Question

Stealing the Examination

As part of your preparation for the upcoming examination, you have the goal of stealing a copy of the examination.

*Note that this is a thought experiment that is you should not try it out in real life.

When preparing the exam, the files are stored on the IT servers in a private directory only accessible to academic and examination admin staff (e.g., Julian and Hooman). All staff use their Massey username and passwords to authenticate themselves and gain access. A physical copy of the examination is also stored in the School office in a locked file cabinet and in the Science Faculty office in a locked room. Neither Julian nor Hooman has copies of the examination stored in their offices.

If you are permitted to only use publicly available information when building your profile, describe a scenario explaining how you use the social engineering techniques, e.g., phishing, pre-texting, baiting, quid pro quo and tailgating, —as described in the lecture— to achieve your goal.

Note that you do not need to include filenames or directory name but you should be as specific as possible in your answer.

Question 2.1: Name the human target or target(s) for the scenario.

Question 2.2: Identify ONLY the information necessary for the attack, the reason why each piece of information is required and the source of the information (provide URLs where appropriate).

Question 2.3: What are the steps describing how you will carry out the attack? These should be written such that you could provide these steps plus the previous information to a third party to carry out the attack.

Question 2.4: Describe which of the concepts from the course that have been applied in your attack (you should use at least one!).

Answer 1

2.1:-
Answer:-  The human target for this scenario will be Hooman which is the examination admin staff.

2.2:-
Answer:- The only information necessary will be his email id and password because the faculties who are making the examination paper mush have send Hooman a copy of the paper to him for confirmation.

2.3:-
Answer:- To hack the users email one can use Keylogging.

Seemingly, this is the least demanding alternative for the vast majority who need to figure out how to hack email passwords. Keylogging involves recording each keystroke that is composed in by a client on a PC console. You can do so utilizing a covert agent program known as a Keylogger.

You needn't bother with extraordinary abilities to introduce the program on a PC. Keyloggers additionally work in covertness mode, something that makes them difficult to recognize once introduced. On the off chance that you don't have physical admittance to an objective PC, there's no compelling reason to stress since some keyloggers offer far off establishment.

Keylogging is ostensibly the most clear hacking strategy that programmers use to take touchy data from casualties. Other than email hacking, Keylogging can be utilized to keep an eye on your objective's instant messages, calls, and different passwords.

2.4:-
Answer:- The concept that we used is Keylogging attack.

A keylogger is a tricky type of spyware. You enter delicate information onto your console, accepting no one is viewing. Actually, keylogging programming is working diligently logging all that you type.

Keyloggers are movement checking programming programs that give programmers admittance to your own information. The passwords and charge card numbers you type, the pages you visit – all by logging your console strokes. The product is introduced on your PC, and records all that you type. At that point it sends this log document to a worker, where cybercriminals hold on to utilize this delicate data.

On the off chance that keyloggers seem like Hollywood fiction, that is on the grounds that we've seen them on the cinema previously. You may recollect Tom Cruise's character utilizing one a Mission Impossible film, and the mainstream programmer show Mr. Robot bases a key plot point around keyloggers.

These cybercriminals aren't simply listening in on whatever you are composing. They have ringside seats.