Quote: Original post by Ravuya

Quote: Original post by Don Carnage
5) Take the keyboard to a recording studio. Record the sounds of hitting the individual keys. Then setup a sound recorder near the system, and have it running when the admin logs in. Then take the recording and match the keystrokes against those in your recording to get the password.

I'd be surprised if this worked. You'd need a stereo microphone, for starters, and then some way to get enough resolution out of the keypress sounds without resulting echoes/noise that would distort the wave match. It could work with multiple microphones and triangulation, but I'm pretty sure I wouldn't use a computer that had like fifty microphones lying around it.

Either way it'd probably be a lot easier to just design a TEMPEST rig.

Maybe he'd be sneaky and hide those 50 mics in things you wouldn't notice, like empty energy drink cans... or teddy bears... lots and lots of teddy bears...

Quote: Original post by Ravuya

Quote: Original post by Don Carnage
5) Take the keyboard to a recording studio. Record the sounds of hitting the individual keys. Then setup a sound recorder near the system, and have it running when the admin logs in. Then take the recording and match the keystrokes against those in your recording to get the password.

I'd be surprised if this worked. You'd need a stereo microphone, for starters, and then some way to get enough resolution out of the keypress sounds without resulting echoes/noise that would distort the wave match. It could work with multiple microphones and triangulation, but I'm pretty sure I wouldn't use a computer that had like fifty microphones lying around it[...]

Case Study: Acoustic Keyboard Emanations
Dictionary attacks using keyboard acoustic emanations

No sound is safe from surreptitious snoopers.

Or just use a hardware keyboard logger.

Quote: Original post by Extrarius

Quote: Original post by Ravuya

Quote: Original post by Don Carnage
5) Take the keyboard to a recording studio. Record the sounds of hitting the individual keys. Then setup a sound recorder near the system, and have it running when the admin logs in. Then take the recording and match the keystrokes against those in your recording to get the password.

I'd be surprised if this worked. You'd need a stereo microphone, for starters, and then some way to get enough resolution out of the keypress sounds without resulting echoes/noise that would distort the wave match. It could work with multiple microphones and triangulation, but I'm pretty sure I wouldn't use a computer that had like fifty microphones lying around it[...]

Case Study: Acoustic Keyboard Emanations
Dictionary attacks using keyboard acoustic emanations

No sound is safe from surreptitious snoopers.

I'll be damned. It seems like it has a lot of limitations (the first paper referenced has a bunch of restrictions on client/hardware/microphone) but I hadn't thought to use something like a neural network to gradually "train" the algorithm. Clever!

You can change it like this:

In the command prompt, type this in:

net user USERNAME *

Change USERNAME to that user's username.

Quote: Original post by Nypyren
Or just use a hardware keyboard logger.

Not that this is my own story, but I knew a guy who knew a guy...

who used to go to public libraries and even in his high school and place hardware keyloggers onto keyboards, since hardware keyloggers are harder to find than software keyloggers that plague our systems today :) Thank you Anti-virus.

At any rate, it's amazing how many people he told me that order things off of ebay and look at their bank accounts and the what not via public domains...so much so that he started profiling people and learning what they liked to buy, what their hobbies were, and what their spending habits were. Then he'd take his "little black book" full of profiles, and transfer small amounts of money into fakely named paypal accounts, small enough the victim wouldn't know about it, and usually in a category such as their hobby -- Like...Johnnie loves deer hunting, Johnnie sees that 9.99 has been taken out of his account via a Paypal account called Hunting Unlimited. looks pretty legit right? It works believe me....or so my friend says, he stopped doing this when he turned 17 though due to the increasing chance of him getting caught.

Quote: Original post by Christopher Loyd

Quote: Original post by Nypyren
Or just use a hardware keyboard logger.

Not that this is my own story, but I knew a guy who knew a guy...

who used to go to public libraries and even in his high school and place hardware keyloggers onto keyboards, since hardware keyloggers are harder to find than software keyloggers that plague our systems today :) Thank you Anti-virus.

At any rate, it's amazing how many people he told me that order things off of ebay and look at their bank accounts and the what not via public domains...so much so that he started profiling people and learning what they liked to buy, what their hobbies were, and what their spending habits were. Then he'd take his "little black book" full of profiles, and transfer small amounts of money into fakely named paypal accounts, small enough the victim wouldn't know about it, and usually in a category such as their hobby -- Like...Johnnie loves deer hunting, Johnnie sees that 9.99 has been taken out of his account via a Paypal account called Hunting Unlimited. looks pretty legit right? It works believe me....or so my friend says, he stopped doing this when he turned 17 though due to the increasing chance of him getting caught.

I'm not exactly thrilled about the whole stealing other people's money part, but the idea of studying someone's habits like what they buy, etc... is really interesting. It's crazy how grocery stores do that with their little 'perks' cards and then target certain ad campaigns around your area based on what people are likely to buy.

Quote: Original post by programmermattc

Quote: Original post by Christopher Loyd

Quote: Original post by Nypyren
Or just use a hardware keyboard logger.

Not that this is my own story, but I knew a guy who knew a guy...

who used to go to public libraries and even in his high school and place hardware keyloggers onto keyboards, since hardware keyloggers are harder to find than software keyloggers that plague our systems today :) Thank you Anti-virus.

At any rate, it's amazing how many people he told me that order things off of ebay and look at their bank accounts and the what not via public domains...so much so that he started profiling people and learning what they liked to buy, what their hobbies were, and what their spending habits were. Then he'd take his "little black book" full of profiles, and transfer small amounts of money into fakely named paypal accounts, small enough the victim wouldn't know about it, and usually in a category such as their hobby -- Like...Johnnie loves deer hunting, Johnnie sees that 9.99 has been taken out of his account via a Paypal account called Hunting Unlimited. looks pretty legit right? It works believe me....or so my friend says, he stopped doing this when he turned 17 though due to the increasing chance of him getting caught.

I'm not exactly thrilled about the whole stealing other people's money part, but the idea of studying someone's habits like what they buy, etc... is really interesting. It's crazy how grocery stores do that with their little 'perks' cards and then target certain ad campaigns around your area based on what people are likely to buy.

psychology is awesome :)

Quote: Original post by programmermattc
Back in the day when computers had floppy drives there was this neat program I used on a machine with XP that you would boot up and it would somehow copy all the passwords to the disk. Neat little program...

Up until XP SP2, it was pretty easy to do something similar. Working for a large corporation for a summer job I learned some interesting things. We had one particular tool that we'd use that would boot from CD and could be used to reset the admin password. I have no idea if anything like it exists for OSes post XP SP2, but I would have my doubts.

To the OP: Why are you wanting to do this?

Quote: Original post by Moe
Up until XP SP2, it was pretty easy to do something similar. Working for a large corporation for a summer job I learned some interesting things. We had one particular tool that we'd use that would boot from CD and could be used to reset the admin password. I have no idea if anything like it exists for OSes post XP SP2, but I would have my doubts.

It is still possible with the newer OS:es (Win client&server), but you obviously need physical access to the machine (which pretty much destroys any software defences anyway). The real admin is going to notice this type of hacking sooner or later, if you don't use a social engineering attack. Also, encrypted files of the original user will stay encrypted.

The tool is extremely easy to obtain and somewhat simple to operate but I'm not going to disclose hacking instructions here.

Do note that in Linux as well as most Unix variants, the process is even easier (but still requires physical machine access).