March 23, 2010

H2K2 - Email Hacking

I found my original post from two years ago on this subject. I didn't tell the story then, so consider this an update. ;-)

H2K2 - Email Hacking from reconbot on Vimeo.

This is an old one, we used ettercap to sniff the wifi at h2k2.

A lot of fun was had in those few days.

A few years later, I found this video and checked the user/pass reading from the video. They worked! I contacted him to change his password. He was shocked about the event, and I was shocked nobody has seen the video and messed with him. Instead of being angry he felt it was stupid of him to check his email at a hacker's conference.

I should also add it was outlook web access 2000(?) without ssl. But if it was SSL I could have MITMed it. ;-) I even think back then it would have been SSLv3.0 which you could just break.

Aww, Those were the days. © 2022.
Powered by NextJS and Vercel.