QUESTION: I write crime fiction. I have a situation where a hacker needs to get into a company to see who bought a certain product. The hacker isn't in his own house but has his own computer. What would he need to accomplish this, and how would he do it without the location being detected? I don't need to get into specifics, just realistic enough so that it's authentic.
ANSWER: Hi Poly,
If a hacker (technically speaker its really a cracker) wants to get into a company to see who bought a certain product there are a few options:
(1) He could use a computer (doesn't actually matter if its his own or where he is) and rotate or chain the computer IP address though a number of anonymous proxies (using proxycap or similar). This would hide his location from being detected. Then from there use tools to get into the company server or database that contains the info he wants.
Technically speaking, its not really possible to be undetected 100%. For me I can usually spot a proxy and then by just logging the different IP's and the time, I can see the chain stating point and tell you exactly what IP is really responsible. Not a lot of people can do that though and oftentimes you have to send subpoenas to each organization for each proxy (for the data etc) which is expensive and time consuming.
(2) Social engineering: He could pose (over the phone) as an employee that has lost his settings to connect to the company server. If he manages to convince technical support or some other department to provide server login details, then he already has basic company access and can then use other tools to bypass the firewall and get into the database to see who bought whatever product it is (or he could hack into one of the sales computers and look up the info).
---------- FOLLOW-UP ----------
QUESTION: Hi, Paul. How long does it take to set up the chain of proxies? And how does he get into the company and break their code to get into their computer? Does he need any extra paraphernalia--flash drives or other programs? Thanks.
To get a list of say 100 proxies just takes a few minutes. To actually make and test the chain can take a few hours depending on the level of complexity (how complicated the routing is set up).
To actually break into the computer, generally he would use a software vulnerability in the operating system (Windows / Linux etc). Exactly how you do that is beyond the scope of what I can answer as there are hundreds of known and unknown vulnerabilities and all them require different techniques to achieve access.
Yes, usually all tools are kept on a flash drive (or a cd/dvd as lots of companies block being able to use USB flash drives). Other tools might be online already and quick to download. Sometimes all tools are ready to download (perhaps on a file sharing website or a website that setup specifically to hold the hacking tools etc).
Any other paraphernalia needed? It depends on the job really, which is why reconnaissance or footprinting is done before hacking in etc that way a hacker can have a good idea what he needs, rather than having to bring everything.