EvilZone
Hacking and Security => Hacking and Security => : FractalInsanity November 11, 2012, 10:56:52 PM
-
jk with subject hehe. What is the most effective and direct way to gain user level privileges to a chosen email address.
Methods I am already aware of:
1)Phishing:
a)Links
b)Attachments
2)Brute force doesn't work nowadays.
What are some others? There has to be something other than phishing with links and attachments (just sketch and lame).
I would love to hear some creative answers?!
-
> Social engineering
> Learn personal facts
> answer recovery questions
> ? ? ?
> profit
-
Ah ic!
Thank you, although I don't know if proft is meant to mean profit (which still doesn't make sense) hmmm....
-
although I don't know if proft is meant to mean profit (which still doesn't make sense) hmmm....
internet meme..
-
Oy vey. so nothing groundbreaking huh? I was hoping for some highly skillful method. I suppose it is something email providers focus on more than anything so would be difficult, thus, making a trap for user is best way.
-
Find mail server, hack mail server...
-
Oy vey. so nothing groundbreaking huh? I was hoping for some highly skillful method. I suppose it is something email providers focus on more than anything so would be difficult, thus, making a trap for user is best way.
Social engineering is, in my opinion, the best way of hacking. With just some people skills you can learn all you want to know.
-
Find mail server, hack mail server...
Is this "See hero, kill hero" (c) M5 quote?
On topic: there is also XSS cookie hijacking.
-
the methods mentions above are the ones i know too... but generally and not only for email password retreival you can sniff packets form the lan the user you want to take his pass, and retreive it.. it depends to the mail provider if the pass is encrypted...
also if you can use the same computer with the one you want to hack, you can use keyloggers to retreive the pass..
-
Okay.. This is stupid.
This should be the first thing you learn when starting to go into the hacking mindset: For every scenario there is a ton of ways to attack something. And you should be able to think up most of them without blinking, at least the outlines.
A target doesn't have one attack vector, it has a bunch. And not only technical, and not only direct vectors but indirect attack vectors as well. Depending on how blackhat/unethical you are, it will have an even bigger attack surface.
This topic might help to shed some light on things. http://evilzone.org/tutorials/hacking-start-to-finish-(quick-list) (http://evilzone.org/tutorials/hacking-start-to-finish-(quick-list))
It dosent matter if you are attacking a email account or a game server. The different attack vectors can be applied to both. General idea is: Get access to any parts of the system or a system that has access to the system or yet another system that may or may not have access to THE system or yet another system that [...]. Where a system can be, a lot of things: A person, a computer, a access point, a document, other hardware or something else that will help you gain the information you need. Then you work your way up from there.
-
And you should be able to think up most of them without blinking, at lest the outlines.
*least
-
*least
Fixed <3
-
Okay.. This is stupid.
This should be the first thing you learn when starting to go into the hacking mindset: For every scenario there is a ton of ways to attack something. And you should be able to think up most of them without blinking, at least the outlines.
A target doesn't have one attack vector, it has a bunch. And not only technical, and not only direct vectors but indirect attack vectors as well. Depending on how blackhat/unethical you are, it will have an even bigger attack surface.
This topic might help to shed some light on things. http://evilzone.org/tutorials/hacking-start-to-finish-(quick-list) (http://evilzone.org/tutorials/hacking-start-to-finish-(quick-list))
It dosent matter if you are attacking a email account or a game server. The different attack vectors can be applied to both. General idea is: Get access to any parts of the system or a system that has access to the system or yet another system that may or may not have access to THE system or yet another system that [...]. Where a system can be, a lot of things: A person, a computer, a access point, a document, other hardware or something else that will help you gain the information you need. Then you work your way up from there.
got lost in da middle with sys and system. But gotta learn these attack vectors. :D :P
-
gotta explain why is there an ASCII penis in the title.
-
gotta explain why is there an ASCII penis in the title.
8=====D~~~
:D