[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Re: pgp passphrase
- To: "Frank Knobbe" <frank@xxxxxxxxx>, "Full-Disclosure" <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] Re: pgp passphrase
- From: "Alerta Redsegura" <alerta@xxxxxxxxxxxxx>
- Date: Sun, 21 Mar 2004 15:20:47 -0500
>On Sat, 2004-03-20 at 19:41, Max Valdez wrote:
>> > Keylogger ?
>> Intelligent enoght to know wish keystrokes are passphrase ??
>Nah, keyloggers don't have to be intelligent, they just have to log
>data. It is *you* that needs to be intelligent when reviewing the
>captured key strokes.
I would dare to say that very little intelligence is required...
Please consider the following:
------- keylogger logfile start snip ------
[Seguridad Informática - Microsoft Internet Explorer] - Sun Mar 21 15:11:47
2004
[Keys]
{
www.hotmail.com
}
[URL] {
http://loginnet.passport.com/login.srf?id=2&svc=mail&cbid=24325&msppjph=1&tw
=0&fs=1&fsa=1&fsat=1296000&lc=58378&_lang=ES }
[URL] { http://login.passport.net/uilogin.srf?id=2 }
[Keys]
{
a<RETROCESO>ikoch<CTRL><ALT DERECHA>@hotmail.com
myownsecret#passphr4seno&onewill3v3rdiscover
}
------- keylogger logfile end snip ------
Regards,
Iñigo Koch
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html