home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!zaphod.mps.ohio-state.edu!malgudi.oar.net!uoft02.utoledo.edu!jupiter!steiner
- Newsgroups: alt.hackers
- Subject: Re: Forgery
- Message-ID: <1992Jul23.105838.8871@uoft02.utoledo.edu>
- From: steiner@jupiter.cse.utoledo.edu (jason steiner)
- Date: 23 Jul 92 10:58:37 EST
- References: <1992Jul23.130654.22912@spool.cs.wisc.edu>
- Approved: damn straight.
- Nntp-Posting-Host: jupiter.cse.utoledo.edu
- Lines: 27
-
- faber@loon.cs.wisc.edu (Ted Faber) writes:
- > In <Brsy56.6po@undergrad.math.waterloo.edu> PPan@Fairytale (Peter Pan) writes:
- >
- > > A couple of post ago, someone mentioned something about writing a
- > >trojan horse login program to collect and store userids and passwords.
- > >Did you get it to work? Its fairly trivial actually, for this reason I always
- > >do a fake login before really logging in to make sure everything is 'real'.
- >
- > Of course, you realize that only wins if the author of the trojan
- > doesn't fake login failure twice. Better to power cycle the
- > terminal if it's in a public place. If you're logging in from a PC
- > in a public place you're on your own. Maybe you should change your
- > password after every login :-)
-
- ObHack & followup: i've been meaning to learn C for a long time now,
- but haven't had the time 'til this summer. last night i wrote
- my second C program, which was based on the idea mentioned above.
- doubt i'll ever use, but in attempting to emulate the login
- sequence exactly i learned stuff about signals, files,
- encryption, ioctl, & general syntax. much more interesting
- than the projects i get in my CS classes. :^) oh yeah, it
- doesn't cycle a set number of times. checks the password
- to make sure it's the right one before telling you it's
- the -wrong- one, logging it & dumping you back to the real
- login.
-
- know what? C really kicks Pascal in the head.
-
