Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

VGA DVI and HDMI connections


  • Please log in to reply
3 replies to this topic

#1 logikz

logikz

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:05:22 PM

Posted 04 September 2011 - 12:31 AM

Is there a possible way to alter an HDMI, DVI or VGA cable to penetrate the security of a computer absolutely? I mean physically. Possibly by way of a docking station?

Edited by logikz, 04 September 2011 - 12:37 AM.


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:22 PM

Posted 04 September 2011 - 12:46 AM

What do you mean?

#3 logikz

logikz
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:05:22 PM

Posted 04 September 2011 - 01:18 AM

well firstly, can a serial port like these be used to transmit data to alter a computer? Like you can get your TV's or monitor make and model through the cord, could the cord be altered in such a way that it could instead of sending this information about your device, be made to upload malicious content onto a computer? Like could you be infected by your TV even thru a standard user's account while being plugged into the TV. This is also plugged in during booting the computer. I guess i should investigate on what exactly the cord and device can send through one another. On the same issue really, if logged onto a standard user account, is there anyway that plugging a USB device onto the computer that it could corrupt even the administrator's account? I'm not exactly sure what im dealing with here. It is not a virus per-say, but all i know is after i plugged my TV into my HDMI port my standard user account has complete access to all of the administrator's files. I can edit, delete, and add to anything in his directory. Say C:\users\Admin\Appdata from a standard user account. I make new accounts but all have the same access, even to the other user accounts. This is a brand new computer I bought from dell, shipped to me. The only thing that wasnt new was the HDMI cord. I know this is not default to be able to access accounts systemwide on a computer system, even if that computer system is Windows. But that is how it was shipped to me. Think about it for a second, why should one user be able to access and change another user's files being on the permissions of a User and not an administrator. While thinking of that, im saying that ANY user that is created as a standard user has access to ALL of administrator files. Im not saying that i can install files w/o the UAC and password prompt, but I am saying that I can go thru the administrator's email and alter things under a standard user account. If this seems odd, please help me.......................................

Edited by logikz, 04 September 2011 - 01:19 AM.


#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:22 PM

Posted 04 September 2011 - 12:45 PM

To answer your questions:

1) Yes a serial cable can be used to get information on any serial device, but the user has to know the commands to do so. A serial cable by default can be used to upload any kind of information just as long as the user knows the commands to do so. This would require a lot of intelligence and sophistication as well as physical access to the device.

2) Yes there are privilege escalation malware out there that can be used to gain access to higher level accounts such as administrators, localmachine, and others.

3) How are you creating the accounts, and do these accounts belong to the administrator group?

Can you bring up a command prompt that is elevated via Start > All Programs > Accessories > right click on command prompt and select Run as Administrator:

type in net user usernamehere

Paste the results of all users on the computer.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users