Inception | Break & Enter - Improving security by breaking it
in case your laptop is stolen...
To all of the mac/linux/bsd users here:
Put this in a shell script, and add it to cron, run it once a minute or so.
if wget http://myserver.com/sshreverse; then ssh -R 2900:localhost:22 User@myserver.com; fi
If your box is ever stolen, put a file on your webserver called "sshreverse". Wait about a minute, then do:
ssh whatever_your_username_is_on_your_mac@localhost -p 2900
Now you've got an SSH connection back into your laptop. Use this to install a keylogger, take a picture, etc. etc.
(This will get you around NAT devices like wifi routers and the like [or firewalls or whatever. This is a reverse ssh session, to the firewall, it looks like an outbound connection])
edit: want to just say that that exact string of commands isn't something I wrote, a fellow hacker recommended it to me about a year ago or so.
Podcasts for Hackers - Design Pepper
Adventures with Daisy in Thunderbolt-DMA-land: Hacking Macs through the Thunderbolt interface | Break & Enter
Yes, it is possible to hack a Mac through the new DisplayPort/Thunderbolt interface, exactly the same way it is possible to hack Macs and PCs through FireWire interfaces.