Archive for May, 2010

Enumerating email addresses using search engines (the return!)

Posted: 27th May 2010 by Matt in code, hacks
Tags: , , , , , , , , , , , , , ,
15

About a month ago I wrote a post going over some code that I wrote that basically went out and grabbed email addresses after doing search queries. I’ve since updated the code and was asked to post it, so I decided to just recreate the entire post. Here’s the new code.

Corporate Information Discovery [Part 2]

Posted: 26th May 2010 by Matt in hacks, security
Tags: , , , , , , , , , , , , , , , ,
25

View part 1 of this post here Ok, so we have lots of email addresses and names of employees.. but we know nothing of their network. And, again, because this is the preliminary discovery process, we’re going to avoid getting too aggressive. We just want to collect information at this point. First, lets take a [...]

Corporate Information Discovery [Part 1]

Posted: 25th May 2010 by Matt in hacks, security
Tags: , , , , , , , , , , , , ,
4

I talk a lot about finding information about individuals.. but this post is going to focus on finding information about companies, who works there, email addresses, and any other information I can harvest. It will also talk about how a company can protect itself from some of these “vulnerabilities”.. We’re going to build a profile [...]

Invasion of Privacy. The Sequel.

Posted: 24th May 2010 by Matt in hacks, security
Tags: , , , , , , , , , , , , , ,
14

As promised, I’m posting about another method to obtain private information about people and their personal lives. This one has darker implications, though, so I’m not going to be posting the real names of the people that I find, nor will I post private information. The people listed here simply made a mistake by not [...]

Firewall fun with Scapy

Posted: 21st May 2010 by Matt in hacks, security
Tags: , , , , , , , , , ,
2

I was asked.. “How would you find out if a firewall is forwarding a port to an internal machine or not?” I pondered for a minute, having read a lot about this but never really having much of a use for it.. but the answer is.. TTL. TTL, or “time to live”, determines how long [...]

All your history are belong to us.

Posted: 20th May 2010 by Matt in code, hacks, security
Tags: , , , , , , , , , ,
1

If you read the title of this post and immediately wanted to correct my terrible English, you obviously are not oldschool and have never seen this video:

UPDATED: Linux Vulnerability: sctp_process_unk_param & Scapy

Posted: 18th May 2010 by Matt in code, hacks, security
Tags: , , , , , , , , , , , , , ,
1

I was going through my RSS updates and noticed this: http://www.securityfocus.com/bid/39794. Not good. Any time that there’s a remote DoS against a Linux box, it means bad things. I started digging, because I’m not terribly familiar with SCTP. First, I wanted to know more about the vulnerability itself. I found this: http://permalink.gmane.org/gmane.comp.security.oss.general/2859. Simply put, the [...]

Man in the Middle Attack using Airbase-ng

Posted: 17th May 2010 by Matt in hacks, security
Tags: , , , , , , , ,
3

This is going to be a rather short and sweet post because it’s pretty heavily documented everywhere else. The reason why I’m posting it is because a lot of the information out there on the forums simply does not work, or is not very well explained. The set up I have here is what I [...]

Older Entries