Skip to content

Instantly share code, notes, and snippets.

@icio

icio/gist:1253244

Created Sep 30, 2011
Embed
What would you like to do?
Kevin Mitnick Voice Mail and Fax Exploit
http://hsgac.senate.gov/030200_mitnick.htm
8.2 Voice Mail and Fax Exploit
This exploit relies on convincing an employee at a large company to enable a voice mailbox: the intruder would call the people who administer the voice mailboxes for the target company and request a mailbox. The pretext would be that the intruder works for a different division, and would like to retrieve messages without making a toll call.
Once the intruder has access to the voice mail system, the intruder would call the receptionist, represent himself as an employee of the company, and ask that they take messages for him; last but not least, the intruder would request the fax number and ask that incoming faxes be held for pickup. This sets the stage for the call to the target division of the company.
At this point, the intruder would call the target division to initiate the fax exploit with the goal of obtaining the targeted confidential company information. During that call the intruder would identify himself as an employee of the division whose voice mail and fax systems have just been compromised, he would cite the voice mail box in support of his identity, and would social engineer the target employee into faxing the target information to the compromised fax number located at one of their other offices.
Now the intruder would call the receptionist, tell the receptionist that he's in a business meeting, and ask that the receptionist fax the confidential material "to the hotel." The intruder picks up the fax containing confidential information at the secondary fax, which can-not be traced back to either the intruder or the targeted company.
I used this exploit to successfully compromise ATT's protected network access points routinely. ATT had learned that a system had been compromised by unauthorized entry at a central network access point called "DataKit." They imposed network access passwords on all DataKits to inhibit unauthorized access. I contacted one of the manager's secretaries and used the Fax Exploit to convince the secretary to fax me the password that enabled access to a DataKit that controlled dial-up access to ATT's worldwide computer network.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.