Finally I managed to make a Gina which is able to send the password using ftp to my own PC. It does the following:
* When starting Gina, try to connect to the ftp server (which I run from my laptop). This is done in a separate thead and is tried for 8 minutes to succeed. After that it will wait for a password to be captured.
* When a password is entered this is stored in a global structure.
* The polling thread watches this global structure for a newentry and it will send it as a NOOP command to my ftp server.

On my own ftp server I can look at all connections and their commands, When I see the NOOP, I can see the password (and username) of the target machine. The password is encrypted to make sure nobody else can abuse thie information.


GINA, phase 2

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.