

Ask HN: Penetration testing - anonanonanon123

Anon account since I may do this type of work more and more.<p>I took the Ethical Hacker certification (C|EH) a few about 5 years ago and never did a lot with it from a professional standpoint.<p>I was asked by a company to point out vulnerabilities in their organization and I think that I can handle this.<p>I know a lot of the usual things like using Whois, social engineering, sql injection, network scanning, packet snipping, using e-mail account password hints...<p>What are other ways to gather information that I am not thinking about right now. I want to really evaluate my skills and ensure that I can do the right kind of job and not falsely lead anyone<p>Already their receptionist gives out way to much information. Their WhoIs record does as well. I was already able to send my wife into the organization with a small wireless base station where she was able to plug it into a conference room jack in 2 minutes without even any questions..Maybe security guards don't question attractive girls showing cleavage who ask to use the restooom....<p>Second, I am considering having a dedicated device for this kind of task. I have a CR-48. Maybe flash the bios, drop in a larger SSD and Ubuntu Net ReMix?<p>Thoughts are appreciated.
======
nyellin
You may want to try automated tools like Nessus and OpenVAS. They are no
replacement for having skills yourself, but they still have their uses.

<http://www.nessus.org/nessus/intro.php> <http://www.openvas.org/>

------
iamdave
You could always try the classic 'leave a usb key key in the parking lot'
trick.

~~~
anonanonanon123
not familiar....can you enlighten me?

~~~
nyellin
Write a script and place it on a USB key. Set the script to autorun on
Windows, using autorun.inf. Then discard a few USB keys in the company parking
lot, with labels like "wedding pictures" and "presentation files."

If someone picks up a USB key and connects it to their computer, you will have
a backdoor into the company.

Caveat: You can disable autorun for USB keys. (I think Windows 7 does so by
default.) You can workaround this with something like the Teansy USB, which
tricks the computer into thinking that it is a keyboard.

[http://www.offensive-security.com/metasploit-
unleashed/SET_T...](http://www.offensive-security.com/metasploit-
unleashed/SET_Teensy_USB_HID_Attack)

