CYBR430 Week 2 lab
docx
keyboard_arrow_up
School
Bellevue College *
*We aren’t endorsed by this school
Course
430
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
4
Uploaded by CountDugongPerson1794
CYBR430, Penetration Testing and Incident Response
Week 2 Lab – Open Source Collection
Using passive collection techniques as discussed in your readings and listed under the resources for the
week see what information you can find out about Happy Accident Labs.
You will complete this lab from
any internet connected computer.
There are some questions below for you to answer but there may
also be other information you find which could also be useful in this penetration test.
Be sure and take
good notes.
Happy Hunting…
Answer each question using research you conduct on the web and using various information gathering
tools.
Remember, this is passive collection, you will only need an internet connected computer to
answer the below.
Provide both the answer, a description of your process to find the information, and
any applicable screen shots.
Don’t know where to start, hmmm – what would be a good guess for a
domain name?
What is the domain name for Happy Accident Labs?
The way I was able to find the domain name was by searching “Happy Accident Labs” on Google. Here I
was able to find the website
www.happyaccidentlabs.com
Who is the domain name provider?
I used the WhoIs to identify who the name provider was, which was GoDaddy.com
Do they have an email provider or do they provide this service internally?
If external who is the
provider?
It is an external service provided GoDaddy
Who might be a good technical point of contact?
abuse@godaddy.com
What might be the address of their company?
Phone number(s)?
Based on their website their office is located at 222 S. 15
th
St Omaha NE. I was not able to find any phone
numbers
What type of building are they in?
The building seems be a multiple office building that could possibly be shared with other organizations.
It has a Starbucks and a Library in front.
What is the area like around their offices?
Can you think of any opportunities for Social Engineering
encounters?
The area of the office looks like it may be in downtown Omaha, in Central Park Plaza. The building seems
to have several restaurants near it and a Starbucks. It also has a library across the street. One of the
social engineering things that may be done is tailgating since it looks like there are multiple companies in
that building, you may be able to gain access by following behind them. The other one is eavesdropping
at the coffee shop or restaurant to gain intel to be able to create phishing emails.
Are there any email addresses you found?
The email address I was able to find was on their website Sarah Russell, russells@happyaccidentlabs.com
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Do you know anything about their network or potential access to their network?
Just based on their website where it states they are hiring a System Administrator. It looks like they have
a DNS and DHCP. It also looks like they have devices that have different operating systems such as
Windows 7/10 and Red Hat/Fedora Linux. It seems they may use an open-source firewall, PFSEnse
Firewalls. It may possibly be installed on a designated computer or router.
Did you find any other potentially useful information?
Some useful information to me is the name Sarah Russell, she can be a point to be able to attempt
phishing emails or get more intel about Happy Accident Labs or attempt to brute force into her email.
The other interesting thing I came across was the version of WordPress(5.8.8) they are currently using.
The current version is at 6.3 meaning there are possible vulnerabilities that have not been patched.