Twitter attack: step by step
Michael Arrington has already fairly closely met the 21-year-old French hacker Hacker Croll. As you know, this guy hacked Twitter and gave Michael 300+ pages of official documentation, which he gradually publishes online. These guys have become real friends and chat online every day. By the way, if anyone does not know, Michael Arrington is a lawyer by education, so he probably knows what he is doing and is not afraid of lawsuits (perhaps, Twitter already agreed what can be published and what is not).
From the latest posts on TechCrunch, we can learn everything about Hacker Croll (HC), including where he worked before in his France and what he does now (just looking for a new job), when he began to be interested in hacking, where he started, why he hacked Twitter and (most interesting) - in detail - exactly how the hacking was carried out. From this moment more.
Regarding the absolute disorder of the company's security executives, everything they say is true. One of the servers really had a password ”password”, and one of the founders of the company used his own name “Jack” as login.
From the latest posts on TechCrunch, we can learn everything about Hacker Croll (HC), including where he worked before in his France and what he does now (just looking for a new job), when he began to be interested in hacking, where he started, why he hacked Twitter and (most interesting) - in detail - exactly how the hacking was carried out. From this moment more.
- The hacker did a standard job that precedes the hacking of any corporate network. Search for open sources and compile a list of company employees, their positions, email addresses, dates of birth and personal information, including the names of wives and dogs. All this is easy to find in social networks.
- HC accessed one of the Twitter employees' Gmail mailbox using the password recovery feature to a backup email address. The fact is that a closed mailbox on Hotmail was specified as a backup. HC simply registered it, ordered the letter and clicked on the link that generates the new password. So he went to Gmail.
- HC began searching the archive of emails to find indications of what the Gmail password used to be. He managed to find this information, and he changed the password to the old one, so that the mailbox owner did not know about the hacking.
- HC applied the same password to go to Google Apps for your domain corporate email, and it worked. There were found these deposits of sensitive corporate information - in the texts of mail messages, but especially in attachments.
- HC used the information received and the selection of passwords to access the personal and work mailboxes of other Twitter employees.
- HC used the same combinations of usernames and passwords to access AT & T, MobileMe, Amazon, iTunes, and others. In which case, he recovered the password by mail, since he already had access to the mailboxes. A security hole in iTunes gave the hacker access to unencrypted account holder credit card information. In addition, HC gained control of Twitter domain names through the GoDaddy web interface.
- Even at this stage, Twitter employees still had no idea that they were hacked.
Regarding the absolute disorder of the company's security executives, everything they say is true. One of the servers really had a password ”password”, and one of the founders of the company used his own name “Jack” as login.
')
Source: https://habr.com/ru/post/65304/
All Articles