a cool hack + vid
So yesterday I managed a really cool hack (with permission of boss) and felt like making a video recreation of it, as well it was awesome. (It was to show her why she needs to update her computer every so often)
A few things I did set up differently, if you look at the picture you see that I had to ssh from work, to my house as I had router access with port forwarding. Other then that though it was the same. (two work networks a public access, and the corporate VPN. I was on the public access wifi and victim machine on the corporate VPN).
Anyways the video, hope you enjoy http://www.tristate-technician.com/videos/sshtunneltut.html
SuRF666 wrote: How did you change between the OSs ?? VMware @stdio Excellent video! Ignore the naysayers;)
spyware wrote: [quote]korg wrote: Could have been more detailed and clear but nice job.
What details do you need, what needs to be cleared up? If you aren't specific about these things the OP won't know why you wanted it more detailed and clear.[/quote]
I mean by explaining each step what is does, how and why it works the way it does. This would help people with no knowledge of what he's trying to accomplish understand the process better.
fuser wrote: I hope I'm not being too fussy, but can you make it available for download as well, since I can't view it for some reason.
Okay i seriously think it should come with a documentation or something ….. i saw the vid two times now ….. is stdio hacking himself ???? if so how did he do an nmap scan ?? if i try to scan myself (my ip :P) i normally get a message saying something like can't scan local host and shag like that ….. if he is not hacking himself , dont bother answering the second question……
SuRF666 wrote: Okay i seriously think it should come with a documentation or something ….. i saw the vid two times now ….. is stdio hacking himself ???? if so how did he do an nmap scan ?? if i try to scan myself (my ip :P) i normally get a message saying something like can't scan local host and shag like that ….. if he is not hacking himself , dont bother answering the second question……
Okay… What he is essentially doing is starting a attack website on his computer. He then tricks his boss into going to the attack website he set up. The boss's computer is compromised, and stdio now has user-level access to the machine. He then, from the user-level account on his boss's machine, attacks the (now local) machine to get system level access.
It's really not that hard to follow….
As for not being able to scan yourself, your firewall might be blocking the ping probes. Have you tried the -PN flag?
Edit: After watching the video again, I see where your getting caught up. He "binds" a port on the boss's machine to his own computer, and then attacks that local port on his machine. The local port he binded actually points to that port on the boss's computer. It might help if you do a little research on port binding.