Toon Hacking/Account Stealing/Keylogging Consolidated Thread - Page 4

quasigenx · 03-20-2008, 03:49 PM

Quote:

Originally Posted by feldon30

The fundamental design of Internet Explorer is flawed. It starts by granting incredible amounts of permission, and then Microsoft keeps patching holes like fingers in a dam. A year ago, it was discovered that BMP files could contain executable code which a DLL within Windows can be triggered to execute. I mean how ridiculous is this that a graphic file would be fed through some code that would allow it to EXECUTE?=

You may not remember this, but Firefox had the same BMP vulnerability. It was due to the image rendering API that both browsers used.

quasigenx · 03-20-2008, 03:52 PM

I would recommend people install the NoScript extension for Firefox, as well. It will stop Javascript from executing from any site that you don't explicitly whitelist. That way, even ads served from sites you trust via other domains can't run their scripts.

quasigenx · 03-20-2008, 03:52 PM

Also, now would be a good time to change your EQ2 passwords ;)

Gtwo · 03-20-2008, 03:56 PM

Quote:

Originally Posted by quasigenx

Also, now would be a good time to change your EQ2 passwords ;)

If theres a key logger on ur pc im sure they would love nothing more.

Camryn · 03-20-2008, 04:00 PM

Quote:

Originally Posted by quasigenx

Also, now would be a good time to change your EQ2 passwords ;)

You mean now is a good time to scan your comp with an anti-virus, and SpyBot, and THEN change your password. LOL

Oswaldor · 03-20-2008, 04:01 PM

Quote:

Originally Posted by Pinski

Yah, because then they'd have to make it certain that they have the right crack for it to work out, and everything else. Hrm, seems a lot harder than just cracking your computer right off! Not to mention, the likely hood of somebody doing it, yah. Oh did you also read how they're opening it up so that security companies can make Security Protection software for it? Oh, what's that, even more secure? HOT DAMN!!!!!!

You said;

You wanna know how to keep yourself secure? Browse in a VM!

It is the same as saying; use Firefox instead of IE, since the number of real attacks against firefox are fewer. It is fundamentally wrong to make assumptions like that no matter the cause. Using a VM will make it harder for exploits to hit the host - but what about the VM? Unless you don't save state from session to session you are just as screwed. You might isolate your applications so you browse in one VM and play in another; but if you can do that your level of expertise is probably high enough to secure your host properly. VM is not the solution for end-users.

Quote:

And you can't make programs immune to keylogging technology. You want to know why? You fucking pipe the keyboard output to the log-file, wtf is a game going to do to prevent that from happening? ABSOLUTELY NOTHING. The only way to prevent keyloggers from working is to make the redo the entire OS/keyboard communication and make it entirely encrypted. GL with that.

So let's speak about the XP-Vista platforms. You don't pipe anything here. But what you can do is insert a filter driver in the input chain (ensuring that it is placed on top) and read input directly from that - encrypted or otherwise. This will ensure that you decide what input the application should get.
This will fix many of the bot programs and their usage of keybd_event message system.
It will also ensure that keyloggers will not get the input since you stop it in your filter driver at a higher level than the logger. The only way to circumvent this is by placing a filter driver higher up the chain than the one you have placed and this can checked for and disabled.
You can place emulating hardware, but you are raising the bar up for how sophisticated the attacks have to be - perhaps even as high as breaking out of a VM.

feldon30 · 03-20-2008, 04:23 PM

Quote: