Jump to content

When Pen Testers fight back... - Take that Windows scammers!

Crion
By Crion
in Tech News
 Share
Posted

We've all heard about the scam calls people have been getting claiming to be Microsoft Support asking for remote access so that they can "fix" your computer while they "secretly" install backdoor software.  Well one pen tester decided that enough was enough.  He managed to discover an exploit in Ammyy Admin which turns the attacked user into the attacker.  Note, that the developer of the exploit notes that the use of such a tool as "revenge" is likely illegal in most countries and he has only tested the kit on a set of virtual machines of his own. 

 

http://arstechnica.com/security/2014/09/turning-the-tables-on-windows-support-scammers-by-compromising-their-pcs/

Current Rig
AMD Ryzen 5900X - Asus ROG Strix X570-E Gaming WiFi 2 - 32 GB GSkill TridentZ RGB
GeForce RTX 3080 - WD Black SN850 1TB  - Lian Li O11 Dynamic XL

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

thought you meant ball point pen testers xD

that could so be my job -click click click click click click click-

Case: NZXT Phantom PSU: EVGA G2 650w Motherboard: Asus Z97-Pro (Wifi-AC) CPU: 4690K @4.2ghz/1.2V Cooler: Noctua NH-D15 Ram: Kingston HyperX FURY 16GB 1866mhz GPU: Gigabyte G1 GTX970 Storage: (2x) WD Caviar Blue 1TB, Crucial MX100 256GB SSD, Samsung 840 SSD Wifi: TP Link WDN4800

 

Donkeys are love, Donkeys are life.                    "No answer means no problem!" - Luke 2015

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Can I just say... HAHAHAHAHAHAHA STOOPID ATTACKERS

Main rig on profile

VAULT - File Server

Spoiler

Intel Core i5 11400 w/ Shadow Rock LP, 2x16GB SP GAMING 3200MHz CL16, ASUS PRIME Z590-A, 2x LSI 9211-8i, Fractal Define 7, 256GB Team MP33, 3x 6TB WD Red Pro (general storage), 3x 1TB Seagate Barracuda (dumping ground), 3x 8TB WD White-Label (Plex) (all 3 arrays in their respective Windows Parity storage spaces), Corsair RM750x, Windows 11 Education

Sleeper HP Pavilion A6137C

Spoiler

Intel Core i7 6700K @ 4.4GHz, 4x8GB G.SKILL Ares 1800MHz CL10, ASUS Z170M-E D3, 128GB Team MP33, 1TB Seagate Barracuda, 320GB Samsung Spinpoint (for video capture), MSI GTX 970 100ME, EVGA 650G1, Windows 10 Pro

Mac Mini (Late 2020)

Spoiler

Apple M1, 8GB RAM, 256GB, macOS Sonoma

Consoles: Softmodded 1.4 Xbox w/ 500GB HDD, Xbox 360 Elite 120GB Falcon, XB1X w/2TB MX500, Xbox Series X, PS1 1001, PS2 Slim 70000 w/ FreeMcBoot, PS4 Pro 7015B 1TB (retired), PS5 Digital, Nintendo Switch OLED, Nintendo Wii RVL-001 (black)

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

thought you meant ball point pen testers xD

that could so be my job -click click click click click click click-

*click click click* Oh wait this isn't for testing pens? I thought it was a perfect job, but this isn't what I was looking for.

