Internet/Network Security/Hacking

Advertisement


Question
QUESTION: I write crime fiction. I have a situation where a hacker needs to get into a company to see who bought a certain product. The hacker isn't in his own house but has his own computer. What would he need to accomplish this, and how would he do it without the location being detected? I don't need to get into specifics, just realistic enough so that it's authentic.

ANSWER: Hi Poly,

If a hacker (technically speaker its really a cracker) wants to get into a company to see who bought a certain product there are a few options:


(1) He could use a computer (doesn't actually matter if its his own or where he is) and rotate or chain the computer IP address though a number of anonymous proxies (using proxycap or similar). This would hide his location from being detected. Then from there use tools to get into the company server or database that contains the info he wants.

Technically speaking, its not really possible to be undetected 100%. For me I can usually spot a proxy and then by just logging the different IP's and the time, I can see the chain stating point and tell you exactly what IP is really responsible. Not a lot of people can do that though and oftentimes you have to send subpoenas to each organization for each proxy (for the data etc) which is expensive and time consuming.

(2) Social engineering: He could pose (over the phone) as an employee that has lost his settings to connect to the company server. If he manages to convince technical support or some other department to provide server login details, then he already has basic company access and can then use other tools to bypass the firewall and get into the database to see who bought whatever product it is (or he could hack into one of the sales computers and look up the info).

---------- FOLLOW-UP ----------

QUESTION: Hi, Paul. How long does it take to set up the chain of proxies? And how does he get into the company and break their code to get into their computer? Does he need any extra paraphernalia--flash drives or other programs? Thanks.

Answer
Hi Poly,


To get a list of say 100 proxies just takes a few minutes. To actually make and test the chain can take a few hours depending on the level of complexity (how complicated the routing is set up).

To actually break into the computer, generally he would use a software vulnerability in the operating system (Windows / Linux etc). Exactly how you do that is beyond the scope of what I can answer as there are hundreds of known and unknown vulnerabilities and all them require different techniques to achieve access.

Yes, usually all tools are kept on a flash drive (or a cd/dvd as lots of companies block being able to use USB flash drives). Other tools might be online already and quick to download. Sometimes all tools are ready to download (perhaps on a file sharing website or a website that  setup specifically to hold the hacking tools etc).

Any other paraphernalia needed? It depends on the job really, which is why reconnaissance or footprinting is done before hacking in etc that way a hacker can have a good idea what he needs, rather than having to bring everything.

Internet/Network Security

All Answers


Answers by Expert:


Ask Experts

Volunteer


Paul Walsh

Expertise

I can answer almost any question in relation to network security, penetration testing, Active Directory, computer hardening, CISCO Routing, spyware and virus removal.

Experience

I have over 12 years experience in network security, penetration testing and technical support as well as system and server administration.

Publications
http://ezinearticles.com/?expert=Paul_Walsh http://www.twitter.com/paulwalshaz

Education/Credentials
CCNA AAS Network and System Administration A+

Past/Present Clients
Multiple startup clients in various business sectors. SME as well as Fortune 100 companies.

©2016 About.com. All rights reserved.