In my head....o0(huh, that's cool, I haven't seen that before. Click link. Doh, I shouldn't have clicked that. oh well, here now. Hmm, Start test. Err, well it is on metasploit's site...or is it? hmm, did they just steal metasploit's header? Wait, John Strand sent this, so I'm sure it's ok. WAIT, John Strand sent this! Umm, what to do, what to do. AAARRGHH. Ok fine. Start Test. Umm, word document? Itunes? url? Umm. Crap. Ok, Start. Run. Notepad. Typing..."Hi John, welcome to my computer.")0o...
From: [email protected] [mailto:[email protected]] On Behalf Of John Strand Sent: Tuesday, March 09, 2010 7:00 AM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] Information gathering If you can get an email to the address with a link, you could use the Metasploit Decloaking Engine: http://www.decloak.net/ Also, look carefully at the email headers. If it is not an open public/free email address (e.g. Yahoo, Gmail etc.) you might see something interesting. As usual, make sure you have permission, be good, etc.. john On Mon, Mar 8, 2010 at 3:45 PM, Tyler Robinson <[email protected]> wrote: Curious if anyone has any recommendations for software and or techniquies used to gather info on an individual based soley off an email address. I was asked to do some preliminary reconacence on an email address so I started with what I knew google search strings, scouring the social networks, used maltego and even a bit of social engineering but short of breaking the law and hacking into his yahoo account any other suggestions. As always thanks so much to the pauldotcom listeners for there eagerness and pelethora. TR _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
