[hks786]

Someone has been hacking my friends msn chat logs and printing them out. My friend uses bebo, facebook, msn and hotmail. Can anyone think exactly how the chat logs could have been hacked? Access to my friends computer is not really an option so it must be through one of the above mentioned ways.

Any ideas would be appreciated.

[klipseracer]

Keylogger.

read about a program called: Backorfice.

[DBFIU]

Dude your friend is getting hax0red. I bet it's someone leet, be careful.

[JayKay335i]

His girlfriend probably just installed her own key logger. Now hes going to get in trouble for jerking off to girls on MSN.

[BKV122]

Go on a totally random computer and have him change his pw for all those accts, and if he ordered anything online in the past month id check my credit card statements and probly have the CC co. give him new cards. Deff sounds like a keylogger

[solefald]

hahaha, i used to do that to my neighbor, just not snooping through his logs or anything.
i would connect to his wide open wireless network and print all kinds of retarded shit on his printer. lol

his dumbass "computer expert" friend came and "fixed" it by changing router password, without actually securing the wifi. hahah

[Blake]

keystroker for sure.

[Blake]

Quote:

Originally Posted by dark335i

haha tell me how to do this. my neighbor leaves their wifi open, that would be hilarious.

oh god...please let me play. i unsecured wifi networks. brings me back to my *nix days. radix, where you at whodi?

[JayKay335i]

Gaining access to their network doesn't mean your using their computer. You just have access to all their unsecured files and anything else connected to the network that isn't seccured. I.e. games, streaming music players, media centers, etc.

[radix]

Quote:

Originally Posted by hks786

Someone has been hacking my friends msn chat logs and printing them out. My friend uses bebo, facebook, msn and hotmail. Can anyone think exactly how the chat logs could have been hacked? Access to my friends computer is not really an option so it must be through one of the above mentioned ways.

Any ideas would be appreciated.

Explain why you think that access to his computer is not really an option.

[JayKay335i]

Quote:

Originally Posted by radix

Explain why you think that access to his computer is not really an option.

Because he hides the computer from his wife. DUhhhh.

[boymonkey]

If it's a full chat log, with names and received messages, then it might not be a key logger.

[JayKay335i]

Quote:

Originally Posted by boymonkey

If it's a full chat log, with names and received messages, then it might not be a key logger.

Its probably a key logger that was used to gain access to the user name. I believe MSN actually saves full logs of conversations unless you specifically go into options and tell it not to.

[hks786]

Quote:

Originally Posted by boymonkey

If it's a full chat log, with names and received messages, then it might not be a key logger.

Yes, it's a full chat log. I've seen how keyloggers work and its def not a keylogger.

Quote:

Originally Posted by JayKay335i

Its probably a key logger that was used to gain access to the user name. I believe MSN actually saves full logs of conversations unless you specifically go into options and tell it not to.

Yeah my friend's computer auto saves chat logs for msn.

[hks786]

Quote:

Originally Posted by radix

Explain why you think that access to his computer is not really an option.

I mean noone had physical access to the computer to take the files and put on a USB stick. The only other thing that could have happened is the whole computer system has been hacked and the hacker has access to everything. Who knows.

[boymonkey]

Quote:

Originally Posted by JayKay335i

Its probably a key logger that was used to gain access to the user name. I believe MSN actually saves full logs of conversations unless you specifically go into options and tell it not to.

That's possible.

For the chat logs, I thought they are saved on the local hard drive and not on the MSN servers. (Someone correct me if I'm wrong.) If so, this is more sophisticated than just getting someone's account name and password. It means they have access to the hard drive.

[JayKay335i]

I thought I remembered them being accessible from any computer. Could be wrong. Even so, all he had to do was be at a coffee shop or log on to any unsecured network anywhere for somebody to get into his personal files.

[radix]

Quote:

Originally Posted by hks786

I mean noone had physical access to the computer to take the files and put on a USB stick. The only other thing that could have happened is the whole computer system has been hacked and the hacker has access to everything. Who knows.

Either way I'd assume that at this point your friends machine is no longer his own. My recommendation:


1. Backup any important data.
2. Reinstall windows including all security patches from Microsoft's website.
3. Install VirtualBox.
4. Create a small Windows virtual machine (VM).
5. Restore any data to the VM first via USB, access all restored data in VM only.
6. Monitor VM for signs of trouble for a couple of weeks.
7. Promote restored data from VM to physical machine if all goes well.
8. Tear down VM, and uninstall VirtualBox.


The last step is optional. Personally, I think Windows should *only* be run in a VM where performance doesn't matter, and not exclusively for security reasons.

After reinstalling his machine, I would also recommend doing some port scans on it to make sure that he's not leaving unneeded ports open. nmap is available for this purpose. Additionally he will probably need to check his router/firewall settings and make sure that he is not forwarding or leaving open any ports he shouldn't be. If he is doing wireless, he should hide his SSID, use WPA2-PSK with strong encryption (no WEP under any circumstances).

[klipseracer]

Anything is possible. All you'd need is a wifi sniffer like wireshark and you can capture all the data being sent in plain text very easy across the internet. MSN's encryption is easy to break also. Backorfice is a very easy to use program and you can use it to transfer any file off someones computer and use less than 1kb/s of bandwidth to do it secretly. If you have a webcam he can turn that shit on too or activate your mic.

[radix]

Quote:

Originally Posted by klipseracer

Anything is possible. All you'd need is a wifi sniffer like wireshark and you can capture all the data being sent in plain text very easy across the internet. MSN's encryption is easy to break also. Backorfice is a very easy to use program and you can use it to transfer any file off someones computer and use less than 1kb/s of bandwidth to do it secretly. If you have a webcam he can turn that shit on too or activate your mic.

That's not entirely true. Wireshark would require access to his local network segment to be used. That access could be gained via an insecure wireless LAN, or by gaining access via aircrack, but it can't be done across the internet because it requires that the adapter being used to sniff be put into promiscuous mode on that network segment.

[JayKay335i]

Quote:

Originally Posted by radix

That's not entirely true. Wireshark would require access to his local network segment to be used. That access could be gained via an insecure wireless LAN, or by gaining access via aircrack, but it can't be done across the internet because it requires that the adapter being used to sniff be put into promiscuous mode on that network segment.

Promiscuous mode?

Ugh..... damn..... you mean I bought the non-whore version of my router?

[radix]

Quote:

Originally Posted by JayKay335i

Promiscuous mode?

Ugh..... damn..... you mean I bought the non-whore version of my router?

In this case the intruder's wireless adapter would be the whore, so no worries there.