Alright, so me and a friend decided to challenge ourselves to see who could hack into the other's computer faster. Whoever manages to (remotely) create a text document in the desktop wins. What I didn't forsee is that he would be using a dynamic dns service (possibly no-ip). I can't think of any way to find out his url or private IP, and couldn't really find any answers by searching the internet. Furthermore, social engineering is unlikely to work, since we both know that we are trying to get into each others's PC and will be cautious. So my question is, how can you conduct reconnaissance on a pc not on your same network, who is using a ddns service, without even knowing the IP or url, if doing that is even possible? (Sorry for any grammar mistakes, English isn't my first language :) )
Forum Thread: Where to Start?
- Hot
- Active
-
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
3 days ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
1 wk ago -
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
1 mo ago -
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
1 mo ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
2 mo ago -
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
3 mo ago -
Metasploit Error:
Handler Failed to Bind
41
Replies
3 mo ago -
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
3 mo ago -
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
3 mo ago -
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
3 mo ago -
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
3 mo ago -
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
3 mo ago -
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
4 mo ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
4 mo ago -
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
5 mo ago -
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
6 mo ago -
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
6 mo ago -
Forum Thread:
How to Hack School Website
11
Replies
6 mo ago -
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
6 mo ago -
Forum Thread:
Creating an Completely Undetectable Executable in Under 15 Minutes!
38
Replies
8 mo ago
-
How To:
Dox Anyone
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Crack SSH Private Key Passwords with John the Ripper
-
How To:
Exploit EternalBlue on Windows Server with Metasploit
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
-
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
How To:
Use Command Injection to Pop a Reverse Shell on a Web Server
-
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
-
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
-
How To:
Make Your Own Bad USB
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
How To:
Find Passwords in Exposed Log Files with Google Dorks
-
Hacking Windows 10:
How to Dump NTLM Hashes & Crack Windows Passwords
-
How To:
Fuzz Parameters, Directories & More with Ffuf
-
How To:
Use MinGW to Compile Windows Exploits on Kali Linux
-
Hack Like a Pro:
How to Find Any Router's Web Interface Using Shodan
-
How To:
Use SpiderFoot for OSINT Gathering
4 Responses
First, this is probably going to be hard. Even of you know his IP address, Hacking into a computer with just an IP address is difficult. He would need to be running a service though a port on the router AND that service must have a vulnerability with an exploit available. That's pretty rare. If it were simpler most computers would be hacked as random IP addresses are tested constantly for exploits.
So, next would be social engineering. This is where you have to get creative. As you said, it's going to be hard because you both know about each other.
I have an idea of how to trick him, but don't really want to tell you exactly how. You should figure it out yourself. I'll tell you it involves shortcutting a malicious file hidden in a directory with other files. Zipping the directory and sending him it. If it doesn't work, continue to think.
Good luck.
Thanks for the reply, will look into your suggestion ;)
If I was in this situation I would've installed a backdoor BEFORE accepting the challenge. There is only one choice left RUBBER DUCKY!!
C'mon, there's almost no way you can do that... real life scenarios are very different from testing skiddie tutorials on a Vm. He know that you're trying to fuck his pc and unless your friend is a true idiot you can't do anything. New OS are patched for know exploit and i'm pretty sure he didn't have any door forwarded on his router or exploitable services on his machine.
You could try with emails but i doubt he will click on links, ignoring allert messages etc. You could try with some Mitm attack like Evil Twin etc but in 2017 also my grandmother know that shit and modern browser block and allert for all.
I doubt he'll let you enter his room so also rubber duck is useless.
You could hack his phone with a persistant backdoor and add a txt to his Google Drive or Dropbox app... if those services are synced on his pc well, you'll have your file on his pc... not a true hack but hey, the file will be there.
Anyway i think it's easier for you to force his door when he's out, power on his pc and leave that txt :D
Share Your Thoughts