Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › I think I had a hacker on my network. (inside job)
New Posts  All Forums:Forum Nav:

I think I had a hacker on my network. (inside job) - Page 2

post #11 of 21
Thread Starter 
Dude, I understand that question fully... I wanted to add a system, as I have one at my house and got the perp arrested a few days ago.. I'm thinking of adding one in my office just to know whats going on... Because this guy (My boss) is all too trusting..

I just wish I knew what the program this guy was trying to run... I rebooted it too quickly... The end user said it was scrolling all kinds of stuff on the screen.. with a red backround... BASH K-DOS something like that..
Edited by Joeteck - 3/14/12 at 7:50am
    
CPUMotherboardGraphicsGraphics
AMD Ryzen Threadripper 1950x X399 Aorus Gaming 7 EVGA GTX 980 ti MSI RX 580 
RAMHard DriveHard DriveOptical Drive
G.SKILL TridentZ RGB Series Samsung EVO 960 SAMSUN 850 EVO ASUS 
CoolingOSMonitorMonitor
Corsair H100i V2 Windows 10 Pro Gateway 24" 2485W2440 ASUS 24" 
MonitorMonitorMonitorMonitor
ASUS 24" Dell 22" DELL 23" Samsung 22" 
KeyboardPowerCaseMouse
Corsair K70 RGB Corsair 1000 Watt Coolermaster KAF 932 G502 
Mouse PadAudio
None Sound Blaster Z 
  hide details  
Reply
    
CPUMotherboardGraphicsGraphics
AMD Ryzen Threadripper 1950x X399 Aorus Gaming 7 EVGA GTX 980 ti MSI RX 580 
RAMHard DriveHard DriveOptical Drive
G.SKILL TridentZ RGB Series Samsung EVO 960 SAMSUN 850 EVO ASUS 
CoolingOSMonitorMonitor
Corsair H100i V2 Windows 10 Pro Gateway 24" 2485W2440 ASUS 24" 
MonitorMonitorMonitorMonitor
ASUS 24" Dell 22" DELL 23" Samsung 22" 
KeyboardPowerCaseMouse
Corsair K70 RGB Corsair 1000 Watt Coolermaster KAF 932 G502 
Mouse PadAudio
None Sound Blaster Z 
  hide details  
Reply
post #12 of 21
Quote:
Originally Posted by Joeteck View Post

Dude, I understand that question fully... I wanted to add a system, as I have one at my house and got the perp arrested a few days ago.. I'm thinking of adding one in my office just to know whats going on... Because this guy (My boss) is all too trusting..
I just wish I knew what the program this guy was trying to run... I rebooted it too quickly... The end user said it was scrolling all kinds of stuff on the screen.. with a red backround... BASH K-DOS something like that..

ahh that's different matter. In that case you can disregard my earlier posts.
post #13 of 21
Thread Starter 
Ok.... then what is it? I think I MAY have found it.. but I'm not sure... I'm downloading it now to see if that's it... The best way is making a bootable USB drive...
    
CPUMotherboardGraphicsGraphics
AMD Ryzen Threadripper 1950x X399 Aorus Gaming 7 EVGA GTX 980 ti MSI RX 580 
RAMHard DriveHard DriveOptical Drive
G.SKILL TridentZ RGB Series Samsung EVO 960 SAMSUN 850 EVO ASUS 
CoolingOSMonitorMonitor
Corsair H100i V2 Windows 10 Pro Gateway 24" 2485W2440 ASUS 24" 
MonitorMonitorMonitorMonitor
ASUS 24" Dell 22" DELL 23" Samsung 22" 
KeyboardPowerCaseMouse
Corsair K70 RGB Corsair 1000 Watt Coolermaster KAF 932 G502 
Mouse PadAudio
None Sound Blaster Z 
  hide details  
Reply
    
CPUMotherboardGraphicsGraphics
AMD Ryzen Threadripper 1950x X399 Aorus Gaming 7 EVGA GTX 980 ti MSI RX 580 
RAMHard DriveHard DriveOptical Drive
G.SKILL TridentZ RGB Series Samsung EVO 960 SAMSUN 850 EVO ASUS 
CoolingOSMonitorMonitor
Corsair H100i V2 Windows 10 Pro Gateway 24" 2485W2440 ASUS 24" 
MonitorMonitorMonitorMonitor
ASUS 24" Dell 22" DELL 23" Samsung 22" 
KeyboardPowerCaseMouse
Corsair K70 RGB Corsair 1000 Watt Coolermaster KAF 932 G502 
Mouse PadAudio
None Sound Blaster Z 
  hide details  
Reply
post #14 of 21
Don't run it on a live/connected PC - use a sandbox PC in case it's a virus/malware
Little Beast
(12 items)
 
