Let's say you're pen-testing (or breaking into) a business. You need to install certain software on a computer inside the company, but whenever you enter the building you're searched. You've tried sneaking in a CD, even a mini-CD, but the guards always find it. What do you do?
Well, next time, you burn your progarms onto a cd, and write "Thrash metal mix #7" on the disk. They take the disk away, put it into their CD player, and of course it doesn't work. It's taken away from you. Now what?
Well, I was thinking, it would be a cool idea to burn a few choice songs on it, then add a data section with your evil programs. Then, when they check your disk, they find a thrash metal cd, give it back to you, and let you through.
That's kind of a neat scenario :)
Quote from: iago on November 14, 2005, 01:07:08 PM
Let's say you're pen-testing (or breaking into) a business. You need to install certain software on a computer inside the company, but whenever you enter the building you're searched. You've tried sneaking in a CD, even a mini-CD, but the guards always find it. What do you do?
Well, next time, you burn your progarms onto a cd, and write "Thrash metal mix #7" on the disk. They take the disk away, put it into their CD player, and of course it doesn't work. It's taken away from you. Now what?
Well, I was thinking, it would be a cool idea to burn a few choice songs on it, then add a data section with your evil programs. Then, when they check your disk, they find a thrash metal cd, give it back to you, and let you through.
That's kind of a neat scenario :)
That is pretty good. But what if they take away anything that has a risk or the potential to contain malicious data stored on it? Then you're still screwed. :(
Of course it can't have malicious data, listen, it's a music cd!
It would suck if they weren't dumb :)
Ok, ideas for sneaking in malicious data when they do a full body/cavity search (no concealing or swallowing anything)?
If you could program a credit card's stripe, then read it when you get there, but you'd need a reader/converter. *shrug*
Any other ideas?
Cell phones? I could fit a thumbdrive or like a compact flash card (micro drive if the software takes up a lot of space) in the battery compartment of my phone if I took the battery out.
How dumb are the gaurds / other workers (social engineering targets?)
What kind of security do they have on their own systems?
Quote from: Hitmen on November 14, 2005, 03:36:54 PM
Cell phones? I could fit a thumbdrive or like a compact flash card (micro drive if the software takes up a lot of space) in the battery compartment of my phone if I took the battery out.
How dumb are the gaurds / other workers (social engineering targets?)
What kind of security do they have on their own systems?
I'm sure that would be confiscated. When I went to IBM Almaden (http://www.almaden.ibm.com/almaden/) research center this summer, they wouldn't even allow disposable cameras, let alone cell phones. Any company that has concern for this types of things would certainly revoke a cell phone.
Most places let you bring in cell phones as long as they aren't camera phones. (hence why they would confiscate a disposable camera)
Quote from: Hitmen on November 14, 2005, 03:57:11 PM
Most places let you bring in cell phones as long as they aren't camera phones. (hence why they would confiscate a disposable camera)
That research center wouldn't even let us bring carry-on bags in. We had to be "quick-searched" before we entered.
Quote from: Sidoh on November 14, 2005, 04:01:00 PM
Quote from: Hitmen on November 14, 2005, 03:57:11 PM
Most places let you bring in cell phones as long as they aren't camera phones. (hence why they would confiscate a disposable camera)
That research center wouldn't even let us bring carry-on bags in. We had to be "quick-searched" before we entered.
Are you sure he wasn't just attracted to you? ;)
I could see them confiscating cameras, phones (particularly with cameras), tape recorders, and any other kind of recording device. But a CD might get overlooked.
Quote from: iago on November 14, 2005, 04:18:07 PM
I could see them confiscating cameras, phones (particularly with cameras), tape recorders, and any other kind of recording device. But a CD might get overlooked.
Good luck getting access to a computer. :)
Quote from: iago on November 14, 2005, 04:18:07 PM
Are you sure he wasn't just attracted to you? ;)
Shh.. that's our little secret. ;)
Quote from: Blaze on November 14, 2005, 04:24:34 PM
Quote from: iago on November 14, 2005, 04:18:07 PM
I could see them confiscating cameras, phones (particularly with cameras), tape recorders, and any other kind of recording device. But a CD might get overlooked.
Good luck getting access to a computer. :)
It's surprisingly easy to tell a secretary that you're from IT and you need to see her computer for a bit, so go grab a coffee I won't be 5 minutes. Thanks!
Quote from: iago on November 14, 2005, 05:04:54 PM
It's surprisingly easy to tell a secretary that you're from IT and you need to see her computer for a bit, so go grab a coffee I won't be 5 minutes. Thanks!
Quote from: Hitmen on November 14, 2005, 03:36:54 PM
How dumb are the gaurds / other workers (social engineering targets?)
Hitmen wins again
Quote from: Hitmen on November 14, 2005, 05:08:01 PM
Quote from: iago on November 14, 2005, 05:04:54 PM
It's surprisingly easy to tell a secretary that you're from IT and you need to see her computer for a bit, so go grab a coffee I won't be 5 minutes. Thanks!
Quote from: Hitmen on November 14, 2005, 03:36:54 PM
How dumb are the gaurds / other workers (social engineering targets?)
Hitmen wins again
Haha yeah. Guards tend to be smart enough to find things, but employees are usually pretty dumb :)
What about those flash drive pens?
Interesting, at LANL the employee's aren't searched when entering buildings nor do most of the buildings have guards. Then again I suppose the threat of being very lonely in jail for a very long time is more scary than a lawsuit or such.