Network penetration firm compromises network with rigged mouse

Started by pctech, Jun 29, 2011, 13:48:33

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Print
Go Down Pages1
User actions

Glenn

#1
Jun 29, 2011, 13:53:58
I was reading that yesterday, how do they ensure that the mouse goes on a particular network, without having access to the company?
Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

pctech

#2
Jun 29, 2011, 13:56:37
As they were engaged by the company (presumably the IT department) they probably prepared the device, gave it to their contact who plugged it into a PC connected to the network.

Glenn

#3
Jun 29, 2011, 15:30:30
I was thinking outside of the experiment, so say hacking into a bank or other large company.
Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Technical Ben

#4
Jun 29, 2011, 15:51:24 Last Edit: Jun 29, 2011, 15:57:35 by Technical Ben
Quote from: pctech on Jun 29, 2011, 13:56:37
As they were engaged by the company (presumably the IT department) they probably prepared the device, gave it to their contact who plugged it into a PC connected to the network.


It was not a contact. They just posted it to an address listed in the public accessible company documanets/website. With a covering letter, making it look like promotional material. :)
So, be very reluctant to plug in that "free" 256mb usb drive you receive in the post as a "special offer". (This has also been done at PC expos!  :slap:  :eek4:  :no: )

Oh, Glenn, I would guess you would need to know something about the software you are attacking. At the least, this is a key logger or key presser programmed into the hardware. So you could just log key presses for account details or passwords. Once it has these, it then "replays" the key presses followed by your desired command. Such as "*windows key* cmd [connect to my server and upload C: drive]". As long as you have compromised an IT or managers pc, it's likely you have the account with external access. Even banks and the like use Windows. Else if it's only a dumb terminal you got access to, you still have access to everything the staff do. So company Intranet, shared drives etc. From there you could try easy attacks. It's limited, but you've still got a "man" or rather "mouse" on the inside.  ;D
I use to have a signature, then it all changed to chip and pin.

pctech

#5
Jun 29, 2011, 17:18:14
Quote from: Glenn on Jun 29, 2011, 15:30:30
I was thinking outside of the experiment, so say hacking into a bank or other large company.

Lot of social engineering involved as Ben says.

Couple of people have fallen foul of clicking on the links in those 'you have a virus' e-mails/pages.

A temporary member of staff was so alarmed she called me over and I managed to close the page before she clicked run on the malware.

Print
Go Up Pages1
User actions