RUNNING A MICROSOFT OPERATING SYSTEM ON A NETWORK? OUR CONDOLENCES. [July 21, San Francisco] The CULT OF THE DEAD COW (cDc) will release Back Orifice, a remote MS Windows Administration tool at Defcon VI in Las Vegas (www.defcon.org) on August 1. Programmed by Sir Dystic [cDc], Back Orifice is a self-contained, self-installing utility which allows the user to control and monitor computers running the Windows operating system over a network. Sir Dystic sounded like an overworked sysadmin when he said, "The two main legitimate purposes for BO are, remote tech support aid and employee monitoring and administering [of a Windows network]." Back Orifice is going to be made available to anyone who takes the time to download it. So what does that mean for anyone who's bought into Microsoft's Swiss cheese approach to security? Plenty according to Mike Bloom, Chief Technical Officer for Gomi Media in Toronto. "The current path of learning I see around me is to learn what you have to to cover your ass, go home and watch Jerry. Microsoft has capitalized on this at the cost of production value which translates down to security. A move like releasing [Back Orifice] means that the lowest common denominator of user will have to come to understand the threat, and that it is not from [Sir Dystic] writing an app that [potentially] turns Win32 security on its ear, but that Microsoft has leveraged itself into a position where anyone who wants to can download an app [or write their own!] and learn a few tricks and make serious shit happen." None of this is lost on Microsoft. But then again, they don't care. Security is way down on their list of priorities according to security expert Russ Cooper of NT BUGTRAQ (www.ntbugtraq.com). "Microsoft doesn't care about security because I don't believe they think it affects their profit. And honestly, it probably doesn't." Nice. But regardless of which side of the firewall you sit on, you can't afford not to have a copy of Back Orifice. Here are the specs: Back Orifice (BO) allows the user to remotely control almost all parts of the operating system, including: File system Registry System Passwords Network Processes * BO contains extensive multimedia control, allowing images to be captured from the server machine's screen, or from any video input device attached to the machine. * BO has an integrated HTTP server, allowing uploads and downloads of files to and from a machine on any port using any http client. * BO has an integrated packet sniffer, allowing easy monitoring of network traffic. * BO has an integrated keyboard monitor, allowing the easy logging of keystrokes to a log file. * BO allows connection redirection, allowing connections to be bounced off a machine to any other machine on the Internet. * BO allows application redirection, allowing text based applications running on the server machine to be controlled via a simple telnet session. Even open a remote shell. * BO has a simple plugin interface, allowing additional modules to be written by third parties, and executed in Back Orifice's hidden system process. * BO is EASY TO INSTALL! Simply run the server, and it installs itself, and removes the executable it was originally run from, or it can be attached to any other Windows executable, which will run normally after installing the Back Orifice server. * BO is TRANSPARENT! Back Orifice does not show up in the task list, or even the Close Programs dialog, it is automatically restarted each time the computer boots, and does not affect the operation of any other applications. * BO is CONFIGURABLE! The filename that Back Orifice installs itself as, the port Back Orifice communicates on, and the encryption key are all configurable before the server is installed. * BO is ENCRYPTED! Communication packets used by Back Orifice are encrypted with a user definable key, so only the intended client can control the server. * BO is FREE! All the functionality mentioned above AND MORE is available in the 120k server, along with an easy to use text based or GUI client, Back Orifice comes with everything you need to distribute and control any number of machines. * BO is GROWING! New features, increased efficiency, new plugins, and more support are being added to Back Orifice every day. After August 3, Back Orifice will be available from www.cultdeadcow.com free of charge. For further details or lucrative film offers, please contact: The Deth Vegetable Minister of Propaganda CULT OF THE DEAD COW veggiet_private ............................................................................ The CULT OF THE DEAD COW (cDc) is the most influential group of hackers in the world. Formed in 1984, the cDc has done everything from publish the longest running e-zine on the Internet to diddling military networks around the globe. We could go on, but who's got the time. Journalists can check out the Medialist link on our Web site for more background information. Cheerio. "cDc. It's alla'bout style, jackass." -o- Subscribe: mail majordomot_private with "subscribe isn". Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:59:55 PDT