RE: Hacking to Xp box

From: McKinley, Jackson (Jackson.McKinley@team.telstra.com)
Date: Sun Sep 04 2005 - 20:16:08 EDT

• Next message: Jimmy: "EXPLODE YOUR SEX LÍFE WÍTH VÍAGRA!!"
• Previous message: Michael Gargiullo: "RE: Oracle TNS Listener"
• Maybe in reply to: Juan B: "Hacking to Xp box"
• Next in thread: Kelly Scroggins: "Re: Hacking to Xp box"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Move your focus to something that external and internal stakeholders are
going to freak out about.

Go for Databases, guarded corp secrets, websites, dns servers.

My first points of interest are always what is going to make the company
loose the most money if someone got into them. Then try to think like a
hacker not a sysadmin, as someone as already pointed out.

Set some benchmarks for your tests and get written approval or even
verbal will do to go ahead with the testing. Remember you are going to
be attempting to break into your companies systems you may get luck or
you may create a DoS condition...

My first point is always a dig on the targets domain. This will give
you some good info to start with. MX, NS, WWW. These are all points to
which you can gain access.

It will also tell you a lot about the companies "online" size. Do they
have a whole /24? Or only a couple of IP's.. Who owns the IP's? is it an
ISP in your area? Is it a data centre that has good protections for
there clients? Is there upstream vuln to attack? Do they have a lot of
stupid dns records they don't need? I always find the
vpn.whatevercompany.com to be interesting.

Also the contact info in the whois records for there IP's will give you
emails.. These can be used to work out possible username strings. Lots
of companies get users to login as there email address's, you now know
what the company uses as emails. Also these can be used for attacking
mailservers. Attempt to gain access to PoP accounts.

If you start broad and then draw up you attack vectors and move from
there its always a safe bet you will find most of the wholes. But there
is always the possibility that you will be still "own3d"

Cheers

Jack.

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Jimmy: "EXPLODE YOUR SEX LÍFE WÍTH VÍAGRA!!"
• Previous message: Michael Gargiullo: "RE: Oracle TNS Listener"
• Maybe in reply to: Juan B: "Hacking to Xp box"
• Next in thread: Kelly Scroggins: "Re: Hacking to Xp box"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:49 EDT