Re: Covert Microphone Application

From: Ivan Arce (ivan.arce@coresecurity.com)
Date: Wed Aug 09 2006 - 18:37:31 EDT

Sorry for the commercial plug

[Erin: if this should not pass to the list, just drop the message off the
moderator's queue and let me know so I don't send similar things in the future]

CORE IMPACT has a Python module (uses win32api)to do just that, it is called
"Record audio file" (there is also a "play audio file" and a "grab 1 frame
from Webcam")

Basically, it uses the Windows MCI interface:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/multimed/htm/_win32_about_mci.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/multimed/htm/_win32_mci_reference.asp

There is also a generic "Execute MCI string" that we commonly use to amuse
ourselves by opening/closing the CD door remotely once we've gain access to
a target system running windows.

It should not be difficult to write your own quickly with Python and the
above reference from the MSDN

-ivan

shiri_yacov@yahoo.com wrote:
> Hi all,
> I have recently entered with my boss to our corp. conference room to discover a new (shining) internet laptop on a side desk in the room.
> During our chat I mentioned that the laptop has a builtin microphone and therefore enables covert eavsdropping in case the laptop is "ruled" from remote position, and therefore, a conference room PC should have no builtin mic.
> My sceptic boss replied instantly - "I challange you, bring me a recording of any meeting - I`ll replace the laptop, and you`ll receive
> it."
>
> I therefore need a small covert application (no need in process hiding), which will record microphone input to file. command line application is perfect.
>
> Do any of you know any ?
>
> Guys, I gotta have this laptop...
>
> Regards,
> Shiri
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue to rise,
> you need to proactively protect your applications from hackers. Cenzic has the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request@cenzic.com for details.
> ------------------------------------------------------------------------------
> 

-- 
---
"Buy the ticket, take the ride" -HST
Ivan Arce
CTO
CORE SECURITY TECHNOLOGIES
http://www.coresecurity.com
PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:38 EDT