From: Peter Manis (manis@digital39.com)
Date: Mon Aug 13 2007 - 19:36:03 EDT
I didn't have a specific type I was curious about. I was watching
training not long ago and he mentioned social engineering up the point
of getting an actual job with the company as a janitor. He also
mentioned picking up the wireless signals from outside the building
and gaining access that route. Using a sonic ear would be much like
sitting in a parking lot trying to gain access via wireless. It made
me curious if people went as far as using the gadgets you can buy or
if that was just the glitz and glamor side of things that never
happen. Sorta like how a spy's life is far from the lifestyle of
James Bond, but I'm sure situations arise where some pretty sick
technology is used.
Looking from the outside in on a profession I know little about, I
think the ability to use a listening device could be a potentially
large hole. So it isn't about becoming a white hat and carrying a
trunk full of gadgets to be "cool" and to hack the gibson. I didn't
know if some have had contracts where you really did need to fill in
every single crack.
On 8/13/07, kevin horvath <kevin.horvath@gmail.com> wrote:
> What type of pen test are you referring to? Network, wireless and/or
> RFID, voip, app, social, etc? From what you are asking it seems more
> like a social engineering exercise but even that is far fetched (as
> for using sonic ear devices). Now using multiple laptops (ie 2) is
> often used during internal or wireless engagements and especially
> pda's for wireless. As for rollup keyboards they are not needed but i
> guess they might be useful for a pda instead of using the qwerty
> keypad.
>
> Kevin
>
> On 8/11/07, Peter Manis <manis@digital39.com> wrote:
> > What do you carry with you when you are on the job? I watched a video
> > from Iron Geek showing multiple laptops, PDAs, etc and I was curious
> > what items you have found to be important when going on the job. In
> > movies they show the glitz and glamor side of things with rollup
> > keyboards and gadgets most people probably don't need, but do any of
> > those things come in handy often enough to take them?
> >
> > At the risk of being laughed at have you heard of people going as far
> > as bringing sonic ear type devices or similar surveillance devices to
> > pull information that way?
> >
> > Please keep in mind I am very new to the world of pen testing so I
> > really don't know what situations you can get into other than what I
> > have heard, but I also heard the world was flat.
> >
> > PM
> >
> > ------------------------------------------------------------------------
> > This list is sponsored by: Cenzic
> >
> > Need to secure your web apps NOW?
> > Cenzic finds more, "real" vulnerabilities fast.
> > Click to try it, buy it or download a solution FREE today!
> >
> > http://www.cenzic.com/downloads
> > ------------------------------------------------------------------------
> >
> >
>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:01 EDT