From: Lee Lawson (leejlawson@gmail.com)
Date: Fri Feb 02 2007 - 04:43:20 EST
Have you just admitted to committing a crime? I don't see how you
could have obtained prior written permission from all of Dr X's
contacts before you started the 'test'.
I don't think anyone on the mailing list would condone that sort of
action. Please stay legal or you will ruin it for the rest of us!
On 2/2/07, Nicolás F. Iglesias <nfiglesias@gmail.com> wrote:
> Once, i did a personalized phisymail from a personal PC, catched through
> Netbios. The intrusion was as follow:
>
> - I found a Winbox on internet, from Dr. X (i don't remember his real name).
> He has the netbios opened, so it was easy to broke his lan.
> - I learned, from DOCs, LOGs, websites visited and all data i found on his
> HD, who was and what kind of person he was.
> - I wrote an email, using a language according to his "personality"
> (university phd and so on...) and i "invited" his contacts to test a
> financial software (he and his contacts, all working on economy and
> finances).
> - The fake soft has a keylogger on it. The logs was sent to my free
> emailaddress.
> - In a few days, i was able to see all data from his friends and very
> interesting people (one working at my country's defense agency as an IT
> consultant), bank accounts, credit cards,etc. But it just was a nice
> experience and i didn't stole a penny.
>
> What i'm trying to expose is that, on phishing, you have to develop social
> engineering.
>
> NiCo
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
>
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------
>
>
-- Lee J Lawson leejlawson@gmail.com leejlawson@hushmail.com "Give a man a fire, and he'll be warm for a day; set a man on fire, and he'll be warm for the rest of his life." "Quidquid latine dictum sit, altum sonatur." ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:34 EDT