Over the next few posts throughout November I’ll be doing something slightly different. I’ll be demonstrating the penetration into a fictitious company called HackMe Ltd.
The goal of this series of posts is to demonstrate how simple it is to penetrate a network, steal some data, and then erase the evidence of the intrusion. I’ll also be including details of what measures could have been taken to prevent or detect the attack. I want to keep things simple but still as realistic as possible.
Throughout the story I’ll be using common & simple techniques to footprint, scan and penetrate my target. After gaining access to the target, where at all possible I want to just use the native tools on the compromised systems to find and retrieve my data.
These set of posts are written to educate the reader, and hopefully increase security awareness.
Setting the Scene
So I’ve been given my Target. HackMe Ltd is a popular hobbyist magazine distribution company. My job is to steal the customer database and the accounts database. I must find a way in, get the data and get out, leaving as little evidence as possible.
Part 1 - Reconaisance
Part 2 - Breaking In
Part 3 - Kung Fu Shopping
I hope anyone reading this enjoys these posts and I welcome comments and feedback.
