Chained Exploits: Discover What Your Boss Is Looking At

This chapter shows how to chain exploits together to intercept network traffic, in this case to spy on your boss. This chapter is useful not only for teaching the exploits, but also for showing risks to networks and countermeasures to minimize those risks.
Setting the Stage

Phoenix clenches his fists as he reads the memo on his desk. This is the last straw, Phoenix thinks to himself as he crumples the memo up and throws it away. It is a memo from his boss, Mr. Minutia, explaining that it has come to his attention that several employees are using their computers to send out personal e-mails. Phoenix’s boss would monitor all e-mail. Should he discover an e-mail that is not work related, human resources would reprimand the employee who sent it.

The memo does not stop there, however. It goes on to state that employees have been surfing the Internet for personal use during work hours, which is against company policy. As a result Phoenix is no longer allowed to delete his Web browser’s history so that his boss can come by and periodically check it.

Phoenix knows that Mr. Minutia has been spying on him for some time now. Phoenix sees Mr. Minutia at his desk, shuffling through papers, whenever he leaves his desk to go to the copy machine. Phoenix notices Mr. Minutia walk over to his desk whenever he is on the phone to eavesdrop on his conversations. Now Mr. Minutia has taken it to the next step by reading all of Phoenix’s e-mails and reviewing the Web sites Phoenix views.

The word hypocrite echoes in Phoenix’s mind. He knows his boss spends the majority of his time at work surfing the Internet. Phoenix is not sure what his boss is looking at, but Phoenix is determined to find out because he suspects it might not be work related. Then Phoenix can approach Mr. Minutia with a taste of his own medicine and expose his Internet-surfing habits. Phoenix begins to plot how he is going to spy on his boss.

Figure 2.1 illustrates Phoenix’s office scenario.

Figure 2.1 Topology diagram for scenario