Black 'n' blue II
(15 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7-4710MQ Nvidia Geforce GTX860M 2GB 16GB Kingston DDR3 1600MHz 240Gb Silicon Power S55/S60 SSD 
Hard DriveOSOSMonitor
1Tb Toshiba HDD 5400rpm Windows 8.1 Linux Mint 18 17.3" LED 1920x1080 
CaseMouseMouse PadAudio
PCSpecialist Optimus V ST17-860 Logitech MX518 Steelseries QcK Creative HS800 Fatal1ty 
CPUMotherboardGraphicsRAM
Core i7 860 @ 1.25V MSI P55-GD65 Xpertvision Radeon HD4850 4GB G.Skill Ripjaw 
Hard DriveOptical DriveCoolingOS
150Gb Velociraptor & 1Tb WD Caviar Black Opticon Lightscribe DVD-RW DL Noctua NH-U12P SE2 Vista Home Premium x64 
MonitorKeyboardPowerCase
Hyundai BlueH H224W 22" LCD Saitek Eclipse II Thermaltake Purepower RX 550 Galaxy III 
Mouse
Patuoxun optical gaming mouse 3200dpi 
  hide details  
Reply
Little Beast
(12 items)
 
Black 'n' blue II
(15 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7-4710MQ Nvidia Geforce GTX860M 2GB 16GB Kingston DDR3 1600MHz 240Gb Silicon Power S55/S60 SSD 
Hard DriveOSOSMonitor
1Tb Toshiba HDD 5400rpm Windows 8.1 Linux Mint 18 17.3" LED 1920x1080 
CaseMouseMouse PadAudio
PCSpecialist Optimus V ST17-860 Logitech MX518 Steelseries QcK Creative HS800 Fatal1ty 
CPUMotherboardGraphicsRAM
Core i7 860 @ 1.25V MSI P55-GD65 Xpertvision Radeon HD4850 4GB G.Skill Ripjaw 
Hard DriveOptical DriveCoolingOS
150Gb Velociraptor & 1Tb WD Caviar Black Opticon Lightscribe DVD-RW DL Noctua NH-U12P SE2 Vista Home Premium x64 
MonitorKeyboardPowerCase
Hyundai BlueH H224W 22" LCD Saitek Eclipse II Thermaltake Purepower RX 550 Galaxy III 
Mouse
Patuoxun optical gaming mouse 3200dpi 
  hide details  
Reply
post #15 of 21
I'm pretty sure it's just a bootable brute force. The culprit left in a hurry realizing he would have to wait 12 hours for the password.



Why would anyone wanna infiltrate your systems though?
Edit System
(15 items)
 
  
CPUMotherboardGraphicsRAM
830x4 ASUS blah blah blah PRO/USB3 FiveEightFiveZer0 2x4 AMD entertainment edition memory lolwut 
Hard DriveHard DriveOptical DriveCooling
Seagate Barracuda >:] WD Scorpio >:] idk lol 212 
OSMonitorKeyboardPower
xx64en_client_en-us_Retail_Ultimate-_EN_DVD LED 23'' 1080P 5MS no dead pixels :D Goodwill 500w PCP+C 80+<3 
CaseMouseMouse Pad
Antec 300 Was a G500 :*( Steel Series 
  hide details  
Reply
Edit System
(15 items)
 
  
CPUMotherboardGraphicsRAM
830x4 ASUS blah blah blah PRO/USB3 FiveEightFiveZer0 2x4 AMD entertainment edition memory lolwut 
Hard DriveHard DriveOptical DriveCooling
Seagate Barracuda >:] WD Scorpio >:] idk lol 212 
OSMonitorKeyboardPower
xx64en_client_en-us_Retail_Ultimate-_EN_DVD LED 23'' 1080P 5MS no dead pixels :D Goodwill 500w PCP+C 80+<3 
CaseMouseMouse Pad
Antec 300 Was a G500 :*( Steel Series 
  hide details  
Reply
post #16 of 21
I highly doubt it was a brute force. A couple years ago I found a nifty iso that contained a Windows password reset tool, since I locked myself out of my laptop it was just what I needed. But it simply accesses Windows' files and deletes the passwords and settings for all users, allowing a straight shot into Windows, and it works instantly. I suggest bios passwords from here on out btw.
    
