Stealing The Network by Syngress

Author:Syngress, [Russell, Ryan]
Language: eng
Format: epub
ISBN: 978-0-08-048111-1
Publisher: Syngress Publishing
Published: 2003-06-22T16:00:00+00:00

Guessing URLs like this, if done correctly, can be a very valuable way of discovering information. A lot of companies will keep log files, for example, stored on a server under the directory logs, or the administration section under /admin, or even their whole intranet under intranet. The trick is to put yourself in the shoes of the person doing it. If you know enough about the systems administrator, predicting him is trivial.

After a few guesses, I find that

http://www.denizeit.com/intranet/login.asp exists. I’m confronted with a front page telling me:

PRIVATE DENIZEIT INC, PLEASE ENTER YOUR DEPARTMENTAL USERNAME AND PASSWORD

Here’s a login page! It’s kind of scary and my hands start shaking, but this is just what I’m looking for. I wonder what it holds. Okay, it’s time to get an account and find out what’s here … after I get some more coffee.

It’s amazing the amount of coffee that can be consumed during a long hacking session. Sometimes, I’ll need to dig thought huge company networks, taking an easy 20 to 40 hours straight. I don’t like to sleep when I’ve broken into a network, so drug use is also common—anything to keep me awake. Looking at this login page, I see it’s rather plain looking: two input boxes, one labeled Username and the other Password, but the absence of anything else tells me a lot.

Login.asp

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.