 

Spoiler

Senor Shiny: Main- CPU Intel i7 6700k 4.7GHz @1.42v | RAM G.Skill TridentZ CL16 3200 | GPU Asus Strix GTX 1070 (2100/2152) | Motherboard ASRock Z170 OC Formula | HDD Seagate 1TB x2 | SSD 850 EVO 120GB | CASE NZXT S340 (Black) | PSU Supernova G2 750W  | Cooling NZXT Kraken X62 w/Vardars
Secondary (Plex): CPU Intel Xeon E3-1230 v3 @1.099v | RAM Samsun Wonder 16GB CL9 1600 (sadly no oc) | GPU Asus GTX 680 4GB DCII | Motherboard ASRock H97M-Pro4 | HDDs Seagate 1TB, WD Blue 1TB, WD Blue 3TB | Case Corsair Air 240 (Black) | PSU EVGA 600B | Cooling GeminII S524

Spoiler

(Deceased) DangerousNotDell- CPU AMD AMD FX 8120 @4.8GHz 1.42v | GPU Asus GTX 680 4GB DCII | RAM Samsung Wonder 8GB (CL9 2133MHz 1.6v) | Motherboard Asus Crosshair V Formula-Z | Cooling EVO 212 | Case Rosewill Redbone | PSU EVGA 600B | HDD Seagate 1TB

DangerousNotDell New Parts For Main Rig Build Log, Señor Shiny  I am a beautiful person. The comments for your help. I have to be a good book. I have to be a good book. I have to be a good book.

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

People should really think and use their brains, how is "tech support" supposed to have your TELEPHONE NUMBER, you never (far as I now) give Microsoft (or really namy company) your number.

http://pcpartpicker.com/p/fPvPyc

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

People should really think and use their brains, how is "tech support" supposed to have your TELEPHONE NUMBER, you never (far as I now) give Microsoft (or really namy company) your number.

Everyheard of 2 step verification? Google, FaceBook and Microsoft all do it. Anyway they don't target tech savvy people with this, they target people who don't know much about tech, and to them as soon as the guy on the phone says "Microsoft" they'll trust him

"Great minds discuss ideas; average minds discuss events; small minds discuss people."

Main rig:

i7-4790 - 24GB RAM - GTX 970 - Samsung 840 240GB Evo - 2x 2TB Seagate. - 4 monitors - G710+ - G600 - Zalman Z9U3

Other devices

Oneplus One 64GB Sandstone

Surface Pro 3 - i7 - 256Gb

Surface RT

Server:

SuperMicro something - Xeon e3 1220 V2 - 12GB RAM - 16TB of Seagates 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Everyheard of 2 step verification? Google, FaceBook and Microsoft all do it. Anyway they don't target tech savvy people with this, they target people who don't know much about tech, and to them as soon as the guy on the phone says "Microsoft" they'll trust him

While true it caught me offguard only because I was fixing my bf's computer at the time. And they managed to guess the amount of computers in the house to 3. I questioned it and tried to get the guy to understand I can't go to a website right now I have all the parts taken out of the machine and then as he's telling me the website it was clear he wasn't with Microsoft. I thought it was really suspicious that "Windows Technical Department" was calling me but I thought maybe his machine just had some really really ground breaking something serious wrong with it when they called. If it had been any other time where I wasn't already to focused on fixing his computer i'd have laughed and told him to gtfo instantly.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

thought you meant ball point pen testers xD

that could so be my job -click click click click click click click-

 

no no no Jimmy, you start off with the cheap transparent pens with caps, the fancy clicking ones are out of your league ;)

 

Im awaiting video proof of this counter measure, this would be so fun to watch!

i9 11900k - NH-D15S - ASUS Z-590-F - 64GB 2400Mhz - 1080ti SC - 970evo 1TB - 960evo 250GB - 850evo 250GB - WDblack 1TB - WDblue 3TB - HX850i - 27GN850-B - PB278Q - VX229 - HP P224 - HP P224 - HannsG HT231 - 450D                                                         
Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I have caller ID, it tells me if it's an overseas number, I don't know anyone from over seas so I just pick it up and hang up on them.  Problem solved.  One day if I'm feeling jovial I mess around with one, but I don;t want them to think my number is active in case it's on an actual list as opposed to a auto-dialer.

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Make it turn off their computers cooling fans and overvolt the cpu to as many volts as possible.

 

Or redirect all of their calls or remote access requests to comcast.

Ketchup is better than mustard.

GUI is better than Command Line Interface.

Dubs are better than subs

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×