How to find private e-mail addresses of companies

Firstly, I want to share basic and very brief summary of Metasploit terms with you, and then you can follow the steps below as a guide to bringing latent e-mail addresses of a company into the open.

Metasploit:
Metasploit is basically a security tool used to attack and test a system or a network. If you need to make a simulated attack on computer system looking for security weaknesses, Metasploit will show the vulnerabilities and aids in this so called penetration testing.

Exploit:
Code which allows an attacker to take advantage of a vulnerability.

Payload:
Actual code which runs on the system after exploitation.


Well, please simply have a look at following basic steps to break into a system by using Metasploit after gathering some information about the target system.
  • Select a right exploit and then set the target.
  • Verify the exploit options to determine whether the target system is vulnerable to the exploit.
  • Select a payload
  • Execute the exploit.

Let's move on to the our main aim via Metasploit;
If you want to hack some private files belonging to a corporation, your use of Metasploit may serves the purpose by means of social engineering attacks to connect their systems effectively.
  • Open Metasploit
  • Through the "use" command, choose "auxiliary/gather/search_email_collector" module. Display the parameters by typing the "show options" command. Then, it will do some research about e-mail addresses by using Bing, Google and Yahoo search engines.



  • Define your domain as "set DOMAIN domain.com" and start the module by typing "run" or "exploit" commands. 



ENJOY YOUR INVESTIGATION 👥








(Compilation, excerpted from Mechasploiter)


Comments