• XSS.stack #1 – первый литературный журнал от юзеров форума

Need some opinions with what direction i should take this

Отслеживать
doperobot

doperobot

RAID-массив
Пользователь
Регистрация
10.08.2022
Сообщения
70
Реакции
10
Hello, So im rather new in the game...well, been a lurker for years doing small accomplishments and whatnot but never successfully deployed malware, or ransomware etc.
So in my digging, i have found a smallish landscaping company and i have access to everything about them. I am in the owner/ceo office365, outlook as well as sales dept, admin, projects etc etc. I have full access to their web presence godaddy/wix etc as well as banks.
trying to decide whats the most valuable route thats somewhat less time consuming....if that even makes sense since ive done most all the time consuming work lol.
at first glance i was thinking BEC obv since i have all the access but i would need some help as im ignorant of biz concepts, day to day office , accounts payable/receivable etc
or i could get a recommendation on any malware for like drive by type for visitors to their website.
I hope i make at least some sense to you guys...as i am just really excited and doing my best to stay calm and think clearly ya know.

I just figure i would make my first post here and see what others might do given my situation, if they were in my shoes so to speak


good day fellas
 
c00nter сказал(а):
gain persistance, buy a RAT
Yeah , well I know that much lol but thank you.basically I need to find a document they open a lot and attach a payload of sorts, right? So that they execute the malware on their system
 
Пожалуйста, обратите внимание, что пользователь заблокирован
Do you have access to any of their infrastructure besides just the email? Like Exchange Servers, Windows Servers, etc? If so, drop a cobalt beacon/payload, persist it, enumerate, enumerate, and then enum some more....try and then reuse creds that you found on one server to move laterally through their different servers.....Then you can just upload and execute any malware or payload yourself...maybe first I should have asked if you have ever used CobaltStrike lol....
 
shook_1 сказал(а):
Do you have access to any of their infrastructure besides just the email? Like Exchange Servers, Windows Servers, etc? If so, drop a cobalt beacon/payload, persist it, enumerate, enumerate, and then enum some more....try and then reuse creds that you found on one server to move laterally through their different servers.....Then you can just upload and execute any malware or payload yourself...maybe first I should have asked if you have ever used CobaltStrike lol....
lol, right? yeah im a relative noob on the malware aspect. I know of colbalt strike but never used it
 
dump info (customers database, emails, payments) and sell it to their competitors.
despite much less money than ransomware, it is also much less years in a prison.
 
Пожалуйста, обратите внимание, что пользователь заблокирован
Dread Pirate Roberts сказал(а):
dump info (customers database, emails, payments) and sell it to their competitors.
despite much less money than ransomware, it is also much less years in a prison.
Yes, this is another thing I was going to mention....It is definitely nice to learn and progress, but make sure at the earlier stages of learning you are still making sure your OpSec (operation security) is very well thought out, because you do not want to get caught and go to jail over it. Now that I have mentioned that, I agree with Dread as well.
 
Everyone that commented here are all forgetting the universal fraud law.."Do not shit where you eat." OPSEC.
you gotta consider every point of view. consider your position in the company.
if worse comes to worst, will the management see you as potential criminal if you ever done your heist project?
you have to come clean always. if you are an IT-related employee in the company well then, you can be the suspect.
so exploiting the company database is already an EX out.
always act like you have paranoia. the company will definitely hire someone who can trace the footsteps of the criminal and mind ya'll theres nothing to hide as long as we are all connected to internet. everything is exposed in the web wide world. so careful. always be careful.
 
doperobot сказал(а):
Hello, So im rather new in the game...well, been a lurker for years doing small accomplishments and whatnot but never successfully deployed malware, or ransomware etc.
So in my digging, i have found a smallish landscaping company and i have access to everything about them. I am in the owner/ceo office365, outlook as well as sales dept, admin, projects etc etc. I have full access to their web presence godaddy/wix etc as well as banks.
trying to decide whats the most valuable route thats somewhat less time consuming....if that even makes sense since ive done most all the time consuming work lol.
at first glance i was thinking BEC obv since i have all the access but i would need some help as im ignorant of biz concepts, day to day office , accounts payable/receivable etc
or i could get a recommendation on any malware for like drive by type for visitors to their website.
I hope i make at least some sense to you guys...as i am just really excited and doing my best to stay calm and think clearly ya know.

I just figure i would make my first post here and see what others might do given my situation, if they were in my shoes so to speak


good day fellas
Pm me on telegram @cprdon
 
pave7s1tn1k0v сказал(а):
Everyone that commented here are all forgetting the universal fraud law.."Do not shit where you eat." OPSEC.
you gotta consider every point of view. consider your position in the company.
if worse comes to worst, will the management see you as potential criminal if you ever done your heist project?
you have to come clean always. if you are an IT-related employee in the company well then, you can be the suspect.
so exploiting the company database is already an EX out.
always act like you have paranoia. the company will definitely hire someone who can trace the footsteps of the criminal and mind ya'll theres nothing to hide as long as we are all connected to internet. everything is exposed in the web wide world. so careful. always be careful.
agree with this. Even if the Law sends their worst you need to play like they WILL send their best. you never know, you could get a fucking schizophrenic 30+ year experience incident responder/forensic analyst on you...so play like it
 
admin


Напишите ответ...
  • Вставить:
Прикрепить файлы
Верх