[Windows 7] Exploitation Of Windows 7 Start Up Repair and Sticky Keys

Discussion in 'Computer Tutorials' started by Luglige, May 29, 2016.

  1. Joom

    Member Joom  ❤❤❤

    Joined:
    Jan 8, 2016
    Messages:
    2,721
    Country:
    United States
    If the schools were smart, they'd have Deep Freeze installed on all PCs. Mine eventually started doing that. Also, you can't inject DOC files. There are CVEs that generate MS Office 2007 macros that remotely download payloads, but these really only work in countries where governments supply OS updates. Also, using php-sendmail to spoof a domain without DKIM keys (most schools don't use these) is a smarter idea than Sigaint. As far as a keylogger goes, I wouldn't rely on that as they can be incredibly insecure. Using a stealer like Pony is much more efficient and secure.
     


  2. Luglige
    OP

    Member Luglige Modest Mouse Fan

    Joined:
    Jan 24, 2016
    Messages:
    1,168
    Location:
    Can I Leave This Blank?
    Country:
    Antarctica
    Oops Meant PDFs xD and Sigaint is anonymous and will work fine.
     
  3. Joom

    Member Joom  ❤❤❤

    Joined:
    Jan 8, 2016
    Messages:
    2,721
    Country:
    United States
    Anonymity means nothing compared to legitimacy. There are free shell providers you can install PHP on that are just as anonymous. If you need more, VPSs go as cheap as $5 a month. Also, you'll catch more fish with extension spoofing using the Unicode reverse character. PDF injection requires a very specific CVE and version of Reader.
     
  4. Luglige
    OP

    Member Luglige Modest Mouse Fan

    Joined:
    Jan 24, 2016
    Messages:
    1,168
    Location:
    Can I Leave This Blank?
    Country:
    Antarctica
    That made me vomit.
     
  5. Joom

    Member Joom  ❤❤❤

    Joined:
    Jan 8, 2016
    Messages:
    2,721
    Country:
    United States
    You'll learn. Just because you're anonymous doesn't mean you seem legitimate. In the black hat world, legitimacy means everything. I'm not suggesting you shouldn't be anonymous, but the idea is to socially engineer your victims at all costs.
     
  6. Luglige
    OP

    Member Luglige Modest Mouse Fan

    Joined:
    Jan 24, 2016
    Messages:
    1,168
    Location:
    Can I Leave This Blank?
    Country:
    Antarctica
    That's true. But are 12 year olds gonna really notice another email extension. If it wasn't this scenario yeah I would want to use a more legit but this is 12-18 year olds we're talking about :P Also stop acting like you're greater than everyone else. It's not very cool :P
     
  7. Joom

    Member Joom  ❤❤❤

    Joined:
    Jan 8, 2016
    Messages:
    2,721
    Country:
    United States
    I'm not. I'm just experienced and get paid to research this stuff. Sorry for offering information.
     
  8. Luglige
    OP

    Member Luglige Modest Mouse Fan

    Joined:
    Jan 24, 2016
    Messages:
    1,168
    Location:
    Can I Leave This Blank?
    Country:
    Antarctica
     
  9. Joom

    Member Joom  ❤❤❤

    Joined:
    Jan 8, 2016
    Messages:
    2,721
    Country:
    United States
    I do have a point. You've only touched topsoil compared to a lot I've seen. I'm not being arrogant, it's just the truth. If you're serious about entering the world of information security, you're gonna meet a lot meaner people than me.
     
  10. osaka35

    Member osaka35 Sleepy

    Joined:
    Nov 20, 2009
    Messages:
    1,471
    Location:
    Silent Hill
    Country:
    United States
    Tech horror stories? Oh lawed, I have a few. Mainly silly people who don't understand basic things, like you have to plug in a PC to the wall for it to have power. Or what a "mouse" is, or what a "window" is. Those are fun people to walk through troubleshooting over the phone. They're never easy problems either.
     
