Results 1 to 11 of 11

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Banned
    Join Date: Mar:2008
    Location: ( ͡° ͜ʖ ͡°)
    Posts: 10,614

    Âíèìàíèå, TeamViewer å õàêíàò, ïðîâåðåòå ñè ëîãîâåòå!

    TeamViewer has been hacked. They are denying everything and pointing fingers at the users.
    I covered one of the TeamViewer news articles. I wouldn't trust TeamViewer
    Teamviewer Breach Masterthread - Please post your details and if you were a victim or not


    For those concerned with whether or not they have been compromised. Check your logs. I have written a simple dos script that will search your logs for connections and will output the files to a text file on your desktop. If you have installed teamviewer somewhere other than the default location, than change the first line to point to it. Simply open a command Prompt. (Windows key + R | cmd | enter)or(start | cmd | enter) Copy the first line below that starts with cd. Right click and paste in command window. Hit enter. Copy the Second two lines and paste into command window. Hit enter.

    cd "C:\Program Files (x86)\TeamViewer"
    findstr "GWT.CmdUDPPing.UDPMasterReply |findstr GWT.CmdUDPPing.PunchReceived" *.log >> %userprofile%\Desktop\TeamViewerIPs.txt


    Now that you have your ip list, Check that against a geo location site like https://www.iplocation.net/ or http://geomaplookup.net/ Use that map to see if the ip location is near the places you have used teamviewer, either locally or remotely.
    Äðóãî ìÿñòî çà ëîãîâå:
    Code:
    C:\Program Files\TeamViewer\VersionX\Connections_incoming.txt, TeamViewerX_Logfile.log, TeamViewer11_Logfile.txt
    C:\Program Files\TeamViewer (x86)\VersionX\Connections_incoming.txt, TeamViewerX_Logfile.log, TeamViewer11_Logfile.txt
    C:\Users\XXX\AppData\Roaming\TeamViewer\Connections.txt

    Ïîòúðñåòå â ëîãîâåòå çà webbrowserpassview.exe, àêî ñå íàìåðè ïîäîáåí ðåçóëòàò:

    Code:
    2016/05/31 09:35:24.025  2504  3388 H64  explorer.exe: New titlebarbutton positioning method got no meaningful data. Fallback to old positioning method.
    2016/05/31 09:35:24.025  2504  3388 H64  explorer.exe: Got last destroy msg, freeing
    2016/05/31 09:35:24.025  2504  3388 H64  explorer.exe: Freeing Button Resources
    2016/05/31 09:35:24.025  2504  3388 H64  explorer.exe: Could not unreg Class TeamViewer_TitleBarButtonClass
    2016/05/31 09:35:24.025  2504  3388 H64  explorer.exe: Destroying all Titlebar Buttons
    2016/05/31 09:35:25.796  8108  7280 H32  webbrowserpassview.exe: SharedMem Connected (seg = 0x8b0000, refcnt = 1)
    2016/05/31 09:35:25.847  2504  4656 H64  explorer.exe: DragInterceptorWndProc: Message received uMsg=0x001c wParam=0
    2016/05/31 09:35:25.857  8108  7280 H32  webbrowserpassview.exe: Windows Version 6.2
    2016/05/31 09:35:25.857  8108  7280 H32  webbrowserpassview.exe: Registered Class TeamViewer_TitleBarButtonClass
    2016/05/31 09:35:25.857  8108  7280 H32  webbrowserpassview.exe: Initialized Button Resources
    2016/05/31 09:35:25.857  8108  7280 H32  webbrowserpassview.exe: Creating Title Bar Button, parent = 0x404ba
    2016/05/31 09:35:25.862  8108  7280 H32  webbrowserpassview.exe: dll cannot unload safely!
    2016/05/31 09:35:25.862  8108  7280 H32  webbrowserpassview.exe: InitTheme CaptionButtonWidth=36 FixedFrameWidth=3 ThickFrameWidth=8 AlwaysCompositing=1 ThemeChanged=1 Theme=6
    2016/05/31 09:35:25.862  8108  7280 H32  webbrowserpassview.exe: Number of title bar buttons: 4
    2016/05/31 09:35:25.862  8108  7280 H32  webbrowserpassview.exe: Using new titlebarbutton positioning method!
    2016/05/31 09:35:25.862  8108  7280 H32  webbrowserpassview.exe: InitTheme CaptionButtonWidth=36 FixedFrameWidth=3 ThickFrameWidth=8 AlwaysCompositing=1 ThemeChanged=0 Theme=6
    2016/05/31 09:35:25.862  8108  7280 H32  webbrowserpassview.exe: Creating tbb = 0x721da648, hwnd = 0x404ba, wndproc = 0x4016dd
    2016/05/31 09:35:25.862  8108  7280 H32  webbrowserpassview.exe: Number of title bar buttons: 4
    2016/05/31 09:35:25.863  8108  7280 H32  webbrowserpassview.exe: Using new titlebarbutton positioning method!
    2016/05/31 09:35:26.995  8108  7280 H32  webbrowserpassview.exe: DrawWindows8Button style=1 top=0 left=0 width=33 height=21
    2016/05/31 09:35:30.712  8108  7280 H32  webbrowserpassview.exe: DrawWindows8Button style=5 top=0 left=0 width=33 height=21
    2016/05/31 09:35:50.274  8108  7280 H32  webbrowserpassview.exe: Number of title bar buttons: 4
    2016/05/31 09:35:50.275  8108  7280 H32  webbrowserpassview.exe: Using new titlebarbutton positioning method!
    2016/05/31 09:35:50.701  1708  2180 S0!  UdpConnection[105]: UDP statistics: prp=18
    2016/05/31 09:35:52.529  2504  4656 H64  explorer.exe: DragInterceptorWndProc: Message received uMsg=0x001c wParam=1
    2016/05/31 09:35:53.164   732  4660 H32  chrome.exe: SharedMem Connected (seg = 0x8f0000, refcnt = 1)
    2016/05/31 09:35:53.224  1544  7388 H32  chrome.exe: SharedMem Connected (seg = 0x420000, refcnt = 1)
    2016/05/31 09:35:53.990  2504  4656 H64  explorer.exe: DragInterceptorWndProc: Message received uMsg=0x001c wParam=0
    2016/05/31 09:35:54.012   732  4660 H32  chrome.exe: Windows Version 10.0
    2016/05/31 09:35:54.012   732  4660 H32  chrome.exe: Registered Class TeamViewer_TitleBarButtonClass
    2016/05/31 09:35:54.012   732  4660 H32  chrome.exe: Initialized Button Resources
    Ñêðèò/Hidden: logs


