full-disclosure-uk May 2007 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: [Full-disclosure] Erratasec Research MD5

[Full-disclosure] Erratasec Research MD5

From: David Maynor <david.a.maynor_at_nospam>
Date: Thu May 17 2007 - 20:33:39 GMT
To: full-disclosure@lists.grok.org.uk

dear lists,

I've noticed a lot of people posting MD5 hashes on other mailing lists such as DailyDave to prove that they had an idea first. I'd like to lay down a claim that Robert and I thought up after our talk this weekend at Toorcon seattle.


This MD5 is to prove that I was the first to mention the subject of the newest Erratasec research: Click-logging.

Let me backtrack a bit... I just got back from Toorcon seattle. It was a lot of fun. I got to see all sorts of fun people, with badass talks. The best one of course was mine and Roberts on sniffing wireless traffic. I find it truly amazing that people in the security space still use wireless at all! If I'm not sniffing you or sidejacking your google maps request to send you to the wrong denny's, then I will for sure be using my infamous kernel exploits on your box. Then send you the screen video capture of it. Think of it like shooting you in the face, but with wireless. Wireless bullets. If I wasn't already one of the top influential hackers of 2006, that would be proof right there.

After we gave our talk, I got to thinking. Robert and I were sitting around sidejacking and Robert asked me "David, what other old techniques can we rehash, rebrand and rejuvinate to talk about at the next con?" Then I thought back to the sweet days of keylogging, and it came to me.. Click-Logging. If someone installs a rootkit or "trojan horse program" on your system, they can read what you're doing.. but not ALL of what we do is typed!! Like when I punch the monkey, that's with my mouse. Or whenn I make web pages in frontpage, that was WITH MY MOUSE! So naturally, we want to record all mosue strokes into our trojan horse program. We call this Click-Logging, and it's going to be our next major relase at all the conferences. That's just a taste. There is a lot more to come.

David Maynor
CTO, ErrataSec

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/