http://1stinkinpercent.livejournal.com/ (![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png)
1stinkinpercent.livejournal.com) wrote in ![[community profile]](https://www.dreamwidth.org/img/silk/identity/community.png)
fandomhigh2014-08-04 07:34 am
1stinkinpercent.livejournal.com) wrote in fandomhigh2014-08-04 07:34 am
Entry tags:
Hacking 101; Monday; Period 2
Once again, class was in the computer lab and Riley was at the front of the room, tapping away on his laptop while he waited for everyone to settle down. When it was time for class to start, he got up and got right to it.
"Today, we're gonna work on spoofing attacks," Riley started. "It's basically what it says on the tin, right there. A spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage. In simpler terms, it means that the hacker poses as a legitimate site or person or anything and successfully lures the victim into believing it. Once the victim is lured in, the hacker either now has access to their system or might have even convinced the poor victim to send them money. Ever heard of those Nigerian email scams? That's similar to a spoofing attack."
He hoped no one had fallen for one of those here because, yeah. Those didn't turn out fun in the end.
"Your task today is to work up something that might fool the layman in terms of spoofing. Whether it be a website that you can convince someone to visit and log into so you now have all their information or an email that someone downloads and attachment from and the attachment's really a rootkit which means you're into their system or anything else. I'm going to pass out some more information on spoofing attacks and your computers are all set up with the tools you need to create whatever you might wanna create so it's really up to you. Just remember that it has to look like it's the real deal and it can't be kooky because while the savvy user will know to avoid, that's not who you're looking to lure in. Try to lure in the person who barely knows what social media is and thinks that the email saying they won ten thousand dollars for a contest they don't remember entering is a blessing. Go."
And Riley let them get to work.
"Today, we're gonna work on spoofing attacks," Riley started. "It's basically what it says on the tin, right there. A spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage. In simpler terms, it means that the hacker poses as a legitimate site or person or anything and successfully lures the victim into believing it. Once the victim is lured in, the hacker either now has access to their system or might have even convinced the poor victim to send them money. Ever heard of those Nigerian email scams? That's similar to a spoofing attack."
He hoped no one had fallen for one of those here because, yeah. Those didn't turn out fun in the end.
"Your task today is to work up something that might fool the layman in terms of spoofing. Whether it be a website that you can convince someone to visit and log into so you now have all their information or an email that someone downloads and attachment from and the attachment's really a rootkit which means you're into their system or anything else. I'm going to pass out some more information on spoofing attacks and your computers are all set up with the tools you need to create whatever you might wanna create so it's really up to you. Just remember that it has to look like it's the real deal and it can't be kooky because while the savvy user will know to avoid, that's not who you're looking to lure in. Try to lure in the person who barely knows what social media is and thinks that the email saying they won ten thousand dollars for a contest they don't remember entering is a blessing. Go."
And Riley let them get to work.
Sign In [HACK 101 08/04]
Re: Sign In [HACK 101 08/04]
Re: Sign In [HACK 101 08/04]
Re: Sign In [HACK 101 08/04]
Lecture [HACK 101 08/04]
moddablespoofing attack information, talk to each other, whatever!Class Activity: Spoofing Attacks [HACK 101 08/04]
Re: Class Activity: Spoofing Attacks [HACK 101 08/04]
Her website asked people to vote on which of two cat pictures was cuter. The site also solicited user submissions, and there were vague prizes promised if the user's cat won Cutest Cat of the Day!!! ... and of course, several fields to fill out giving personal login information.
There was a sister site for dogs, obviously.
Re: Class Activity: Spoofing Attacks [HACK 101 08/04]
The email looked just like an official Facebook communication, and had a paragraph or two about "Have you updated your personal information lately? Please log in using this link in order to make sure everything is entered correctly."
The beauty of it was, after logging in on Joker's site, they would be passed straight through to Facebook, and might not even realize they'd given their user name and password to the wrong site.
Karolina [HACK 101 08/04]
Re: Karolina [HACK 101 08/04]
But she was jotting down some ideas before she'd get to work.
Riley [HACK 101 08/04]
OOC [HACK 101 08/04]