Alright, so me and a friend decided to challenge ourselves to see who could hack into the other's computer faster. Whoever manages to (remotely) create a text document in the desktop wins. What I didn't forsee is that he would be using a dynamic dns service (possibly no-ip). I can't think of any way to find out his url or private IP, and couldn't really find any answers by searching the internet. Furthermore, social engineering is unlikely to work, since we both know that we are trying to get into each others's PC and will be cautious. So my question is, how can you conduct reconnaissance on a pc not on your same network, who is using a ddns service, without even knowing the IP or url, if doing that is even possible? (Sorry for any grammar mistakes, English isn't my first language :) )
Forum Thread: Where to Start?
- Hot
- Active
-
Forum Thread: Hydra Syntax Issue Stops After 16 Attempts 2 Replies
1 hr ago -
Forum Thread: Hack Instagram Account Using BruteForce 208 Replies
9 hrs ago -
Forum Thread: How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More 6 Replies
6 days ago -
How to: Crack Instagram Passwords Using Instainsane 37 Replies
6 days ago -
Forum Thread: Metasploit reverse_tcp Handler Problem 47 Replies
1 mo ago -
Forum Thread: How to Train to Be an IT Security Professional (Ethical Hacker) 22 Replies
1 mo ago -
Metasploit Error: Handler Failed to Bind 41 Replies
2 mo ago -
Forum Thread: How to Hack Android Phone Using Same Wifi 21 Replies
2 mo ago -
How to: HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide] 177 Replies
2 mo ago -
Forum Thread: How Many Hackers Have Played Watch_Dogs Game Before? 13 Replies
2 mo ago -
Forum Thread: How to Hack an Android Device with Only a Ip Adress 55 Replies
3 mo ago -
How to: Sign the APK File with Embedded Payload (The Ultimate Guide) 10 Replies
3 mo ago -
Forum Thread: How to Run and Install Kali Linux on a Chromebook 18 Replies
4 mo ago -
Forum Thread: How to Find Admin Panel Page of a Website? 13 Replies
5 mo ago -
Forum Thread: can i run kali lenux in windows 10 without reboting my computer 4 Replies
5 mo ago -
Forum Thread: How to Hack School Website 11 Replies
5 mo ago -
Forum Thread: Make a Phishing Page for Harvesting Credentials Yourself 8 Replies
5 mo ago -
Forum Thread: Creating an Completely Undetectable Executable in Under 15 Minutes! 38 Replies
6 mo ago -
Forum Thread: Hacking with Ip Only Part [1] { by : Mohamed Ahmed } 5 Replies
7 mo ago -
Forum Thread: Problem with Airmon-Ng and VM 3 Replies
7 mo ago
-
How to Hack Wi-Fi: Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To: Hack Apache Tomcat via Malicious WAR File Upload
-
How To: Manually Exploit EternalBlue on Windows Server Using MS17-010 Python Exploit
-
How To: Dox Anyone
-
How To: Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How To: Crack Shadow Hashes After Getting Root on a Linux System
-
BT Recon: How to Snoop on Bluetooth Devices Using Kali Linux
-
How To: Use MDK3 for Advanced Wi-Fi Jamming
-
How To: Use Microsoft.com Domains to Bypass Firewalls & Execute Payloads
-
How To: Crack SSH Private Key Passwords with John the Ripper
-
How To: Brute-Force FTP Credentials & Get Server Access
-
How To: Top 10 Things to Do After Installing Kali Linux
-
How to Hack Wi-Fi: Cracking WEP Passwords with Aircrack-Ng
-
How to Hack Wi-Fi: Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
Tutorial: Create Wordlists with Crunch
-
How To: Perform Advanced Man-in-the-Middle Attacks with Xerosploit
-
Hack Like a Pro: How to Find Directories in Websites Using DirBuster
-
How To: Use Kismet to Watch Wi-Fi User Activity Through Walls
-
Hacking Windows 10: How to Dump NTLM Hashes & Crack Windows Passwords
-
How To: Use Command Injection to Pop a Reverse Shell on a Web Server
4 Responses
First, this is probably going to be hard. Even of you know his IP address, Hacking into a computer with just an IP address is difficult. He would need to be running a service though a port on the router AND that service must have a vulnerability with an exploit available. That's pretty rare. If it were simpler most computers would be hacked as random IP addresses are tested constantly for exploits.
So, next would be social engineering. This is where you have to get creative. As you said, it's going to be hard because you both know about each other.
I have an idea of how to trick him, but don't really want to tell you exactly how. You should figure it out yourself. I'll tell you it involves shortcutting a malicious file hidden in a directory with other files. Zipping the directory and sending him it. If it doesn't work, continue to think.
Good luck.
Thanks for the reply, will look into your suggestion ;)
If I was in this situation I would've installed a backdoor BEFORE accepting the challenge. There is only one choice left RUBBER DUCKY!!
C'mon, there's almost no way you can do that... real life scenarios are very different from testing skiddie tutorials on a Vm. He know that you're trying to fuck his pc and unless your friend is a true idiot you can't do anything. New OS are patched for know exploit and i'm pretty sure he didn't have any door forwarded on his router or exploitable services on his machine.
You could try with emails but i doubt he will click on links, ignoring allert messages etc. You could try with some Mitm attack like Evil Twin etc but in 2017 also my grandmother know that shit and modern browser block and allert for all.
I doubt he'll let you enter his room so also rubber duck is useless.
You could hack his phone with a persistant backdoor and add a txt to his Google Drive or Dropbox app... if those services are synced on his pc well, you'll have your file on his pc... not a true hack but hey, the file will be there.
Anyway i think it's easier for you to force his door when he's out, power on his pc and leave that txt :D
Share Your Thoughts