Penetration Testing mailing list archives
Re: Host discovery
From: Oliver Kindernay <oliver.kindernay () gmail com>
Date: Tue, 23 Feb 2010 21:42:59 +0100
Thanks, but I am still searching for some other methods than sending email to employers. I think this situation occurs in most of smallest companies, so there isn't any other method? 2010/2/23 Ron Yount <rony () co island wa us>:
Embeded pictures in the email may work. It could even be extended to find out individual workstation Ip's if each person linked to a different pictures. Then check the logs to see which pictures were opened. RY -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Oliver Kindernay Sent: Tuesday, February 23, 2010 11:25 AM To: pen-test () securityfocus com Subject: Re: Host discovery Yes but when company use webhosting's mail server this won't work. 2010/2/23 Andrew MacPherson <andrewmohawk () gmail com>:You could always look at simply sending a bounce mail, ie, mailing thisaddressdoesntexist () organisation com, and then review the headers,oftenmail servers will leak information especially if they are serving to an internal environment. -AM On Tue, Feb 23, 2010 at 1:27 AM, Oliver Kindernay <oliver.kindernay () gmail com> wrote:Hi, Let's imagine this situation. Some small company has internal network with some servers directly connected to the internet. Company's web is on the webhosintg. How can attacker now identify company's systems? I thought about something like sending email to employee with link to website which will log an ip address and hope employee will click on that link in work. But what are some more passive methods for this? ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Host discovery Oliver Kindernay (Feb 22)
- Message not available
- Re: Host discovery Oliver Kindernay (Feb 23)
- Re: Host discovery Pete Herzog (Feb 25)
- Re: Host discovery Adam Mooz (Feb 25)
- Re: Host discovery Oliver Kindernay (Feb 25)
- Re: Host discovery Oliver Kindernay (Feb 23)
- Message not available
- <Possible follow-ups>
- RE: Host discovery Ron Yount (Feb 23)
- Re: Host discovery chr1x (Feb 25)
- Re: Host discovery Oliver Kindernay (Feb 25)
- Re: Host discovery chr1x (Feb 25)
- Re: Host discovery Marco Ivaldi (Feb 25)
- Re: Host discovery chr1x (Feb 25)
- Re: Host discovery Oliver Kindernay (Feb 25)
- Re: Host discovery YGN Ethical Hacker Group (Feb 25)