CPUMotherboardGraphicsRAM
[Intel Core i7 5820K] {4.5GHz} [Asus Rampage V Extreme] [R9 290X Crossfire] {1205/1375} [Crucial DDR4] {16GB-2400MHz} 
Hard DriveHard DriveHard DriveOptical Drive
[Western Digital WD10EALS] [Samsung 840 Evo 250GB] [Western Digitan WD10EZEX] [Lite-On iHAS-524-B] 
CoolingOSMonitorKeyboard
[Custom Loop - Twin 360mm Rads] [Windows 8.1 Pro x64] [Samsung Syncmaster BX2450] [Logitech G510] 
PowerCaseMouseMouse Pad
[XFX Pro 1250] [CaseLabs Magnum M10] [Logitech G500] [GPGR Large] 
Audio
[Creative Sound Blaster Z] 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
[Intel Core i7 5820K] {4.5GHz} [Asus Rampage V Extreme] [R9 290X Crossfire] {1205/1375} [Crucial DDR4] {16GB-2400MHz} 
Hard DriveHard DriveHard DriveOptical Drive
[Western Digital WD10EALS] [Samsung 840 Evo 250GB] [Western Digitan WD10EZEX] [Lite-On iHAS-524-B] 
CoolingOSMonitorKeyboard
[Custom Loop - Twin 360mm Rads] [Windows 8.1 Pro x64] [Samsung Syncmaster BX2450] [Logitech G510] 
PowerCaseMouseMouse Pad
[XFX Pro 1250] [CaseLabs Magnum M10] [Logitech G500] [GPGR Large] 
Audio
[Creative Sound Blaster Z] 
  hide details  
Reply
post #17 of 21
Quote:
Originally Posted by AddictedGamer93 View Post

I highly doubt it was a brute force. A couple years ago I found a nifty iso that contained a Windows password reset tool, since I locked myself out of my laptop it was just what I needed. But it simply accesses Windows' files and deletes the passwords and settings for all users, allowing a straight shot into Windows, and it works instantly. I suggest bios passwords from here on out btw.

NT Offline Password. Quite handy, yes - with one key exception.


It doesn't work for domain access/domain controlled resources. At best the .ISO you're mentioning will provide access to only the local documents.
    
CPUMotherboardGraphicsRAM
Core i7 970 @ 4.0 GHz 1.22 Vcore Asus Rampage II Gene GTX 260 216SP G.SKILL PI 3x2gb DDR3 1600 @ 7-8-7-24 
Hard DriveOSMonitorPower
2x 500gb Seagates RAID 0, 1x 500gb non-RAID Windows 7 Professional x64 ASUS 24'' VH242H / Spectre 24'' WS Corsair 750TX 
Case
Corsair 300R 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Core i7 970 @ 4.0 GHz 1.22 Vcore Asus Rampage II Gene GTX 260 216SP G.SKILL PI 3x2gb DDR3 1600 @ 7-8-7-24 
Hard DriveOSMonitorPower
2x 500gb Seagates RAID 0, 1x 500gb non-RAID Windows 7 Professional x64 ASUS 24'' VH242H / Spectre 24'' WS Corsair 750TX 
Case
Corsair 300R 
  hide details  
Reply
post #18 of 21
Thread Starter 
Yeah, that's called NTpassword.. You can get that neat little program by downloading the UNetbootin program, which makes any USB thumb drive into bootable media... XP CD, Windows 7 DVD, Linux Distro... Hacking tools.. you name it...

I just wish I can find out which one he used...
Edited by Joeteck - 3/14/12 at 12:10pm
    
CPUMotherboardGraphicsGraphics
AMD Ryzen Threadripper 1950x X399 Aorus Gaming 7 EVGA GTX 980 ti MSI RX 580 
RAMHard DriveHard DriveOptical Drive
G.SKILL TridentZ RGB Series Samsung EVO 960 SAMSUN 850 EVO ASUS 
CoolingOSMonitorMonitor
Corsair H100i V2 Windows 10 Pro Gateway 24" 2485W2440 ASUS 24" 
MonitorMonitorMonitorMonitor
ASUS 24" Dell 22" DELL 23" Samsung 22" 
KeyboardPowerCaseMouse
Corsair K70 RGB Corsair 1000 Watt Coolermaster KAF 932 G502 
Mouse PadAudio
None Sound Blaster Z 
  hide details  
Reply
    
CPUMotherboardGraphicsGraphics
AMD Ryzen Threadripper 1950x X399 Aorus Gaming 7 EVGA GTX 980 ti MSI RX 580 
RAMHard DriveHard DriveOptical Drive
G.SKILL TridentZ RGB Series Samsung EVO 960 SAMSUN 850 EVO ASUS 
CoolingOSMonitorMonitor
Corsair H100i V2 Windows 10 Pro Gateway 24" 2485W2440 ASUS 24" 
MonitorMonitorMonitorMonitor
ASUS 24" Dell 22" DELL 23" Samsung 22" 
KeyboardPowerCaseMouse
Corsair K70 RGB Corsair 1000 Watt Coolermaster KAF 932 G502 
Mouse PadAudio
None Sound Blaster Z 
  hide details  
Reply
post #19 of 21
i wouldn't worry about the computer end of it so much. you have someone IN your building messing around. stop wasting time on google and get some cameras / call the cops.

it's probably the cleaning staff. one (or two) of them was stealing from our office!
stable again
(25 items)
 
