From: m00012@KANGA.STCLOUD.MSUS.EDU
To: cypherpunks@toad.com
Message Hash: 59d5399f0c289ada2a3a9e4956a538a9f1097eb6b2df71a7e93038bbd74f3202
Message ID: <0098A089.4C425900.550@KANGA.STCLOUD.MSUS.EDU>
Reply To: N/A
UTC Datetime: 1995-01-06 06:58:49 UTC
Raw Date: Thu, 5 Jan 95 22:58:49 PST
From: m00012@KANGA.STCLOUD.MSUS.EDU
Date: Thu, 5 Jan 95 22:58:49 PST
To: cypherpunks@toad.com
Subject: sniff passwords on PC (DOS)
Message-ID: <0098A089.4C425900.550@KANGA.STCLOUD.MSUS.EDU>
MIME-Version: 1.0
Content-Type: text/plain
As a demonstration of concept, I wrote a small, simple program that
replaces the keyboard interrupt and stores all keystrokes in a buffer.
It was very very easy to write.
It works while using pgp and windows\net.
It does not work after starting windows. Not sure, but it seems obvious
that MS windows installs it's own keyboard interrupt.
I suppose it would be easy to enhance this simple program (I bet it's been
done by others) to store passwords into a secret file on a hard drive
unbeknownest to the user.
I first suspected that such a program already existed after hearing, two
days after his arrest, that the CIA had cracked Aldrich Aim's encrypted
files. (sorry if I spelled his name incorrectly.)
Think about it, the govt. could spend 50,000 to 100,000 to create a
freeware gif viewer, for example, that installed such a tsr.
Mike
P.S. If the guy who wanted to see his gf's files writes me, I'll send you
this keyboard sniffer program.
Return to January 1995
Return to “m00012@KANGA.STCLOUD.MSUS.EDU”
1995-01-06 (Thu, 5 Jan 95 22:58:49 PST) - sniff passwords on PC (DOS) - m00012@KANGA.STCLOUD.MSUS.EDU