer-dumb accomplice can access the network as many times as necessary to follow simple instructions to gather whatever data may be necessary to carry out the "attack".

How would I, theoretically, proceed?

One of the biggest issues is having the email client (outlook) not have any visible indicators that correspondence is going to the email address of my choice. Seems this would involve altering Outlook's header writing functions.

I'm pretty clueless but I highly suspect that not only can it be done but that it has been done.

Extras: Filter Print Post Top
InvisibleLana
Head Banana
Female

Registered: 10/27/99
Posts: 3,109
Loc: www.MycoSupply.com
Re: Email Espionage [Re: debianlinux]
    #2397665 - 03/03/04 08:45 AM (20 years, 2 months ago)

Theoretically :smile:

How much access do you have on the network  If the marked computer accesses their mail THROUGH the network, use a keystroke logger and get the username and password of the client.

Much easier to go through things with a password and username. 

Lana


--------------------
Myco Supply - Distributors of Mycological Products
http://www.MycoSupply.com

The Premiere Source for Mushroom Growing Supplies.
Visit us online or call us toll free

Extras: Filter Print Post Top
Offlinedebianlinux
Myconerd - DBK
Male User Gallery

Folding@home Statistics
Registered: 12/09/02
Posts: 8,334
Loc: Over There
Last seen: 10 months, 19 days
Re: Email Espionage [Re: Lana]
    #2397672 - 03/03/04 08:48 AM (20 years, 2 months ago)

wouldn't one need access to the mark's actual computer to install a keylogger?

i agree that having the un/pw would definitely be much easier.

Extras: Filter Print Post Top
InvisibleLana
Head Banana
Female

Registered: 10/27/99
Posts: 3,109
Loc: www.MycoSupply.com
Re: Email Espionage [Re: debianlinux]
    #2397695 - 03/03/04 08:57 AM (20 years, 2 months ago)

http://www.system-spy.com/surveillance-features.html

http://www.keylogger-keystroke-recorder.com/netobserve/

If the end user isn't too bright, you can send them a keylogger in an email attachment, once its executed, the logger will send the log via email. After a day or so you should have the info you need.

Lana


--------------------
Myco Supply - Distributors of Mycological Products
http://www.MycoSupply.com

The Premiere Source for Mushroom Growing Supplies.
Visit us online or call us toll free

Extras: Filter Print Post Top
Offlinedebianlinux
Myconerd - DBK
Male User Gallery

Folding@home Statistics
Registered: 12/09/02
Posts: 8,334
Loc: Over There
Last seen: 10 months, 19 days
Re: Email Espionage [Re: debianlinux]
    #2397700 - 03/03/04 08:59 AM (20 years, 2 months ago)

i thought about the keylogger idea and a keylogger records keypresses. most outlook users have their pw stored and just click send/receive. they certainly don't type in their un. to catch the email un/pw would require a packet sniffer and considering the frequency that a hypothetical mark would check it's email and the hypothetically large amount of traffic on the network it would make for a whole lot of packets to sniff.

Extras: Filter Print Post Top
OfflineRandolph_Carter
НơĻ?ĢΉō

Registered: 06/13/00
Posts: 29,281
Loc: Shroomery B-list.
Last seen: 14 years, 2 days
Re: Email Espionage [Re: debianlinux]
    #2399314 - 03/03/04 03:49 PM (20 years, 2 months ago)

well, they have to log onto the puter, so you get the password like so, or activate an administrative function, then view the saved passwords file.


--------------------
"..all those molecules thrashing their kinky little tails, hot for destiny and the street."  Gibson


Nuke baby seals for Jesus!

(This has been a +1 production.)

Extras: Filter Print Post Top
Offlinephi1618
old hand

Registered: 02/14/04
Posts: 4,102
Last seen: 14 years, 11 days
Re: Email Espionage [Re: debianlinux]
    #2399513 - 03/03/04 04:36 PM (20 years, 2 months ago)

Do you really need to have the marks computer send you the files?

It might be easier to gain access to the files on the marks compuer directly and just copy their mail folders periodically, assuming they keep most stuff around for a little while.

Extras: Filter Print Post Top
Offlinedebianlinux
Myconerd - DBK
Male User Gallery

Folding@home Statistics
Registered: 12/09/02
Posts: 8,334
Loc: Over There
Last seen: 10 months, 19 days
Re: Email Espionage [Re: phi1618]
    #2404048 - 03/04/04 07:10 PM (20 years, 2 months ago)

Hypothetical Rule #1 is that there can be absolutely no physical access to the mark's machine. If physical access were allowed I would have not needed to even pose the questions in my original post.

