Re: [Full-disclosure] Fwd: steathbomb
Alzo see: USB DMA. On Fri, Feb 26, 2010 at 8:29 AM, McGhee, Eddie wrote: > Its simply using USB autorun to launch and install itself, not sure how much > it is picked up but tbh you could build one yourself possibly with the > features you need, just look into getting some decent bot source and go from > there, would save the 130 dollars imo. > > Plenty source code out there to make one these, in fact, I think I will make > a guide on it if I get around to it with a stripped down bot, the only thing > you really need to worry about is detection, if you have the know how build > yourself a decent crypter and make sure no one gets a hold of it to keep > detections down. > > phed > > -Original Message- > From: full-disclosure-boun...@lists.grok.org.uk > [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of RandallM > Sent: 26 February 2010 12:36 > To: full-disclosure@lists.grok.org.uk > Subject: [Full-disclosure] Fwd: steathbomb > > anyone see this and know about it? How it works and good detection? > > http://www.brickhousesecurity.com/pc-computer-spy.html > > -- > been great, thanks > RandyM > a.k.a System > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Fwd: steathbomb
Its simply using USB autorun to launch and install itself, not sure how much it is picked up but tbh you could build one yourself possibly with the features you need, just look into getting some decent bot source and go from there, would save the 130 dollars imo. Plenty source code out there to make one these, in fact, I think I will make a guide on it if I get around to it with a stripped down bot, the only thing you really need to worry about is detection, if you have the know how build yourself a decent crypter and make sure no one gets a hold of it to keep detections down. phed -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of RandallM Sent: 26 February 2010 12:36 To: full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] Fwd: steathbomb anyone see this and know about it? How it works and good detection? http://www.brickhousesecurity.com/pc-computer-spy.html -- been great, thanks RandyM a.k.a System ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Fwd: steathbomb
> anyone see this and know about it? How it works and good detection? > > http://www.brickhousesecurity.com/pc-computer-spy.html > autorun.inf is how it installs itself. once installed, it works like any other rootkit spyware (screen grabs, keystroke/window logger, etc). Cheers, Michael Holstein Cleveland State University PS: Brickhouse : "Why parent when you can spy?". ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Fwd: steathbomb
It uses i-bots, nano i-bots to be exact ;) On Fri, Feb 26, 2010 at 7:35 AM, RandallM wrote: > anyone see this and know about it? How it works and good detection? > > http://www.brickhousesecurity.com/pc-computer-spy.html > > -- > been great, thanks > RandyM > a.k.a System > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Fwd: steathbomb
anyone see this and know about it? How it works and good detection? http://www.brickhousesecurity.com/pc-computer-spy.html -- been great, thanks RandyM a.k.a System ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
