Author Topic: Methods of Email account penetration <==3  (Read 4232 times)

0 Members and 5 Guests are viewing this topic.

Offline FractalInsanity

  • /dev/null
  • *
  • Posts: 19
  • Cookies: -2
  • How can intuition deceive us at this point?
    • View Profile
Methods of Email account penetration <==3
« on: November 11, 2012, 10:56:52 pm »
jk with subject hehe. What is the most effective and direct way to gain user level privileges to a chosen email address.


Methods I am already aware of:


1)Phishing:
  a)Links
  b)Attachments


2)Brute force doesn't work nowadays.


What are some others? There has to be something other than phishing with links and attachments (just sketch and lame).


I would love to hear some creative answers?!


 

Offline Ragehottie

  • Knight
  • **
  • Posts: 313
  • Cookies: -9
  • Hack to learn, not learn to hack.
    • View Profile
Re: Methods of Email account penetration <==3
« Reply #1 on: November 11, 2012, 11:17:36 pm »
> Social engineering
> Learn personal facts
> answer recovery questions
> ? ? ?
> profit
« Last Edit: November 13, 2012, 03:21:34 am by Ragehottie »
Blog: rexmckinnon.tumblr.com

Offline FractalInsanity

  • /dev/null
  • *
  • Posts: 19
  • Cookies: -2
  • How can intuition deceive us at this point?
    • View Profile
Re: Methods of Email account penetration <==3
« Reply #2 on: November 11, 2012, 11:24:08 pm »
Ah ic!


Thank you, although I don't know if proft is meant to mean profit (which still doesn't make sense) hmmm....

Offline silenthunder

  • Royal Highness
  • ****
  • Posts: 700
  • Cookies: 23
  • Anpan.
    • View Profile
Re: Methods of Email account penetration <==3
« Reply #3 on: November 11, 2012, 11:53:11 pm »
although I don't know if proft is meant to mean profit (which still doesn't make sense) hmmm....

internet meme..


"Hacking is a lifestyle, a specific mindset, and it really is a lot of work." - Daemon

"Just wanted to state that this is just wicked social engineering at its best." - proxx

Offline FractalInsanity

  • /dev/null
  • *
  • Posts: 19
  • Cookies: -2
  • How can intuition deceive us at this point?
    • View Profile
Re: Methods of Email account penetration <==3
« Reply #4 on: November 13, 2012, 12:13:54 am »
Oy vey. so nothing groundbreaking huh? I was hoping for some highly skillful method. I suppose it is something email providers focus on more than anything so would be difficult, thus, making a trap for user is best way.
« Last Edit: November 13, 2012, 12:14:14 am by FractalInsanity »

Offline IFailStuff

  • VIP
  • Knight
  • *
  • Posts: 338
  • Cookies: 25
  • Certified fuckup
    • View Profile
Re: Methods of Email account penetration <==3
« Reply #5 on: November 13, 2012, 12:40:41 am »
Find mail server, hack mail server...

Offline Ragehottie

  • Knight
  • **
  • Posts: 313
  • Cookies: -9
  • Hack to learn, not learn to hack.
    • View Profile
Re: Methods of Email account penetration <==3
« Reply #6 on: November 13, 2012, 03:22:44 am »
Oy vey. so nothing groundbreaking huh? I was hoping for some highly skillful method. I suppose it is something email providers focus on more than anything so would be difficult, thus, making a trap for user is best way.


Social engineering is, in my opinion, the best way of hacking. With just some people skills you can learn all you want to know.
Blog: rexmckinnon.tumblr.com

Offline s3my0n

  • Knight
  • **
  • Posts: 276
  • Cookies: 58
    • View Profile
    • ::1
Re: Methods of Email account penetration <==3
« Reply #7 on: November 13, 2012, 09:39:32 am »
Find mail server, hack mail server...

Is this "See hero, kill hero" (c) M5 quote?

On topic: there is also XSS cookie hijacking.
Easter egg in all *nix systems: E(){ E|E& };E

Offline proskopos

  • /dev/null
  • *
  • Posts: 7
  • Cookies: 0
  • Too much security is bad security....
    • View Profile
Re: Methods of Email account penetration <==3
« Reply #8 on: November 13, 2012, 09:28:31 pm »
the methods mentions above are the ones i know too... but generally and not only for email password retreival you can sniff packets form the lan the user you want to take his pass, and retreive it.. it depends to the mail provider if the pass is encrypted...
also if you can use the same computer with the one you want to hack, you can use keyloggers to retreive the pass..


