michael_kent123 Posted June 10, 2013 Share Posted June 10, 2013 It seems to me from reading various pen-testing guides that there is a 'standard' approach to hacking a system which goes something like this:Identify the target IP range (from WHOIS).Scan all IPs (nmap, etc).Use a vulnerability scanner (maybe).Use Metasploit / Medusa (to target a specific port on a specific IP).This approach targets the network layer rather than the web.However, I wonder whether this approach works in practice.Let's imagine that there is an academic institution with the IP range (I am making this up) 22.214.171.124 to 126.96.36.199. I use academia as an example as universities have many outward-facing IP addresses. Let's call it University X (original I know). What you (the pen-tester) wants to achieve is to gain access to users' e-mail. You want to be able to read people's e-mail. This could occur via valid username / password credentials (and login via the web interface e.g. Outlook / Windows Live) or it could happen through some kind of access to the mail server (IMAP / POP) itself.Assume that all you have is the IP range. What would you do? Would you follow the 'standard' model? Anything technical (no social engineering) is permitted. I am wondering whether what the guides say is truly how it would be done.Thanks! Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.