|More How to Break into Banks -- Legally!
Under the rules of engagement for Peck’s test, he had to start with no inside knowledge of the Bank of Fubar. He also wasn’t supposed to run any exploit programs against the bank’s computers. And if, ahem, maybe by accident, he were to find himself inside one of their computers, “I was supposed to notify them the minute I got root.”
“I was barely old enough to drink,” recalls Peck. “There I was on the 28th floor of the Embarcadero #3 Building, overlooking the San Francisco Bay. I had a salary of $120K/year, corporate housing, and a laboratory with lots of tools.” It was his first big test in a dream job, “Something I would have done for free. Breaking into computers was my hobby.” It was a job he could lose if he played it safe.
He had two weeks to make his magic. “I wrote the penetration methodology and test from scratch.”
He began with reconnaissance, working from 9PM to 4AM every night, a time slot when his probes would be less noticeable. He determined what phone lines the bank possessed and scanned them for rogue modems. Nothing turned up. He ran whois and nslookup queries, teased out zone transfers with “hosts –l” against carelessly configured DNS servers, trying to enumerate computers that hid behind the bank’s firewalls. Still he couldn’t find a fault in the bank’s defenses.
Next he scanned the perimeter of its networks, and there he struck gold, a computer running the Linux operating system. By now he had figured out that the bank did not use Linux for any of its systems. It had to be a rogue computer, and it was outside the bank’s firewalls. Further tests and probes confirmed that the computer was a rogue system which had been set up by one of the bank’s employees to host his personal website, vacation photos, and other information about himself, including pictures of the server sitting under his desk at his cube inside one of the bank’s buildings.
Peck thought a few seconds, and what the heck. The rules of engagement couldn’t apply to a rogue computer, right? Besides, if he were to break in, he could learn more about this maverick box, perhaps get kudos for foiling some dire scheme. Like most Red Team types, hesitating until 9AM to confer with his customer wasn’t something that would exactly pop into his mind.
Peck probed the Linux box further and identified several vulnerabilities. He found a matching exploit program on a hacker website, compiled and ran it. When he saw the pound sign prompt that meant he had spawned a root shell on the rogue box, he felt that same old rush that had been driving him since he was a kid breaking into electronic bulletin board systems. “It’s addictive,” he said.
Peck took screen shots to document the break-in and chronologed his activities in detail to provide a good set of work papers. He soon determined that this Linux box was simply a personal toy, and quite against the bank’s rules. The culprit had made no effort to hide who he was, for inside, Peck found the name and address of the fellow who had set it up.
More How to Break into Banks--->>