Clinic for hacking plot in my book

Hello again, r/hacking! Some time ago I asked for advice and inspiration for my book about hackers and it was great help. The book is all but complete, being redacted as we speak. But I have still two technical aspects Im not super happy about. I would like to ask your help once more:

  1. Femtocells – when someone connects to your femtocell then you get their IMEI number but not phone number, and this is a bit of a problem for me. Does it allow to send a fake SMS to such phone while it’s still connected? This would fix a bit my issue. (If this is not possible I can always patch it by hacker having contact in telecom that can match IMEI to phone number.)
    And part b here: what would be a way to locate such femtocell and how could owner realize someone tries to locate it? My placeholder is that hacker notices a phone logging on and off to his femtocell and sends unusually traffic and so realizes he is being located.

  2. Emails signed with certificates – I thought it would be simpler… Hacker has (remotely) almost unrestricted access to target's laptop. He wants his own spoofed emails to appear legit coming to target’s mailbox, coming from certain recipient. I thought that replacing some locally stored certs should be enough, but im not sure anymore. I patched it also with replacing DNS servers, so hacker’s mail server appeared to be allowed sender of messages from certain domain (DoD, actually). I also mention that as side effect mails from legit sender would now appear suspicious. BTW target works at CERN ;)
    But im a bit confused and unconvinced myself here. Any help?

submitted by /u/Corrsarz
[link] [comments]

from hacking: security in practice https://ift.tt/3mH2RiA

Comments