Extras: Filter Print Post Top
Invisiblebert
bodhi

Registered: 10/14/02
Posts: 2,819
Loc: state
Re: Email Espionage [Re: Lana]
    #2404341 - 03/04/04 08:23 PM (20 years, 2 months ago)

Wow, thats scary. So any one of us could be having our keystrokes recorded right now and not know it? Can the remotely deployed logger be hidden within another file like a picture or music file like off of kazaa or something?


--------------------
Persons denying the existence of robots may be robots themselves.

Extras: Filter Print Post Top
Offlinevalour
Swordbearer

Registered: 03/02/02
Posts: 1,453
Loc: USA
Last seen: 18 years, 4 months
Re: Email Espionage [Re: bert]
    #2404448 - 03/04/04 08:49 PM (20 years, 2 months ago)

It would generally need to be in a manner that could be deployed, much like a virus.
A picture file - damn unlikely. A bundled exe file? Much more likely.


--------------------
"Remember, son,
I didn't sell out-
I bought in."

Extras: Filter Print Post Top
Offlinedebianlinux
Myconerd - DBK
Male User Gallery

Folding@home Statistics
Registered: 12/09/02
Posts: 8,334
Loc: Over There
Last seen: 10 months, 19 days
Re: Email Espionage [Re: valour]
    #2411869 - 03/09/04 06:09 PM (20 years, 2 months ago)

one thing is for certain. a keylogging file would grow at an astounding rate. there is a hardware device that plugs inline with a keyboard/ps2 port. the device has RAM and simply logs every kepypress. when the RAM fills up is simply overwrites the oldest information. take a moment to make sure there's not one attached to your computer right now! lol.

ahem..

anyone have any further tips for me?

Extras: Filter Print Post Top
Offlinedebianlinux
Myconerd - DBK
Male User Gallery

Folding@home Statistics
Registered: 12/09/02
Posts: 8,334
Loc: Over There
Last seen: 10 months, 19 days
Re: Email Espionage [Re: Randolph_Carter]
    #2411896 - 03/09/04 06:17 PM (20 years, 2 months ago)

Quote:

Randolph Carter said:
well, they have to log onto the puter, so you get the password like so, or activate an administrative function, then view the saved passwords file.




i thought about this some more and the 2 links Lana provides require the software to first be installed on the machine to be monitored. somehow, I seriously doubt that the 2 products in question have a surreptiious install routine. i'd wager that the install process is very "in your face" although, once installed it'd be the answer.

so, in order for the keylogger idea to be viable the program would need background install routine blah blah blah, you get the picture. IOW, a blackhat virus/trojan is what would be needed.

Extras: Filter Print Post Top
Jump to top Pages: 1

Shop: Original Sensible Seeds Bulk Cannabis Seeds   North Spore North Spore Mushroom Grow Kits & Cultivation Supplies   Unfolding Nature Unfolding Nature: Being in the Implicate Order


Similar ThreadsPosterViewsRepliesLast post
* someone has installed KGB keylogger on my comp? wtf is that
( 1 2 all )
Dreamer987 3,496 24 11/25/07 03:26 PM
by guest
* Email.... ShroomismM 1,315 9 08/21/03 01:29 PM
by Shroomism
* Is there a way to put a password on my computer? ShamanSean 2,038 12 01/01/03 08:40 AM
by mntlfngrs
* Secure Email theocean06 1,425 12 01/24/05 08:58 AM
by nife
* you really should be using PGP for all sensitive emails/communications vanillasoulja 850 3 06/07/05 06:02 AM
by kronnyQ
* Password Lock for windows Xp Mojo_Risin 1,124 17 07/08/04 10:45 AM
by Mojo_Risin
* password change? HELP! *DELETED* kwikness 524 1 03/27/05 07:38 PM
by Le_Canard
* temporary, anonymous email. Anonymous 825 3 11/07/03 09:09 AM
by PNutButta

Extra information
You cannot start new topics / You cannot reply to topics
HTML is disabled / BBCode is enabled
Moderator: Enlil, Alan Rockefeller
1,417 topic views. 0 members, 0 guests and 1 web crawlers are browsing this forum.
[ Show Images Only | Sort by Score | Print Topic ]
Search this thread:

Copyright 1997-2024 Mind Media. Some rights reserved.

Generated in 0.026 seconds spending 0.007 seconds on 15 queries.