    Âåäíàãà ñè ñìåíåòå ïàðîëèòå íàâñÿêúäå!
    Last edited by nitrous; 3rd June 2016 at 15:29.

  2. #2
    Registered User
    Join Date: Oct:2011
    Location: Ïëîâäèâ
    Posts: 430
    Àáå åäèí ïðèÿòåë íàñêî ñå îïëàêà ÷å íÿêîé ìó âëèçà â teamviewera. Èçïîëçâàë ãî å çà ðåìîòå êîíòðîë è êàêòî ñè ñåäÿë ãëåäà íÿêîé ñå ëîãâà, îòâàðÿ áðàóçåðà è òðúãâà äà îòâàðÿ paypal
    Last edited by NICHIRENSHU; 6th June 2016 at 08:57.
    Ñåìêè. Ïî-ëåñíî å äà ãè èçïëþåòå, íî å ïî-ïîëåçíî äà ãè ãëúòíåòå

  3. #3
    Registered User atscata's Avatar
    Join Date: Jul:2006
    Location: Plovdiv
    Posts: 3,158
    Àç ïîëçâàì Google Remote Desktop è RDP. Íÿìà ðåêëàìè, íÿìà ëèìèòè âúâ âðåìåòî, íÿìà íèùî.

  4. #4
    Registered User Jiroo's Avatar
    Join Date: Feb:2016
    Location: Europe
    Posts: 73
    Ãîëåìèÿò ïëþñ íà Teamviewer-à å íåãîâàòà ìàñîâîñò. Âñåêè òðåòè ãî èìà. Ñ RDP å ïî-ñëîæíî, íî âèæ ñ GRD ìå çàèíòðèãóâà. Ùå ãî ïðåãëåäàì è àêî ãî íÿìà ïðîáëåìà ñ ïðîäúëæèòåëíîñòòà íà ñåñèèòå ùå ìå ñïå÷åëè.
    Ïàëåëíî ñ Teamviewer èçïîëçâàì è Ammyy. Òàì ñúùî èìà ðàçíè îãðàíè÷åíèÿ, àêî ñå ïðåêàëè, íî èíà÷å å ïðèëè÷íà ïðîãðàìêà.

