Just found my targets sisters email address...

[maggs30]

What if anything can I do with it? I don't want either one of them to know I am up to something. Is there a way to get her password and get into her accounts?

[justy]

no. not through myspace. if its a yahoo or hotmail email addy, you can try and guess the info on them to gain access....then request a password reminder from myspace and open their email...voila. otherwise, you are stuck. you could use a keylogger as well on their comp.

[tomron]

If I use the MS password reminder with the targets e-mail addy wouldn't then the password be also sent to the target since it was their e mail addy that was used.

[Moderator_]

@maggs30
Good luck. If you do eventually get the password for their myspace, be sure to snag their mobile token.



@tomron
Justy is correct. Besides, if an email is sent out to the target's hotmail or yahoo, etc...then maggs30 can simply delete the email since she would have access to the email addy.



@maggs30
Since you have the email address, to get passwords you can also phise them. Or you can use a keylogger. Use those options at your own risk. And study up on it before attempting it. I'm not aware of your level of knowledge with those options so it is probably better for you to just try to guess their info to gain access. If you don't know the answers to their secret questions, then a little social engineering may help.  

[Moderator_]

@maggs30


Also, I wanted to reiterate again to study up on how to phise and use keyloggers. She-geeks does have some content on the main page about phising. You will need to utilize google for getting all the details about that, as we don't give every step on how to do it.

For keyloggers, I find it best to use a private one (not one that you buy--those are usually easily detected). Jewels has made recommendations for keyloggers in previous posts.


Good luck, I phise when all my other attempts have failed.

[tomron]

Justy is correct. Besides, if an email is sent out to the target's hotmail or yahoo, etc...then maggs30 can simply delete the email since she would have access to the email addy.

My target has many e-mail addys and I know three of them.I tried MS "find a friend" and ticked the  e-mail address box to no avail so the target probably has more e-mail addys and/or since my target is not a friend it won't work.

Point being,whether I try MS or yahoo password reminder I would presume that myself as well as my target will be sent a password reminder in which is of concern cause I will not have the option to delete.Will my target be sent a password reminder since its their e-mail addy thats being utilized.

[Moderator_]

since my target is not a friend it won't work.

That has nothing to do with it.

Point being,whether I try MS or yahoo password reminder I would presume that myself as well as my target will be sent a password reminder in which is of concern cause I will not have the option to delete.Will my target be sent a password reminder since its their e-mail addy thats being utilized.

Obviously when someone requests a password reminder for their Myspace--the password is sent to their email addy. If a person requests a password reminder for their yahoo--obviously the password is sent to their yahoo. It's not wise trying to get someone's password if you are concerned about them knowing its you. You have to be ninja to do that stuff without leaving a trail.


Like I said, Justy is correct when I replied to your previous post when I said that maggs30 could delete the reminders since maggs30 had access. But if were not understanding your "new" question "tomron" let us know.

[tomron]

@Moderator_

Obviously when someone requests a password reminder for their Myspace--the password is sent to their email addy. If a person requests a password reminder for their yahoo--obviously the password is sent to their yahoo

I figured as much but just wanted to confirm since I already gave my hand away to many times already.

[angelfire]

For keyloggers, I find it best to use a private one (not one that you buy--those are usually easily detected). Jewels has made recommendations for keyloggers in previous posts.

Question on this: By "private" keylogger vs "one that you buy", do you mean a downloaded one vs one purchased in a store?
I know that there are free keyloggers available online, but the ones I've found that Jewels has recommended (like e-blaster) are downloadable, but must be purchased online -- i.e. you must buy it.

Hope this isn't a dumb question, but I'm not clear on the distinction between "private" and "one that you buy".
I'm thinking of trying a remotely installable keylogger, but of course want to make sure that I don't get a detectable one.
Thanks!

[Moderator_]

Question on this: By "private" keylogger vs "one that you buy", do you mean a downloaded one vs one purchased in a store?

By private, I mean one that you or someone you know has created. Most keyloggers can be detected, but not all and you don't have to use a private one in order to stay "under the radar"

It's always good to do a little "background" on your target--what I mean is, learn their computer habits, find out what anti-virus they use, etc. Use a keylogger that is "known" to not be detected by their anti-virus etc. Doing that "background" can really help make things smoother. Also, do several test runs before the actual deploy.

Keep in mind, deploying a keylogger on a computer that you don't own is highly illegal. So be careful and it wouldn't hurt to go out and purchase a machine (pc) used primarily for such activity. (one that isn't traceable to you in any way)


On a related note: Jewels has some awesome content on the front page about Returnil--when you reboot all the bad things are removed from your computer. Check it out, its on the main page at she-geeks.com.

[Dagastino]

http://www.firewallleaktester.com/aklt.htm is handy for testing various security suites. It's pretty much a deadend these days those. The defenses are very good now.