RUNNING A MICROSOFT OPERATING SYSTEM ON A NETWORK? OUR CONDOLENCES.
[July 21, San Francisco] The CULT OF THE DEAD COW (cDc) will release Back
Orifice, a remote MS Windows Administration tool at Defcon VI in Las Vegas
(www.defcon.org) on August 1. Programmed by Sir Dystic [cDc], Back Orifice
is a self-contained, self-installing utility which allows the user to
control and monitor computers running the Windows operating system over a
network.
Sir Dystic sounded like an overworked sysadmin when he said, "The two main
legitimate purposes for BO are, remote tech support aid and employee
monitoring and administering [of a Windows network]."
Back Orifice is going to be made available to anyone who takes the time to
download it. So what does that mean for anyone who's bought into
Microsoft's Swiss cheese approach to security? Plenty according to
Mike Bloom, Chief Technical Officer for Gomi Media in Toronto.
"The current path of learning I see around me is to learn what you have to
to cover your ass, go home and watch Jerry. Microsoft has capitalized on
this at the cost of production value which translates down to security. A
move like releasing [Back Orifice] means that the lowest common
denominator of user will have to come to understand the threat, and that
it is not from [Sir Dystic] writing an app that [potentially] turns Win32
security on its ear, but that Microsoft has leveraged itself into a
position where anyone who wants to can download an app [or write their
own!] and learn a few tricks and make serious shit happen."
None of this is lost on Microsoft. But then again, they don't care.
Security is way down on their list of priorities according to security
expert Russ Cooper of NT BUGTRAQ (www.ntbugtraq.com). "Microsoft doesn't
care about security because I don't believe they think it affects their
profit. And honestly, it probably doesn't." Nice. But regardless of which
side of the firewall you sit on, you can't afford not to have a copy of
Back Orifice. Here are the specs:
Back Orifice (BO) allows the user to remotely control almost all parts of
the operating system, including:
File system
Registry
System
Passwords
Network
Processes
* BO contains extensive multimedia control, allowing images to be captured
from the server machine's screen, or from any video input device attached
to the machine.
* BO has an integrated HTTP server, allowing uploads and downloads of
files to and from a machine on any port using any http client.
* BO has an integrated packet sniffer, allowing easy monitoring of network
traffic.
* BO has an integrated keyboard monitor, allowing the easy logging of
keystrokes to a log file.
* BO allows connection redirection, allowing connections to be bounced off
a machine to any other machine on the Internet.
* BO allows application redirection, allowing text based applications
running on the server machine to be controlled via a simple telnet
session. Even open a remote shell.
* BO has a simple plugin interface, allowing additional modules to be
written by third parties, and executed in Back Orifice's hidden system
process.
* BO is EASY TO INSTALL! Simply run the server, and it installs itself,
and removes the executable it was originally run from, or it can be
attached to any other Windows executable, which will run normally after
installing the Back Orifice server.
* BO is TRANSPARENT! Back Orifice does not show up in the task list, or
even the Close Programs dialog, it is automatically restarted each time
the computer boots, and does not affect the operation of any other
applications.
* BO is CONFIGURABLE! The filename that Back Orifice installs itself as,
the port Back Orifice communicates on, and the encryption key are all
configurable before the server is installed.
* BO is ENCRYPTED! Communication packets used by Back Orifice are
encrypted with a user definable key, so only the intended client can
control the server.
* BO is FREE! All the functionality mentioned above AND MORE is available
in the 120k server, along with an easy to use text based or GUI client,
Back Orifice comes with everything you need to distribute and control any
number of machines.
* BO is GROWING! New features, increased efficiency, new plugins, and
more support are being added to Back Orifice every day.
After August 3, Back Orifice will be available from www.cultdeadcow.com
free of charge.
For further details or lucrative film offers, please contact:
The Deth Vegetable
Minister of Propaganda
CULT OF THE DEAD COW
veggiet_private
............................................................................
The CULT OF THE DEAD COW (cDc) is the most influential group of hackers in
the world. Formed in 1984, the cDc has done everything from publish the
longest running e-zine on the Internet to diddling military networks
around the globe. We could go on, but who's got the time. Journalists can
check out the Medialist link on our Web site for more background
information. Cheerio.
"cDc. It's alla'bout style, jackass."
-o-
Subscribe: mail majordomot_private with "subscribe isn".
Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:59:55 PDT