    Luglige likes this.
  11. Luglige
    OP

    Member Luglige Modest Mouse Fan

    Joined:
    Jan 24, 2016
    Messages:
    1,168
    Location:
    Can I Leave This Blank?
    Country:
    Antarctica
    Speaker: No I have an apple.
    Operator: Ok what are you doing with it?
    Speaker: Eating it.
    Operator: ...
    Operator: What is your computer? Windows, Mac?
    Speaker: Oh Windows XP
    Operator: And your problem is?
    Speaker: It's not turning on?
    Operator: What are you pressing?
    Speaker: That long button in the center on the bottom
    Operator: That's not what you're supposed to press. Press the circle with a line through it should be on the side or on the Top-Left Or Top-Right
    Speaker: Oh Ok, thanks!
    -Hangs Up-
     
    osaka35 likes this.
  12. osaka35

    Member osaka35 Sleepy

    Joined:
    Nov 20, 2009
    Messages:
    1,471
    Location:
    Silent Hill
    Country:
    United States
    Any advice or guides you would suggest us casuals read to get up to speed and have as much knowledge as you? :D From beginner to elite, if you've a desire to help spread the knowledge love. And i mean that completely seriously, I honestly wish to learn more than I do.
     
    Last edited by osaka35, May 30, 2016
    Luglige likes this.
  13. Kayot

    Member Kayot GBAtemp Fan

    Joined:
    Jan 24, 2010
    Messages:
    342
    Country:
    United States
    Long post. If you're just skimming save some time and skip this one.

    Warning: Spoilers inside!
     
    ih8ih8sn0w and osaka35 like this.
  14. Joom

    Member Joom  ❤❤❤

    Joined:
    Jan 8, 2016
    Messages:
    2,721
    Country:
    United States
    I don't know where to begin honestly. There's so many topics within the field that I really don't know a good starting place for most people.

    These are some good blogs to keep up with.
    http://krebsonsecurity.com
    http://www.malwaretech.com/
    http://www.xylibox.com/ (not as updated anymore but the guy behind it is a very talented reverse engineer)
    http://malware.dontneedcoffee.com/
    http://thehackernews.com/

    You can also search on YouTube for speeches at the Defcon and Virus Bulletin conferences. If you want a basic understanding of malware encryption, Google for "The Crypter Blueprint". It doesn't go entirely too in depth and only covers VB6 crypters, but it's worth a read.
     
    Gingerbread Crumb and osaka35 like this.
  15. Youkai

    Member Youkai Demon

    Joined:
    Jul 1, 2004
    Messages:
    2,016
    Location:
    Germany , NRW
    Country:
    Germany
    You know it security is something you can study right ? As joom said there are a lot of things you would need to learn and it could possibly take you several years and after that a lot of your knowledge is outdated again XD

    Maybe Start with the Basics like some Network Protokolls ... if you know exactly how they work you can use this to your advantage ... some basic stuff like dns attacks still work usually so that you could build your own gbatemp and make some dns Server Link gbatemp.net to your ip instead of the real one xD

    But you need to learn how all those things work ...
     
  16. Joom

    Member Joom  ❤❤❤

    Joined:
    Jan 8, 2016
    Messages:
    2,721
    Country:
    United States
    DNS hijacking isn't that simple. The three ways it can be done are with either having access to the domain's registrar account, having access to the hosting server for the site, or by malicious host file manipulation on the target victim's local machine. A fourth way is with ARP poisoning with Ettercap, though a lot of routers and personal firewalls prevent this now.
     
  17. TheLegendofMario

    Member TheLegendofMario GBAtemp Regular

    Joined:
    May 15, 2016
    Messages:
    106
    Country:
    United States
    So at my high school the computers are running Windows 7 and they're so slow, and so me and friend are Mainly Linux users, the Tech guys hadn't locked the Bios on most of the computers, so we were booting Linux, during our Intro to computers class(the only computer related class, there.), every week we would be booting different distros, until one day they cracked down on my friend for running Kali, they disable his computer account, which forced him to have to bring his thinkpad to school. It was so nice while it lasted.
     
  18. Joom

    Member Joom  ❤❤❤

    Joined:
    Jan 8, 2016
    Messages:
    2,721
    Country:
    United States
    Shouldn't have been using such a terrible distro that promotes cockiness amongst script kiddies.
     
  19. TheLegendofMario

    Member TheLegendofMario GBAtemp Regular

    Joined:
    May 15, 2016
    Messages:
    106
    Country:
    United States
    I was running Linux Mint and AndroidX86 5.1
     
  20. Joom

    Member Joom  ❤❤❤

    Joined:
    Jan 8, 2016
    Messages:
    2,721
    Country:
    United States
    I was referring to your friend.
     

Share This Page