[Windows 7] Exploitation Of Windows 7 Start Up Repair and Sticky Keys

Discussion in 'Computer Tutorials' started by Luglige, May 29, 2016.

  1. Joom

    Joom  ❤❤❤

    Member
    3,478
    2,346
    Jan 8, 2016
    United States
    If the schools were smart, they'd have Deep Freeze installed on all PCs. Mine eventually started doing that. Also, you can't inject DOC files. There are CVEs that generate MS Office 2007 macros that remotely download payloads, but these really only work in countries where governments supply OS updates. Also, using php-sendmail to spoof a domain without DKIM keys (most schools don't use these) is a smarter idea than Sigaint. As far as a keylogger goes, I wouldn't rely on that as they can be incredibly insecure. Using a stealer like Pony is much more efficient and secure.
     


  2. Luglige
    OP

    Luglige Resident Hell Spawn

    Member
    1,295
    1,280
    Jan 24, 2016
    United States
    Where you want me to be big boy
    Oops Meant PDFs xD and Sigaint is anonymous and will work fine.
     
  3. Joom

    Joom  ❤❤❤

    Member
    3,478
    2,346
    Jan 8, 2016
    United States
    Anonymity means nothing compared to legitimacy. There are free shell providers you can install PHP on that are just as anonymous. If you need more, VPSs go as cheap as $5 a month. Also, you'll catch more fish with extension spoofing using the Unicode reverse character. PDF injection requires a very specific CVE and version of Reader.
     
  4. Luglige
    OP

    Luglige Resident Hell Spawn

    Member
    1,295
    1,280
    Jan 24, 2016
    United States
    Where you want me to be big boy
    That made me vomit.
     
  5. Joom

    Joom  ❤❤❤

    Member
    3,478
    2,346
    Jan 8, 2016
    United States
    You'll learn. Just because you're anonymous doesn't mean you seem legitimate. In the black hat world, legitimacy means everything. I'm not suggesting you shouldn't be anonymous, but the idea is to socially engineer your victims at all costs.
     
  6. Luglige
    OP

    Luglige Resident Hell Spawn

    Member
    1,295
    1,280
    Jan 24, 2016
    United States
    Where you want me to be big boy
    That's true. But are 12 year olds gonna really notice another email extension. If it wasn't this scenario yeah I would want to use a more legit but this is 12-18 year olds we're talking about :P Also stop acting like you're greater than everyone else. It's not very cool :P
     
  7. Joom

    Joom  ❤❤❤

    Member
    3,478
    2,346
    Jan 8, 2016
    United States
    I'm not. I'm just experienced and get paid to research this stuff. Sorry for offering information.
     
  8. Luglige
    OP

    Luglige Resident Hell Spawn

    Member
    1,295
    1,280
    Jan 24, 2016
    United States
    Where you want me to be big boy
     
  9. Joom

    Joom  ❤❤❤

    Member
    3,478
    2,346
    Jan 8, 2016
    United States
    I do have a point. You've only touched topsoil compared to a lot I've seen. I'm not being arrogant, it's just the truth. If you're serious about entering the world of information security, you're gonna meet a lot meaner people than me.
     
  10. osaka35

    osaka35 Instrucional Designer

    Member
    1,649
    1,161
    Nov 20, 2009
    United States
    Silent Hill
    Tech horror stories? Oh lawed, I have a few. Mainly silly people who don't understand basic things, like you have to plug in a PC to the wall for it to have power. Or what a "mouse" is, or what a "window" is. Those are fun people to walk through troubleshooting over the phone. They're never easy problems either.
     
