Alright, so me and a friend decided to challenge ourselves to see who could hack into the other's computer faster. Whoever manages to (remotely) create a text document in the desktop wins. What I didn't forsee is that he would be using a dynamic dns service (possibly no-ip). I can't think of any way to find out his url or private IP, and couldn't really find any answers by searching the internet. Furthermore, social engineering is unlikely to work, since we both know that we are trying to get into each others's PC and will be cautious. So my question is, how can you conduct reconnaissance on a pc not on your same network, who is using a ddns service, without even knowing the IP or url, if doing that is even possible? (Sorry for any grammar mistakes, English isn't my first language :) )
Forum Thread: Where to Start?
- Hot
- Active
-
Forum Thread:
Meterpreter Session Stage Failing
2
Replies
6 hrs ago -
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
165
Replies
1 wk ago -
Problem with Msfvenom:
Windows 7 64-Bit Exe - The Version of This File Is Not Compatible.
6
Replies
1 wk ago -
Forum Thread:
After Executing Search Command in "Wifite" My Laptops Wifi Disconnected.
5
Replies
1 wk ago -
Forum Thread:
Is There a Tool or Machine Used to Hack Password
0
Replies
1 wk ago -
Forum Thread:
Is There a Tool or Machine Used to Hack Password
0
Replies
1 wk ago -
Forum Thread:
How Do I Hack WPS Locked Wifi
9
Replies
1 wk ago -
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
16
Replies
1 wk ago -
Forum Thread:
Learn to Hack an Android Device Over the Internet Remotely
0
Replies
1 wk ago -
Forum Thread:
Hack a Specific Program
0
Replies
1 wk ago -
Forum Thread:
Why Can't I Boot into Kali Graphical Mode After a Fresh Installation??
0
Replies
2 wks ago -
How to:
Spoof E-Mail Using SendEmail and Postfix
0
Replies
2 wks ago -
Forum Thread:
Gain Access to (Data on) Locked Android 9 Phone (LG G6)
1
Replies
2 wks ago -
Forum Thread:
Difficulty with Kali Linux Commands
0
Replies
2 wks ago -
Forum Thread:
Kali linux command error. Kindly help
0
Replies
2 wks ago -
Forum Thread:
Airdump-Ng Can't Find Any Network in Monitor Mode
10
Replies
2 wks ago -
Forum Thread:
Unicorn Framework (iOS, macOS, Linux Post-Exploitation)
0
Replies
2 wks ago -
Forum Thread:
Does rtl8814au Is Still Work For Wireless Hacking?
0
Replies
2 wks ago -
Forum Thread:
Awesome Keylogging Script - BeeLogger
28
Replies
2 wks ago -
Forum Thread:
Veil-Evasion Problem ( Kali Linux )
18
Replies
3 wks ago
-
How To:
Scan Websites for Potential Vulnerabilities Using the Vega Vulnerability Scanner in Kali Linux
-
How To:
13 Black Friday Deals on Courses That Will Beef Up Your Hacking & Programming Skill Set
-
How To:
Hack Computers Over Wi-Fi with the WiFi Duck Payload Deliverer
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
Extract Bitcoin Wallet Addresses & Balances from Websites with SpiderFoot CLI
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To:
Phish for Social Media & Other Account Passwords with BlackEye
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How To:
Get Started with Python with This One-Hour Course for Just $14.99
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Create Custom Wordlists for Password Cracking Using the Mentalist
-
How To:
Hunt Down Social Media Accounts by Usernames with Sherlock
-
How To:
Write an XSS Cookie Stealer in JavaScript to Steal Passwords
-
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
-
How To:
Use Ettercap to Intercept Passwords with ARP Spoofing
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
How To:
Crack Password-Protected ZIP Files, PDFs & More with Zydra
4 Responses
First, this is probably going to be hard. Even of you know his IP address, Hacking into a computer with just an IP address is difficult. He would need to be running a service though a port on the router AND that service must have a vulnerability with an exploit available. That's pretty rare. If it were simpler most computers would be hacked as random IP addresses are tested constantly for exploits.
So, next would be social engineering. This is where you have to get creative. As you said, it's going to be hard because you both know about each other.
I have an idea of how to trick him, but don't really want to tell you exactly how. You should figure it out yourself. I'll tell you it involves shortcutting a malicious file hidden in a directory with other files. Zipping the directory and sending him it. If it doesn't work, continue to think.
Good luck.
Thanks for the reply, will look into your suggestion ;)
If I was in this situation I would've installed a backdoor BEFORE accepting the challenge. There is only one choice left RUBBER DUCKY!!
C'mon, there's almost no way you can do that... real life scenarios are very different from testing skiddie tutorials on a Vm. He know that you're trying to fuck his pc and unless your friend is a true idiot you can't do anything. New OS are patched for know exploit and i'm pretty sure he didn't have any door forwarded on his router or exploitable services on his machine.
You could try with emails but i doubt he will click on links, ignoring allert messages etc. You could try with some Mitm attack like Evil Twin etc but in 2017 also my grandmother know that shit and modern browser block and allert for all.
I doubt he'll let you enter his room so also rubber duck is useless.
You could hack his phone with a persistant backdoor and add a txt to his Google Drive or Dropbox app... if those services are synced on his pc well, you'll have your file on his pc... not a true hack but hey, the file will be there.
Anyway i think it's easier for you to force his door when he's out, power on his pc and leave that txt :D
Share Your Thoughts