Taking a sip from his second glass, midfr0st just shook his head watching the error page. Too bloody simple, he sighed. Once again midfr0st thanked the W3Schools site for cutting off a few hours of his work day. Although these kinds of blatantly obvious cases of sql injection had become boring of late, midfr0st liked the fact that a lot of people visited sites like the W3School when they were learning to code asp/php/html and such. Sure the site does a service to the public, but why terms like sql injection or input validation didn’t exist (aside from a reference to a php function) was a mystery to midfr0st.
After a few tries he was able to log in to the admin part of the CMS system. Using Quiriths showcase customer, midfr0st played around in the system to get familiar with it.
His neighbors below him had obviously been drinking much more than he had and were now laughing mad. midfr0st left the empty wine bottle outside, I can’t think with that noise. He fired up Sepultura’s Chaos A/D.
It was time to focus on Meriabeck’s internal network. A few days ago he had asked tr0y, an online friend of his, if he had any connections in Meriabeck that could be used. Although tr0y didn’t have anything on the company he was very eager to hear about midfr0st’s plans. Though there was a risk telling others, tr0y could be trusted to not spread the word and when offered $6500 midfr0st just couldn’t turn his friend down.
In the end midfr0st decided to target a sales manager who had his email address on Meriabecks public website. He was going to use an Excel vulnerability he had known about for some time but since it was public now its usefulness would be running out.
Subject: Chip Inquiry
My name is John, my company HDG-Furniture have been looking into the RFID technology to lower our costs related shipping and warehousing. I have read about your reference customers and would like to hear more about your solutions.
Attached you will find a Word document describing what we want to do, in the Excel you have the relevant data.
midfr0st had found HDG-Furniture at random, he knew that the company didn’t have an employee named John Houte. midfr0st also knew that hdg-furniture.com didn’t bounce any mails even if the to address was invalid. So when Jake replied to the email he would believe “John” had received it.
He was sure that Jake would open the Excel file, it was just a matter of time. Midfr0st headed out for a smoke, he increased the volume of his speakers which were playing In Flames, Reroute to Remain.
After a few hours midfr0st went to bed, in the morning he had an inbound tcp connection from Meriabeck’s ip range.
[tags]security, stories, fiction, social engineering[/tags]