My assignment is to gather information about a business so that a criminal could craft an attack to steal either data...

Once you have an employee and know their email send them a message from a fake email and ask if they can forward you the company mailing list, say you lost your copy and have to get a message to Dave in HR by the end of the day.

That's brilliant and I love you!

most company's email structure is either [email protected] or [email protected]

You can search Facebook accounts that mention certain companies to find your entry person. People love to brag about jobs.

not sure if this is the sort of thing you're thinking about
kali.org/

A great way to do this is load a virus onto flash drives and throw them into parking lots. people will always pic them up and try to see whats on them. load cat pics or some shit so they have something to look at. the virus loads and your in.

FB/search/str/enterprofilenumberofwhatevercompanyhere/employees

You can be smarter about it than this. Find out an employee and his manager. You can easily craft an email with the sender as the manager requesting the underling to pass on sensitive information. Just look up the protocols for email.

You should look through the companies hiring policy as well. If you can find a job like a janitor or if they have regular mail, maintenance, or other contract staff you can easily forge the ID and gain physical access to their systems.

Put malware on some CDs and write "payroll" or "confidential" on them and go drop them in the bathroom or around the office of a company. Literally a 100% chance that you will infect a computer at the place and get information.

If you can gain physical access just give yourself a nice rdp login

Basically, if your target company is completely non-retarded they hired someone to set up their network, which means you're going to be trying to crack an experienced security companies defense.

On the other hand, most regular people's passwords are abc123 so you should target the more vulnerable aspects of that company ie. regular employees.

But if you can get an employee to divulge sensitive information then you just have to research the hierarchy of the company and find the people who work in HR, payroll, and if you're really good the network admin.

chances are you're not gonna have admin rights once you get in. So you won't be able to install with admin rights.

There are a lot of password crackers out there though and you can easily gain fast access to admin rights. Problem is they're gonna notice that way. So either you get in, grab the data and go, or find a way to gain access without being detected. (Gonna be hard)

Everyone here has been so helpful! I'm super appreciative!

Kill yourself.

Try hackthissite.org, they have some good info and the forum is usually helpful

SQLi super basic but probably fine for intro class

Pick a small business. Their shit will be unprotected and easier to grab info off. If you were to steal data really all you need is their wifi connection or inside access. Wifi would be easier with the right tools. Having inside access would be easier. Inside all you need is some simple shit like basic password cracking knowledge. My work is actually a pretty big company and most of their passwords revolve around password123. Most information that would be of any use would be in the open either on the desktop or somewhere under text files. To steal money may be harder. If you are to Gaither information you would need closing and opening times. Times the janitor may be in or if some people stick behind. Watch the place for about a week starting Sunday and ending Sunday. Write down patterns you see with employees. Wait to find the perfect time in before closing. Be sure to enter before closing but also know when they actually finish closing and go home. Watch cameras anything that may be used to track you (Duh!) Hide some place like the toiliet room. Be sure to ask for the location days before to hide away until you are sure they are gone. If they have cameras your best bet is to paint over the lens without being seen. A cheap mask would help along with cloths you can ditch. Be sure to check back rooms and unmarked doors. The money from the cash register is usually in there. This is about all I can think about. I work in a grocery store so I have a bit of knowledge on these types of places.

Fuck the boss's daughter
take pics
threaten
????
profit

Fuck the boss's daughter
take pics
threaten
????

>Get email back from boss with pics of him fucking his own daughter and saying you have a small cock

keked

Flormed

You wanna rob a fkin grocery store...wtf bro
You're gonna end up with computer fraud, break and enter, robbery and get 2 years in prison for like ...$1000 bucks? jesus

What tools are available for windows?

Not if you kill the witnesses and burn the place down with enough gasoline and leave on foot through the woods so the traffic cams are worthless to the detectives that get the shit detail with no evidence

>A brick works nicely

underrated boaste

-.-
Nice one. Guess I should have capitalized it.
Also, asshat.

>Fine

Then Try nmap

So you gonna add murder and arson charges to this $1000 score. You consider that dogs will track you back to your place? You left your shoe prints all over the fucking place.

Probably gonna use your Dad's gun and load the bullets without gloves lol

amateur

You underestimate the size of the fire I plan to start homie

Tought that was for unix-like OSes only...learn something new everyday.

Well, unless you get your hands on some jet fuel you wont be able to melt those steal beams.

LOL hahaha respect

You can get it for Windows too these days, as far as testing a network for open ports and domain ranges it's prolly your best bet. But if you start doing this crap you will alarm any competent nerd they have working.

fml

though you're still only robbing a grocery store lol

Jet beams can't melt steel fuel, everybody knows THAT

That wasn't even my post, I was just planning a way to get away with it, haha

the low orbit ion cannon is the tool you need for info gathering

So, how would you scan for open ports without the server logging any of it?

can't go wrong with LOIC

Use maltego faggot

Dude LOIC is the best for getting information on a ip

not for gathering information, n00b

There are some scans that you can run that won't cause red flags, but you best bet is to use a netbook with a live distro at a coffee shop and just do as much as you possibly can, they aren't going to lock down absolutely everything just from one scan but they might lock some of it down.

how to reconnaissance sans . org/reading-room/whitepapers/auditing/art-reconnaissance-simple-techniques-60

Do a syn scan (-Ss). No three way handshake, no logs.

>hackertyper.com
>Hack as much as you can as quick as you can
>???
>Profit!

I can't tell if I like this thread or hate it.
On one side its different and good topic.
On other hand OP is worse hacker than script kiddies with LOIC

recon-ng
DNSrecon
Fierce
whois
dig
theHarvester
Metagoofil
Nmap

stop being a fucking script kiddy and read the fucking manuals

>Go to starbucks get something off the hidden menu, boot a live distro connect to the free wifi and go in HOT, hit the server like the guy that set it up never meant and scan everything, then focus on the weak spots later and make that dirty little server call you daddy.

shout out to any niggas who were at defcon rave

Public records dumass

I saw one where guys were sending fake invoices for random shit to public schools and the schools were paying them, I was like "hell naw, you just pay a bill cuz you got a bill!"

What's the package name? Also, would it be possible to set up a VM and get xp off of that vs doing it to someone elses server? Would that be doing it wrong because you set up the server and already know the weaknesses?

topkek
10/10 for RTFM

Fuck, Dubs. I wanna try that now.

Girl friend troubles OP?
Getting into that facebook can be a real Bitch Sometimes

So I'm guessing you watch Mr.Robot