Results 1 to 11 of 11

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Banned
    Join Date: Mar:2008
    Location: ( ͡ ͜ʖ ͡)
    Posts: 10,614

    , TeamViewer , !

    TeamViewer has been hacked. They are denying everything and pointing fingers at the users.
    I covered one of the TeamViewer news articles. I wouldn't trust TeamViewer
    Teamviewer Breach Masterthread - Please post your details and if you were a victim or not


    For those concerned with whether or not they have been compromised. Check your logs. I have written a simple dos script that will search your logs for connections and will output the files to a text file on your desktop. If you have installed teamviewer somewhere other than the default location, than change the first line to point to it. Simply open a command Prompt. (Windows key + R | cmd | enter)or(start | cmd | enter) Copy the first line below that starts with cd. Right click and paste in command window. Hit enter. Copy the Second two lines and paste into command window. Hit enter.

    cd "C:\Program Files (x86)\TeamViewer"
    findstr "GWT.CmdUDPPing.UDPMasterReply |findstr GWT.CmdUDPPing.PunchReceived" *.log >> %userprofile%\Desktop\TeamViewerIPs.txt


    Now that you have your ip list, Check that against a geo location site like https://www.iplocation.net/ or http://geomaplookup.net/ Use that map to see if the ip location is near the places you have used teamviewer, either locally or remotely.
    :
    Code:
    C:\Program Files\TeamViewer\VersionX\Connections_incoming.txt, TeamViewerX_Logfile.log, TeamViewer11_Logfile.txt
    C:\Program Files\TeamViewer (x86)\VersionX\Connections_incoming.txt, TeamViewerX_Logfile.log, TeamViewer11_Logfile.txt
    C:\Users\XXX\AppData\Roaming\TeamViewer\Connections.txt

    webbrowserpassview.exe, :

