The NetCAT is out of the bag: Intel chipset exploited to sniff SSH passwords as they're typed over the network

The NetCAT is out of the bag: Intel chipset exploited to sniff SSH passwords as they're typed over the network

Cunning data-snooping side-channel technique is tough to exploit, says Chipzilla


Video It is possible to discern someone's SSH password as they type it into a terminal over the network by exploiting an interesting side-channel vulnerability in Intel's networking technology, say infosec gurus.


In short, a well-positioned eavesdropper can connect to a server powered by one of Intel's vulnerable chipsets, and potentially observe the timing of packets of data – such as keypresses in an interactive terminal session – sent separately by a victim that is connected to the same server.


These timings can leak the specific keys pressed by the victim due to the fact people move their fingers over their keyboards in a particular pattern, with noticeable pauses between each button push that vary by character. These pauses can be analyzed to reveal, in real time, those specific keypresses sent over the network, including pass ..