  5. #5
    Registered User atscata's Avatar
    Join Date: Jul:2006
    Location: Plovdiv
    Posts: 3,158
    Íÿìà îãðàíè÷åíèÿ è õóáàâîòî å ÷å å ÷àñò îò Õðîì, à íå íÿêàêâà îòäåëíà ïðîãðàìà, êîÿòî äîïúëíèòåëíî äà òîâàðè. Òîé Õðîìà òàêà èëè èíà÷å ñå çàðåæäà ñ áóóòâàíåòî íà óèíà è ñè áà÷êà ïîñòîÿííî.

    Ïðè Àìèòî ïðîáëåìà å, ÷å áðàóçåðèòå è àíòèâèðóñíèòå ÿ õâàùàò êàòî çëîâðåäåí ñîôòóåð è çàòîâà å ìàëêî òðóäíî äà ñå ïîäêàðà. Èìà è òÿ íÿêàêâè îãðàíè÷åíèÿ, êîãàòî ñå ñâúðçâàø ïî id, íî ïî ip (âúòðåøíà ìðåæà) âðúçêà å íåîãðàíè÷åíî. Ïîíå òàêà ïèøå â ñàéòà èì.

  6. #6
    Registered User
    Join Date: Jun:2013
    Location: >.<
    Posts: 6,182
    Teamviewer ðàáîòè èäåàëíî íà âñè÷êî è íàâñÿêúäå (Windows, Linux, Mac, Andorid è êàêâîòî ñå ñåòèòå).
    Äà ñå ñëàãà ïàðîëà åäíàêâà íà ìíîãî ìåñòà êàòî ëîãèí å ïðîáëåì íå íà teamviewer, à íà âñÿêà ïðîãðàìà (ñîôòóåð, web è ò.í.).
    Ïðîñòî ñå ïîëçâà íàâñÿêúäå ðàçëè÷íà ïàðîëà âúâ âèäà íà 05934kdjfsflk%$)(*%IKLJFDSLKFJDSLKJFLKSD è ñè ñâèðêàø.

    À êàòî çíàì êîëêî íàðîä (ïðîôåñèîíàëèñòè) èìàò åäíà è ñúùà ïàðîëà íà 5 ìåéëà (âàæíè çà òÿõ) íà ïðîôèëè â ñîöèàëíè ìðåæè è ò.í. íàïðàâî ñå ó÷óäâàì - äà âèäÿò ïàðîëàòà â ÷èñò âèä ïðèëîæåíèÿ (backend-a) êàòî facebook, gmail è ò.í. å ïî-ëåñíî îò òîâà äà íàïèøåø öèôðèòå îò 1 äî 10. Åñòåñòâåíî íÿìà äà ñè ïðèçíàÿò. Íî ïîäîáíè õðàíèëèùà íåÿâíî ñå èçïîëçâàò çà ðàçáèâàíå íà ïàðîëè, áàðàáàð ñ ìîùíîñòòà íà ñìåòêèòå íà äíåøíèÿ õàðäóåð äîðè ãîðíàòà ïàðîëà ùå ñå ñ÷óïè çà 0 âðåìå.

    Äà ñå äîâåðÿ íà Chrome è âñè÷êè ñåñèè äà ìèíàâàò ïðåç google... õììì... íå ìèñëÿ. Íå, ÷å èìàì êðèòè÷íî âàæíè äàííè (òàì êúäåòî èìàì íÿìàì îòäàëå÷åí äèðåêòåí äîñòúï è âñè÷êî îñúùåñòâÿâàì ïðåç äîñòà ìàøèíè).

    Èìà åäèí òîí ñîôòóåðè ïðåäëàãàùè îòëè÷íè âàðèàíòè çà êîíåêöèè è çàîáèêàëÿùè ïðîáëåìèòå íà RDP: AMMYY, AnyDesk è äðóãè... Ñúðâúðèòå äî ñòúïâàì ïðåç êðèïòèðàíè òóíåëè íà SSH (SSH êúì Windows 2008/2012 )

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Copyright © 1999-2011 Õàðäóåð ÁÃ. Âúçìîæíî å ñúäúðæàíèåòî íà òàçè ñòðàíèöà äà å îáåêò íà àâòîðñêè ïðàâà.
iskamPC.com | mobility.BG | Bloody's Techblog | Êðèïòîâàëóòè è ìàéíèíã | 3D Vision Blog | Ìàãàçèí çà åëåêòðîííè öèãàðè