I am posting this question about the final self-selected hacking project, and I would like to inquire as to the posting of the final project photographs, blueprints, source code, maps and other information.
The variable I seek is that of repeatability, as I wish to post considerable detail and information so that it can be repeated against other targets, and locations beyond those I initially target.
What I am getting at, is should I post "juicy details" of the hack, or should enough "juicy details" be withheld so as to not directly enable a repeat of what I will perform as my last class project.
I already have the system, location, and networks picked out, and started working on the project, and have been preparing and collecting data to include a strong element of social engineering, technical analysis, vulnerability analysis, physical weakness, surveillance system weaknesses, locks and alarms analysis, and without committing any act of trespass or any other criminal act I have been able to obtain highly proprietary data, including weak points that are open for exploitation or sabotage.
As part of the project, will I be given points if I post a zero-day exploit to the Ethical Hacking list (this list) prior to making the exploit known to Company/Agency who run the systems I am referring to?
My self-selected target is not on school property, and is not a school system, but it can be accessed from the school, and from school property the system can be exploited, violated, access, controlled, crippled, and other mischief committed, shoudl one wish to do so.
I know several good defense attorneys that you may need to call upon at the completion of your project.
ReplyDelete