Thursday, November 6, 2008

The Story of a Hack - Introduction

Over the next few posts throughout November I’ll be doing something slightly different. I’ll be demonstrating the penetration into a fictitious company called HackMe Ltd.

The goal of this series of posts is to demonstrate how simple it is to penetrate a network, steal some data, and then erase the evidence of the intrusion. I’ll also be including details of what measures could have been taken to prevent or detect the attack. I want to keep things simple but still as realistic as possible.

Throughout the story I’ll be using common & simple techniques to footprint, scan and penetrate my target. After gaining access to the target, where at all possible I want to just use the native tools on the compromised systems to find and retrieve my data.


These set of posts are written to educate the reader, and hopefully increase security awareness.


Setting the Scene

So I’ve been given my Target. HackMe Ltd is a popular hobbyist magazine distribution company. My job is to steal the customer database and the accounts database. I must find a way in, get the data and get out, leaving as little evidence as possible.


Part 1 - Reconaisance

Part 2 - Breaking In

Part 3 - Kung Fu Shopping


I hope anyone reading this enjoys these posts and I welcome comments and feedback.

3 comments:

blad3 said...

Bring it on. Can't wait :)

Anonymous said...

I am looking forward to this.

john said...

Hey thanks a lot for sharing such a nice and informative article.Really i am looking forward to this.

By the way for more information on Professional Training and Certification for Ethical Hacking check this link: ETHICAL HACKING