    Code:
    2016/05/31 09:35:24.025  2504  3388 H64  explorer.exe: New titlebarbutton positioning method got no meaningful data. Fallback to old positioning method.
    2016/05/31 09:35:24.025  2504  3388 H64  explorer.exe: Got last destroy msg, freeing
    2016/05/31 09:35:24.025  2504  3388 H64  explorer.exe: Freeing Button Resources
    2016/05/31 09:35:24.025  2504  3388 H64  explorer.exe: Could not unreg Class TeamViewer_TitleBarButtonClass
    2016/05/31 09:35:24.025  2504  3388 H64  explorer.exe: Destroying all Titlebar Buttons
    2016/05/31 09:35:25.796  8108  7280 H32  webbrowserpassview.exe: SharedMem Connected (seg = 0x8b0000, refcnt = 1)
    2016/05/31 09:35:25.847  2504  4656 H64  explorer.exe: DragInterceptorWndProc: Message received uMsg=0x001c wParam=0
    2016/05/31 09:35:25.857  8108  7280 H32  webbrowserpassview.exe: Windows Version 6.2
    2016/05/31 09:35:25.857  8108  7280 H32  webbrowserpassview.exe: Registered Class TeamViewer_TitleBarButtonClass
    2016/05/31 09:35:25.857  8108  7280 H32  webbrowserpassview.exe: Initialized Button Resources
    2016/05/31 09:35:25.857  8108  7280 H32  webbrowserpassview.exe: Creating Title Bar Button, parent = 0x404ba
    2016/05/31 09:35:25.862  8108  7280 H32  webbrowserpassview.exe: dll cannot unload safely!
    2016/05/31 09:35:25.862  8108  7280 H32  webbrowserpassview.exe: InitTheme CaptionButtonWidth=36 FixedFrameWidth=3 ThickFrameWidth=8 AlwaysCompositing=1 ThemeChanged=1 Theme=6
    2016/05/31 09:35:25.862  8108  7280 H32  webbrowserpassview.exe: Number of title bar buttons: 4
    2016/05/31 09:35:25.862  8108  7280 H32  webbrowserpassview.exe: Using new titlebarbutton positioning method!
    2016/05/31 09:35:25.862  8108  7280 H32  webbrowserpassview.exe: InitTheme CaptionButtonWidth=36 FixedFrameWidth=3 ThickFrameWidth=8 AlwaysCompositing=1 ThemeChanged=0 Theme=6
    2016/05/31 09:35:25.862  8108  7280 H32  webbrowserpassview.exe: Creating tbb = 0x721da648, hwnd = 0x404ba, wndproc = 0x4016dd
    2016/05/31 09:35:25.862  8108  7280 H32  webbrowserpassview.exe: Number of title bar buttons: 4
    2016/05/31 09:35:25.863  8108  7280 H32  webbrowserpassview.exe: Using new titlebarbutton positioning method!
    2016/05/31 09:35:26.995  8108  7280 H32  webbrowserpassview.exe: DrawWindows8Button style=1 top=0 left=0 width=33 height=21
    2016/05/31 09:35:30.712  8108  7280 H32  webbrowserpassview.exe: DrawWindows8Button style=5 top=0 left=0 width=33 height=21
    2016/05/31 09:35:50.274  8108  7280 H32  webbrowserpassview.exe: Number of title bar buttons: 4
    2016/05/31 09:35:50.275  8108  7280 H32  webbrowserpassview.exe: Using new titlebarbutton positioning method!
    2016/05/31 09:35:50.701  1708  2180 S0!  UdpConnection[105]: UDP statistics: prp=18
    2016/05/31 09:35:52.529  2504  4656 H64  explorer.exe: DragInterceptorWndProc: Message received uMsg=0x001c wParam=1
    2016/05/31 09:35:53.164   732  4660 H32  chrome.exe: SharedMem Connected (seg = 0x8f0000, refcnt = 1)
    2016/05/31 09:35:53.224  1544  7388 H32  chrome.exe: SharedMem Connected (seg = 0x420000, refcnt = 1)
    2016/05/31 09:35:53.990  2504  4656 H64  explorer.exe: DragInterceptorWndProc: Message received uMsg=0x001c wParam=0
    2016/05/31 09:35:54.012   732  4660 H32  chrome.exe: Windows Version 10.0
    2016/05/31 09:35:54.012   732  4660 H32  chrome.exe: Registered Class TeamViewer_TitleBarButtonClass
    2016/05/31 09:35:54.012   732  4660 H32  chrome.exe: Initialized Button Resources
    /Hidden: logs


    !
    Last edited by nitrous; 3rd June 2016 at 15:29.

  2. #2
    Registered User
    Join Date: Oct:2011
    Location:
    Posts: 430
    teamviewera. , paypal
    Last edited by NICHIRENSHU; 6th June 2016 at 08:57.
    . - , -

  3. #3
    Registered User atscata's Avatar
    Join Date: Jul:2006
    Location: Plovdiv
    Posts: 3,158
    Google Remote Desktop RDP. , , .

  4. #4
    Registered User Jiroo's Avatar
    Join Date: Feb:2016
    Location: Europe
    Posts: 73
    Teamviewer- . . RDP -, GRD . .
    Teamviewer Ammyy. , , .

  5. #5
    Registered User atscata's Avatar
    Join Date: Jul:2006
    Location: Plovdiv
    Posts: 3,158
    , , . .

    , . , id, ip ( ) . .

  6. #6
    Registered User
    Join Date: Jun:2013
    Location: >.<
    Posts: 6,182
    Teamviewer (Windows, Linux, Mac, Andorid ).
    teamviewer, (, web ..).
    05934kdjfsflk%$)(*%IKLJFDSLKFJDSLKJFLKSD .

    () 5 ( ) .. - (backend-a) facebook, gmail .. - 1 10. . , 0 .

    Chrome google... ... . , ( ).

    RDP: AMMYY, AnyDesk ... SSH (SSH Windows 2008/2012 )

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Copyright © 1999-2011 . .
iskamPC.com | mobility.BG | Bloody's Techblog | | 3D Vision Blog |