Stolen Laptop – How to access it?

Viewing 2 reply threads
  • Author
    Posts
    • #6422
      Smythers00
      Participant

      Hi All,

      This is my first post on the forums so my apologies if I’m off topic or in the wrong forum. I’m also a newbie at ethical hacking – a complete virgin if you will, although I’d like to think I do my research before jumping into things like this.

      About two weeks ago, my wife’s laptop was stolen.  Of course we’ve called the police,  and I was surprised to see they’re actually doing a pretty good job of investigating it, they got surveillance footage of the thief in action, along with a good picture shot.  We’ve reported the loss to all the appropriate peoples/companies, changed all our passwords, and all that prudent security junk.  Unfortunately I had no anti-theft software on it, so no real way to check in with it.  I do, however, have all the information like the mac# (which doesn’t seem to do me any good as I don’t have the ISP).  Personally, I’d written the laptop off and already replaced it and I thought I moved on.  It was a cheap laptop, bottom of the line, really. It sucks to have lost it, but I didn’t lose too much sleep over it.

      However, about a week before it was stolen, I set up Microsoft Windows 2010 Pro on it and the wife and I use Outlook calendar to set our schedules.  We’ve set it up to share our calendars with each other online.  Today I got an email showing me my wife’s calendar for today – for the first time since the laptop was stolen.

      So this got me wondering… is there a way to exploit this, to somehow get onto that laptop and install some kind of anti-theft software, or Log Me In, or something like that?

      Any thoughts?

      P.S>  Now using Prey: http://preyproject.com  on all of my machines.  I’d welcome your thoughts on it.

    • #39915
      rattis
      Participant

      Everything I can come up with, more or less involves getting the user to click on something. Either to go to a website and log the ip address, or to install something.

      If they’re going through her outlook, that would indicate to me, they’re looking at her mail. Maybe send an email, let them know they are using stolen goods.

      If you’re luck, you get the hardware back, or the data, or something.

    • #39916
      sil
      Participant

      I will respond to the prey portion of the question…

      Prey works when a lowly thief with otherwise zero experience steals your laptop sure. But what can it really tell you? The reality is, nothing worthwhile. It will place them likely via a geolocated fixed address of what it interprets. Now… I live in CT, whenever I use cable @ home, I almost ALWAYS resolve to an IP address in Rhode Island. Whenever I connect from work, I get news.google.co.uk even though my IP space is in the US. So what do you think prey will do other than prey on your wallet?

      So let’s take a quick look at how prey would work: Windows starts up, application/service is started: “Hey look at me! Here is my IP” –> prey servers. So what? 1) Does nothing if someone formats the drive. 2) Does nothing if someone firewalls OUT preys connection. 3) Does nothing if someone goes through the start up services and turns it off.

      About I don’t know 5 years ago or something when a company named Absolute (LoJack for Laptops) touted the same thing. I systemically dissected their BS and publicly called them out on it (see link if you’d like). Doesn’t work as much as they would like you to *think* it does. It will work against junkies who need a quick hit and petty thieves though. All it will do is say: “Look the petty thief who stole your machine logged in from an IP somewhere in the world”

      What was funnier was when Core Security found even more issues 3 years after me (second link). Your best bet to secure your data is boot level encryption. (TrueCrypt). The likelihood of you retrieving a laptop is really low unless you live in a densely populated location.

      http://cryptome.org/lojack-hack.pdf
      http://www.zdnet.com/blog/security/researchers-find-insecure-bios-rootkit-pre-loaded-in-laptops/3828

Viewing 2 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?