  
CPUCPUMotherboardGraphics
E5-2687W E5-2687W ASUS Z9PED8-WS EVGA GTX 570 (Linux host) 
GraphicsRAMHard DriveHard Drive
EVGA GTX 970 FTW (win7 guest) 64GB G.SKILL 2133 2x Crucial M4 256GB raid1 4x 3TB raid 10 
CoolingCoolingCoolingCooling
2x Apogee HD  2x RX 480 2x MCP 655 RP-452x2 rev2 (new) 
CoolingCoolingOSOS
16x Cougar Turbine CFT12SB4 (new) EK FC 580 Gentoo (host) Gentoo (x23 guests) 
OSMonitorMonitorPower
windows 7 (guest w/ vfio-pci) Viewsonic 23" 1080P Viewsonic 19" Antec HCP Platinum 1000 (new) 
CaseOtherOther
Case Labs TH10 (still the best ever) 2x Lamptron FC-5 IOGEAR 2 way DVI KVM Switch 
  hide details  
Reply
stable again
(25 items)
 
  
CPUCPUMotherboardGraphics
E5-2687W E5-2687W ASUS Z9PED8-WS EVGA GTX 570 (Linux host) 
GraphicsRAMHard DriveHard Drive
EVGA GTX 970 FTW (win7 guest) 64GB G.SKILL 2133 2x Crucial M4 256GB raid1 4x 3TB raid 10 
CoolingCoolingCoolingCooling
2x Apogee HD  2x RX 480 2x MCP 655 RP-452x2 rev2 (new) 
CoolingCoolingOSOS
16x Cougar Turbine CFT12SB4 (new) EK FC 580 Gentoo (host) Gentoo (x23 guests) 
OSMonitorMonitorPower
windows 7 (guest w/ vfio-pci) Viewsonic 23" 1080P Viewsonic 19" Antec HCP Platinum 1000 (new) 
CaseOtherOther
Case Labs TH10 (still the best ever) 2x Lamptron FC-5 IOGEAR 2 way DVI KVM Switch 
  hide details  
Reply
post #20 of 21
Quote:
Originally Posted by lloyd mcclendon View Post

i wouldn't worry about the computer end of it so much. you have someone IN your building messing around. stop wasting time on google and get some cameras / call the cops.
it's probably the cleaning staff. one (or two) of them was stealing from our office!

QFT smile.gif
Little Beast
(12 items)
 
Black 'n' blue II
(15 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7-4710MQ Nvidia Geforce GTX860M 2GB 16GB Kingston DDR3 1600MHz 240Gb Silicon Power S55/S60 SSD 
Hard DriveOSOSMonitor
1Tb Toshiba HDD 5400rpm Windows 8.1 Linux Mint 18 17.3" LED 1920x1080 
CaseMouseMouse PadAudio
PCSpecialist Optimus V ST17-860 Logitech MX518 Steelseries QcK Creative HS800 Fatal1ty 
CPUMotherboardGraphicsRAM
Core i7 860 @ 1.25V MSI P55-GD65 Xpertvision Radeon HD4850 4GB G.Skill Ripjaw 
Hard DriveOptical DriveCoolingOS
150Gb Velociraptor & 1Tb WD Caviar Black Opticon Lightscribe DVD-RW DL Noctua NH-U12P SE2 Vista Home Premium x64 
MonitorKeyboardPowerCase
Hyundai BlueH H224W 22" LCD Saitek Eclipse II Thermaltake Purepower RX 550 Galaxy III 
Mouse
Patuoxun optical gaming mouse 3200dpi 
  hide details  
Reply
Little Beast
(12 items)
 
Black 'n' blue II
(15 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7-4710MQ Nvidia Geforce GTX860M 2GB 16GB Kingston DDR3 1600MHz 240Gb Silicon Power S55/S60 SSD 
Hard DriveOSOSMonitor
1Tb Toshiba HDD 5400rpm Windows 8.1 Linux Mint 18 17.3" LED 1920x1080 
CaseMouseMouse PadAudio
PCSpecialist Optimus V ST17-860 Logitech MX518 Steelseries QcK Creative HS800 Fatal1ty 
CPUMotherboardGraphicsRAM
Core i7 860 @ 1.25V MSI P55-GD65 Xpertvision Radeon HD4850 4GB G.Skill Ripjaw 
Hard DriveOptical DriveCoolingOS
150Gb Velociraptor & 1Tb WD Caviar Black Opticon Lightscribe DVD-RW DL Noctua NH-U12P SE2 Vista Home Premium x64 
MonitorKeyboardPowerCase
Hyundai BlueH H224W 22" LCD Saitek Eclipse II Thermaltake Purepower RX 550 Galaxy III 
Mouse
Patuoxun optical gaming mouse 3200dpi 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Linux, Unix
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › I think I had a hacker on my network. (inside job)