Have you ever wondered who can hack into you machine when you are protected by latest Antivirus updates or HIDS/HIPS solutions. Think again, the video shown below will change your perception altogether…!

Nishant, the security researcher has created this video presentation demonstrating how one can easily and silently steal your secrets without your knowledge. This presentation targets the unpached Windows XP SP3 machine with remote code execution vulnerability MS_08-67. Here Metaspolit (The beautiful & powerful pentesting framework) used to launch the remote exploit to take over the machine. After the remote control is established to the target machine, it uses the meterpreter plugin (part of Metasploit) to capture the stored GMail password from Firefox sign-on store and automatically email it to hacker.

See the remote GMail password hacking live here…

Keep thinking that ‘you are secure’…and next thing you don’t know that nerd sitting next to you has already hijacked your girlfriend 🙂