Attacking The Login Page

First of all, finding random sites that use login pages isn't difficult. A hacker who wants to get a sampling of educational sites with login pages constructed in ASP (Microsoft's Active Server Pages) would open up a browser with Google and enter the following:

inurl:login filetype:asp inurl:edu

The login page presented is effectively a gateway to an application.

As you enter data in the password box, asterisks appear instead of the characters typed. However, these are just a visual disguise; the password text box actually holds the password as entered. This information is passed to a program or page on the site server where the information is retrieved and tested for validity.

So what can go wrong with that? Try this yourself: Open Google and enter 'keypress recorder' in the search box, and see what comes back.

Each executable program mentioned in the search results is capable of sitting on your PC and recording keystrokes as you type them. So, for example, if one were sitting on my machine and recording my every keystroke, it would record a copy of this article as I write it. Some of them are smart and only record keystrokes in response to password prompts. Some of them are even smarter, and do not show up as running programs on the system, even though they are actually functioning. Another technique is to rename the illicit program as something that looks innocuous. For example, would you worry about "winprint.exe" if you came across it in your Windows directory?

Tags: Internet Security,

Related Articles: