The issue is not getting admin rights. The issue is the assumption on my
part that for a program to read keystrokes, you need some sort of system
privileges. guess I'm wrong on that part... As someone else pointed out,
though, NT starts programs in the user directory with higher privileges.
Seems that's at least one viable avenue for egtting to the system calls. Now
you're saying that it's not even necessary to have access to system calls,
any user can read keyboard input. So now I start to wonder if this is some
major design flaw or if this is possibles with other OSes.
cu
-pete
> -----Urspr�ngliche Nachricht-----
> Von: Frank Knobbe [SMTP:[EMAIL PROTECTED]]
> Gesendet am: Mittwoch, 14. Juli 1999 07:09
> An: 'Kunz, Peter'; [EMAIL PROTECTED]
> Betreff: RE: BO2K
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Why are you trying to get to an administrative account? Any kind of
> unauthorized access is potentially devastating. Bring NetBus or BO2K
> or your favorite keystroke capture or screen capture program on a
> *regular* and gather HR/salary/SSN/whatever info, that this regular
> user punches in the databases on a daily basis. No need for Admin,
> just get the data from an ordinary user. Granted, you may have issues
> *installing* software, however, a lot of times that is not necessary.
> Just *execute* that darn thing and have it transmit keystrokes via
> email or TCP connections to your capture server at home...
>
> Regards,
> Frank
>
>
>
> > -----Original Message-----
> > From: Kunz, Peter [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, July 13, 1999 3:03 AM
> > To: 'Jen'; [EMAIL PROTECTED]
> > Subject: AW: BO2K
> >
> > [Kunz, Peter] At first hand, by what I heard it's similar to
> > NetBus. Now, what I'd REALLY be interested in knowing is if
> > BO2K poses any
> > danger if users are working with local user permissions, not
> > Administrator
> > permissions. No one was able to naswer that bit to me for
> > NetBus. I'd have
> > said no problem, reasoning that IMHO NetBus would require
> > some low level
> > system calls only available with local Admin perms. Also, could such
> a
> > program, if run under user privs, install itself in some
> > startup script and
> > always be running?...
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Personal Privacy 6.0.2
> Comment: PGP or S/MIME (X.509) encrypted email preferred
>
> iQA/AwUBN4wbdClma9DCzQQeEQIUGwCbBYF2SzweoiB2s+h9ujQPD98exloAoKvp
> aFmHU2jl41cTiYTNrA3aiveU
> =GCgN
> -----END PGP SIGNATURE-----
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