    Luglige likes this.
  11. Luglige
    OP

    Luglige Resident Hell Spawn

    Member
    1,295
    1,280
    Jan 24, 2016
    United States
    Where you want me to be big boy
    Speaker: No I have an apple.
    Operator: Ok what are you doing with it?
    Speaker: Eating it.
    Operator: ...
    Operator: What is your computer? Windows, Mac?
    Speaker: Oh Windows XP
    Operator: And your problem is?
    Speaker: It's not turning on?
    Operator: What are you pressing?
    Speaker: That long button in the center on the bottom
    Operator: That's not what you're supposed to press. Press the circle with a line through it should be on the side or on the Top-Left Or Top-Right
    Speaker: Oh Ok, thanks!
    -Hangs Up-
     
    osaka35 likes this.
  12. osaka35

    osaka35 Instrucional Designer

    Member
    1,649
    1,161
    Nov 20, 2009
    United States
    Silent Hill
    Any advice or guides you would suggest us casuals read to get up to speed and have as much knowledge as you? :D From beginner to elite, if you've a desire to help spread the knowledge love. And i mean that completely seriously, I honestly wish to learn more than I do.
     
    Last edited by osaka35, May 30, 2016
    Luglige likes this.
  13. Kayot

    Kayot GBAtemp Fan

    Member
    343
    77
    Jan 24, 2010
    United States
    Long post. If you're just skimming save some time and skip this one.

    Warning: Spoilers inside!
     
    ih8ih8sn0w and osaka35 like this.
  14. Joom

    Joom  ❤❤❤

    Member
    3,478
    2,346
    Jan 8, 2016
    United States
    I don't know where to begin honestly. There's so many topics within the field that I really don't know a good starting place for most people.

    These are some good blogs to keep up with.
    http://krebsonsecurity.com
    http://www.malwaretech.com/
    http://www.xylibox.com/ (not as updated anymore but the guy behind it is a very talented reverse engineer)
    http://malware.dontneedcoffee.com/
    http://thehackernews.com/

    You can also search on YouTube for speeches at the Defcon and Virus Bulletin conferences. If you want a basic understanding of malware encryption, Google for "The Crypter Blueprint". It doesn't go entirely too in depth and only covers VB6 crypters, but it's worth a read.
     
    Gingerbread Crumb and osaka35 like this.
  15. Youkai

    Youkai Demon

    Member
    2,103
    189
    Jul 1, 2004
    Gambia, The
    Germany , NRW
    You know it security is something you can study right ? As joom said there are a lot of things you would need to learn and it could possibly take you several years and after that a lot of your knowledge is outdated again XD

    Maybe Start with the Basics like some Network Protokolls ... if you know exactly how they work you can use this to your advantage ... some basic stuff like dns attacks still work usually so that you could build your own gbatemp and make some dns Server Link gbatemp.net to your ip instead of the real one xD

    But you need to learn how all those things work ...
     
  16. Joom

    Joom  ❤❤❤

    Member
    3,478
    2,346
    Jan 8, 2016
    United States
    DNS hijacking isn't that simple. The three ways it can be done are with either having access to the domain's registrar account, having access to the hosting server for the site, or by malicious host file manipulation on the target victim's local machine. A fourth way is with ARP poisoning with Ettercap, though a lot of routers and personal firewalls prevent this now.
     
  17. TheLegendofMario

    TheLegendofMario GBAtemp Regular

    Member
    119
    29
    May 15, 2016
    United States
    So at my high school the computers are running Windows 7 and they're so slow, and so me and friend are Mainly Linux users, the Tech guys hadn't locked the Bios on most of the computers, so we were booting Linux, during our Intro to computers class(the only computer related class, there.), every week we would be booting different distros, until one day they cracked down on my friend for running Kali, they disable his computer account, which forced him to have to bring his thinkpad to school. It was so nice while it lasted.
     
  18. Joom

    Joom  ❤❤❤

    Member
    3,478
    2,346
    Jan 8, 2016
    United States
    Shouldn't have been using such a terrible distro that promotes cockiness amongst script kiddies.
     
  19. TheLegendofMario

    TheLegendofMario GBAtemp Regular

    Member
    119
    29
    May 15, 2016
    United States
    I was running Linux Mint and AndroidX86 5.1
     
  20. Joom

    Joom  ❤❤❤

    Member
    3,478
    2,346
    Jan 8, 2016
    United States
    I was referring to your friend.