A friendly competition

A place where newbies can post without (much) fear of reprisal. All mission posts should still go in the applicable forum.
Forum rules
Older HTS users: Be nice to the new people.

NEW USERS: This is NOT the place to post about missions! Refer to "Missions" category.

A friendly competition

Post by cyberspecter3099 on Sat May 22, 2021 4:57 pm
([msg=111985]see A friendly competition[/msg])

I am looking for some help in a competition between me and a good friend.

We are both professional I.T. admins with a background in hacking back in the late 90s and very early 2000's. These days we mostly do network infrastructure, medium size business setups, server admin and web design, but our real passions are hardware development and security/anonymity.

That being said we came up with a little wager ( not involving money mind you) that neither of us could hack into the others local home system or network, Either would complete the wager.
The rules allow us to look for help in any media or forum but we have to do the actual penetration ourselves.
Other rules are that we have to treat this as if we didn't have physical access to each others houses. basically we have to act as if we could get all the info we need from each other in a work friend or close acquaintance type scenario, so the only assumed info we can use are what we agreed upon. this is basically a white hat operation for both of us to try and plug holes in our systems. so if we get in, no trashing, or alteration ect...

What im allowed to know/use and some ideas i think could be useful not everything will help but im trying to cover it all:
1. he uses a Netgear router flashed with express vpn firmware and his whole network is behind that vpn
2. he has a personal business website with squarespace under his own domain name. (obviously we cant break the law by breaking into squarespace but i thought it might be useful some other way)
3. his whole house is an alexa based system and tied together
4. i know his main email address.
5. i know his physical address and due to the fact it is rural know his isp. There is only one provider in the area.
6. he uses multiple ubiquity wifi units around the house.
7. his wife is a heavy facebook and pinterest user and enjoys collecting pictures she downloads from those places. (this would probably be the easiest way in but i feel like its kind of cheap and will only use it as a last resort
8. him and his wife use android phones.
9. he uses the newest version of microsoft edge as his browser. (dont get me started on that lol)
10. he uses windows 10
11. he does not use an elaborate port forwarding setup or any firewall other than windows and the default router firewall.
12. he hates dedicating ip addresses, and therefore only uses DHCP.
13. he uses the default DNS assigned by his ISP
14. he is not afraid of viruses or malware- he in fact likes to get infected with new bugs because he uses image based backups and part of what we do is to try and battle them and remove them for fun. that being said if it were too obvious he would sandbox it first, but he is quite reckless most of the time, not bothering with sandboxing most things.
15.he has an xbox one account that is linked to his pc and I know his handle.
16. he uses windows based network sharing with his xbox, alexa, and android.
17. he runs a home media server using DLNA

I am probably not thinking of everything, and i am allowed to ask him any question that an I.T. friend might ask normally, but there it is.

I have to find a way onto his network, and ultimately his PC but at least one of those things. I need some ideas because the only things that i have come up with are more social engineering related, like getting his wife to download a trojan, or send him an email attachment he is to curious to refuse. the problem with those is that i cant use my friendship with him as a way to get in, just to gather info. so like the email would have to come from "someone" else as an example. Im just having a really hard time coming up with an avenue of attack because i cant get at him with the vpn in the way. I considered alexa, or xbox exploits as well.

If there is any info you think would help in solving this that i didnt include feel free to ask. I can also include his personal interests and hobbies if anyone wants that.

Please guys, this is a very old bet and we are usually the ones keeping people out not breaking in, so i could really use the help.

Thanks!
cyberspecter3099
New User
New User
 
Posts: 1
Joined: Sat May 22, 2021 4:07 pm
Blog: View Blog (0)


Return to NZone

Who is online

Users browsing this forum: No registered users and 0 guests