|
|
| Social Engineering... | | Date Created: Apr 30, 2005, 11:09 PM |
Been busy the last few days - doing some fun stuff. A client of mine just got a new server inhouse and it's my job to break in and take his 150GB music file...
I did the typical port scan and saw a few holes to manipulate, so I ran a few other scans for 24 hours to see if I could catch anything - I didn't get much, so I found out where one of his guys would be and just hung out. You'd be surprised what info you can get just by being a fly on the wall...
I got back to the computer and was able to get access to this guys computer remotely (he gave me all I need to figure this out while I was just a fly on the wall - the remote software, username, and password). I got on his computer remotely, ran ethereal on it for a few hours that I knew he would be out of the office (where I was able to snag all usernames and passwords within their network for the different sites and cyber-locations they travel), and then downloaded that file to my computer to study.
Turns out they all use the same remote software (I will not say the name, but will tell you that you can log on to their clients computers straight from the website) and I had their username and password now - so everything in their network was now mine...
I actually, due to the remote software they're using (with a GUI), was able to take complete control of his server, download his 150GB of music, delete all of his music and replace it with a 500MB file, and burned that file to the CD that was in the tray...
Anyway, he's taking the remote GUI off the server itself, and having a talk with his employee on Monday. I talked him into keeping the remote GUI for the "user computers" cause this guy, and his guys, need to be able to access a lot of data from multiple machines from all over the country - they can not be expected to carry around that much data on a single laptop...
He had just got a corporate account with this company who provided the remote GUI so he was kinda steamed, it wasn't really their fault though. The remote software was doing what it is suppose to do - the employee just gave me the opportunity to use it against them. It is a bad idea to have something like that on the server itself though - these guys can access the data they need from their own desktops anyway... |
|
|
|
|
