If you've got Backtrack or a copy of Metasploit, why don't you use that to generate yourself a payload hidden inside a rouge file, such as a PDF? Once the victim opens it, you can configure it to send back something called a Meterpreter session to your computer, where you can actually drop to a shell or even use a command which starts capturing keystrokes. Pretty sure you can even do things like log the user out, forcing them to log back in again and enter their Windows password (and probably all the other passwords they'll be entering when they log back into their email accounts, etc).
I'd give it a shot if I were you, it's great fun and it really works. Oh, did I mention you can encrypt the payload so that it doesn't alert AV?
Comments
I'd give it a shot if I were you, it's great fun and it really works. Oh, did I mention you can encrypt the payload so that it doesn't alert AV?