Imagine you gained access to someones Google and Outlook accounts. Cool, but of course not enough for an aspiring hacker that always wants more.
How would you guys use this privilege to gain access to a victims computer or maybe phone? I keep walking around with the idea that this should make things way easier, but can't come up with a plan.
Please share your thoughts with me!
Thanks in advance,
Aperock
11 Responses
I'd take a look into all his files and cases and proceed with the 2 cases :
Case 1 : Black Hat Type
Case 2 : Grey / White Hat Type
Reverse of all the Black Hat cases, like telling their corporate how vulnerable their system is and how they can protect it and earn $$ etc..
Just a simple thought ;)
-- C1BR0X
Thanks for your reply C1BR0X!
I don't think you got what I meant with my question:
I'm not looking for things that I can do with my access, I'm looking for ways to get MORE access ;)
Aperock
Oh then you should probably send a link that the victim will open.
Since you got his GMAIL, open it and check with whom did he contact frequently and also add a fake GMAIL acc created by you newly using that similar name and add it in his gmail.
Send a link that will make him open and see and voila , you got his system. From there its just a matter of commands to wiretap his phone ;)
More info visit this link : https://null-byte.wonderhowto.com/how-to/hack-windows-7-sending-vulnerable-shortcut-files-0150797/
Hope it helps ;)
-- C1BR0X
Thanks for copying my answer...
Lol bro we had a latency of 1 minute of our posts. Ie. we both posted the same time , so i had no idea you were posting....
-- C1BR0X
Random Thought: He posted one minute before you ... o_O ...
Woah just realised exact same time o.O
Explot there system
So inject shell code
by sending a message to them self then log out and wait for them to log back in and click the message
then bam
you get a meterprenter session on there computer !
(i think this is correct)
Everyone looks at hacking only through the tech aspect when the human aspect is just so much easier to crack.
Having access to their email accounts is huge; almost everyone run their lives through email. All you need to do is learn about your target. Find out as much information about them and their systems as possible.
Then perform a spear-phishing attack. It's just that simple.
ghost_
If you have access to there accounts then you are them. Imagine making a clone of yourself because your mom wants you to do homework after school but you want to go to the party at bobby's house.
Now that clone that is not really you will be the perfect son for your mother and do work for you. It will do what you want it, now since it's a clone they "know" it's you.
That is a situation i can think of is were you have someones email and you are the "clone" as to whoever email it is, they will think it is bob joe there best friend when it's really you.
TL;DR: Pretend to be them.
The best part for a black hat about things like Google accounts, Facebook accounts, and other social media accounts, is the information stored in each account.
Social media is a bank of personal information waiting to be opened. Names, addresses, phone numbers, emails, and other accounts. You could try deploying a social engineering attack to convince them to open your trojan if you convince them well enough.
Share Your Thoughts