Shoot to thrill....

Offline ande

  • Owner
  • Titan
  • *
  • Posts: 2664
  • Cookies: 256
    • View Profile
Re: Methods of Email account penetration <==3
« Reply #9 on: November 14, 2012, 08:49:24 pm »
Okay.. This is stupid.

This should be the first thing you learn when starting to go into the hacking mindset: For every scenario there is a ton of ways to attack something. And you should be able to think up most of them without blinking, at least the outlines.
A target doesn't have one attack vector, it has a bunch. And not only technical, and not only direct vectors but indirect attack vectors as well. Depending on how blackhat/unethical you are, it will have an even bigger attack surface.

This topic might help to shed some light on things. http://evilzone.org/tutorials/hacking-start-to-finish-(quick-list)

It dosent matter if you are attacking a email account or a game server. The different attack vectors can be applied to both. General idea is: Get access to any parts of the system or a system that has access to the system or yet another system that may or may not have access to THE system or yet another system that [...]. Where a system can be, a lot of things: A person, a computer, a access point, a document, other hardware or something else that will help you gain the information you need. Then you work your way up from there.
« Last Edit: November 22, 2012, 04:08:54 am by ande »
if($statement) { unless(!$statement) { // Very sure } }
https://evilzone.org/?hack=true

Offline iTpHo3NiX

  • EZ's Pirate Captain
  • Administrator
  • Titan
  • *
  • Posts: 2920
  • Cookies: 328
    • View Profile
    • EvilZone
Re: Methods of Email account penetration <==3
« Reply #10 on: November 15, 2012, 03:07:54 am »
And you should be able to think up most of them without blinking, at lest the outlines.

*least
[09:27] (+lenoch) iTpHo3NiX can even manipulate me to suck dick
[09:27] (+lenoch) oh no that's voluntary
[09:27] (+lenoch) sorry

Offline ande

  • Owner
  • Titan
  • *
  • Posts: 2664
  • Cookies: 256
    • View Profile
Re: Methods of Email account penetration <==3
« Reply #11 on: November 19, 2012, 10:47:12 am »
if($statement) { unless(!$statement) { // Very sure } }
https://evilzone.org/?hack=true

Offline kenjoe41

  • Symphorophiliac Programmer
  • Administrator
  • Baron
  • *
  • Posts: 990
  • Cookies: 224
    • View Profile
Re: Methods of Email account penetration <==3
« Reply #12 on: December 04, 2012, 07:09:45 am »
Okay.. This is stupid.

This should be the first thing you learn when starting to go into the hacking mindset: For every scenario there is a ton of ways to attack something. And you should be able to think up most of them without blinking, at least the outlines.
A target doesn't have one attack vector, it has a bunch. And not only technical, and not only direct vectors but indirect attack vectors as well. Depending on how blackhat/unethical you are, it will have an even bigger attack surface.

This topic might help to shed some light on things. http://evilzone.org/tutorials/hacking-start-to-finish-(quick-list)

It dosent matter if you are attacking a email account or a game server. The different attack vectors can be applied to both. General idea is: Get access to any parts of the system or a system that has access to the system or yet another system that may or may not have access to THE system or yet another system that [...]. Where a system can be, a lot of things: A person, a computer, a access point, a document, other hardware or something else that will help you gain the information you need. Then you work your way up from there.
  got lost in da middle with sys and system. But gotta learn these attack vectors. :D :P
If you can't explain it to a 6 year old, you don't understand it yourself.
http://upload.alpha.evilzone.org/index.php?page=img&img=GwkGGneGR7Pl222zVGmNTjerkhkYNGtBuiYXkpyNv4ScOAWQu0-Y8[<NgGw/hsq]>EvbQrOrousk[/img]

Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: Methods of Email account penetration <==3
« Reply #13 on: December 04, 2012, 09:10:56 am »
gotta explain why is there an ASCII penis in the title.

Offline iTpHo3NiX

  • EZ's Pirate Captain
  • Administrator
  • Titan
  • *
  • Posts: 2920
  • Cookies: 328
    • View Profile
    • EvilZone
Re: Methods of Email account penetration <==3
« Reply #14 on: December 05, 2012, 08:47:21 pm »
gotta explain why is there an ASCII penis in the title.


8=====D~~~


:D
[09:27] (+lenoch) iTpHo3NiX can even manipulate me to suck dick
[09:27] (+lenoch) oh no that's voluntary
[09:27] (+lenoch) sorry