A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Capturing Passwords into the Secure Desktop - Marcio Almeida de Macedo, Bruno Gonçalves de Oliveira (Passwords Con 2014) (Hacking Illustrated Series InfoSec Tutorial Videos)

Capturing Passwords into the Secure Desktop - Marcio Almeida de Macedo, Bruno Gonçalves de Oliveira

Abstract:The Secure Desktop is a feature of Windows API that creates a separated desktop to run programs/processes and this way not allowing processes and programs running in other desktops to capture keystrokes or screen in this desktop. The Secure Desktop’s primary difference from the User Desktop is that only trusted processes running as SYSTEM are allowed to run here (i.e. nothing running as the User’s privilege level) and the path to get to the Secure Desktop from the User Desktop must also be trusted through the entire chain. Because of the main feature provided by Secure Desktop some password protector softwares like Password1 and Keepass are developed using the secure desktop feature to unlock the password vault trying avoid malwares to capture the Master Password. But like every feature, if isn't well implemented it can provide a fake security sensation and even if the application is running in a secure desktop, using some tricks an attacker is able to ""escape the sandbox"" provided by secure desktop and run remote programs/processes in the secure desktop of those application that will lead an attacker to interact with the user input and capture what is typed. The main goal of this talk is present some real world examples that uses secure desktop and show how to sniff the keystrokes or capture screen in the secured desktops bypassing the main feature of windows secure desktop utilizing a tool developed by us. Also, the attacking scenario is any application that utilizes the Desktop objects from the Windows API to generate another desktop for executing itself running under any Windows OS, to protect against keyloggers.

Back to Passwords Con 2014 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast