EvilZone
Hacking and Security => Hacking and Security => : Wolf March 18, 2012, 05:53:34 AM
-
So I'm trying to hunt this guy down named Dr. Robert Vaughan, I found his facebook, his job, and his email. I decided to go after his email, but it's something really strange and I can't find the client, because it's hosted by where he works. How do I do this?
It's robert.vaughan@fbcgrapevine.com
-
fbcgrapevine.com TXT 1 hour v=verifydomain MS=ms64885750
fbcgrapevine.com TXT 1 hour v=spf1 include:outlook.com ~all
mail.fbcgrapevine.com A 2 hours 173.74.198.3 ()
fbcgrapevine.com MX 2 hours 0 fbcgrapevine-com.mail.eo.outlook.com
Should get you started.
-
What tool did you use for this?
thx for the start btw.
-
nslookup for windows, or dig for linux will work, there are also websites used to probe DNS entries like that.
-
Never doubt the power of standard, diagnostic, tools my friend. Happy hunting.
-
I also wouldn't even bother targeting the mail either. That domain is hosted directly by Microsoft.
Edit:
mail.fbcgrapevine.com doesn't actually receive their mail, but it does point to their internal network.
They have FTP, SSH, VPN, HTTP (8080) and ActionTek TR-069 Remote Access (4657) http://en.wikipedia.org/wiki/TR-069 (http://en.wikipedia.org/wiki/TR-069)
-
So what would you target?
I went ahead and sent a key logger disguised as a word doc in the attachment, it got opened and now I have a daily update to a fake gmail. Figured it would have been easier.
-
Invasion of Privacy is name of this paper,best example of personal information gathering that I have read,maybe can help:
http://www.attackvector.org/invasion-of-privacy/
-
Noob,
love the post. :D
-
Noob,
love the post. :D
Im glad i didnt search for it for nothing ;)