|
An example of social engineering
One of the easiest ways to gather informations
|
Not Assigned
|
21 June 1999
| by
_A&T
|
|
|
Courtesy of Fravia's pages
of
reverse engineering
|
slightly edited
by fravia+
|
fra_00xx 980621 _A&T 0000 NA PC
|
Yes, this kind of social engineering tricks are very important, and are actually part of the
how to search section as well. Searchers are well advised to learn
the basic social engineering techniques. Stalker needs to know them as well.
Hackers need social engineering quite a lot and Crackers almost as much. Come to think of it
it would wonder me that you, dear reader, will never find an use for this kind of lore...
Note also the simple, yet deep truth underlined by _A&T: "if you are
trained in computer sciences, you unconsciously tend to think that everything that is easy
for you is easy also for the others; well, it's not! All the knowledge you have built
during many years is a mystery for them. On the net, you often find expert and trained
people, because it's the right place to find them. Everywhere else in the world,
they are rare".
How true, and how important! I notice myself how annoyed I often get for the slow pace that
most relatives, friends or collegues of mine use when dealing with PC or Web-related stuff.
What's obvious for anyone of us is a mistery for most fellow humans, funny, but also, maybe,
ahem, "resourceful", as well... eheh :-)
| |
|
There is a crack,
a crack in everything
That's how the light gets in
| |
Rating
|
(X)Beginner ( )Intermediate (
)Advanced (
)Expert
| |
I'm not a native English speaker, as you will soon
discover reading this
:-), so
please forgive any mistakes.
An example of social engineering
One of the easiest way to gather informations
Written by
_A&T
Often you spend a lot of energy trying to gather
informations using all the net resources you can
think of... and that's ok, but sometimes there
is another method, easier and quicker. Reading this
you will find I started the other way round, that is,
I had some 'real world' infos and used them to get
'virtual' ones, something you have probably often
overlooked.
A working brain.
A telephone.
(none)
(none)
Yeah, after reading several essays from Fravia's pages
we are all experts
in cracking apps, searching the web and stalking
enemies, aren't we?
If we want to find someone on the net, we know we have
lots of tools to
begin with, like Dejanews, or DNS records.
Now I want to tell you of a powerful technique, which
is mainly used
for hacking-related efforts, but works well almost
whenever you can apply
it.
Social engineering means "fooling people into telling
you what you want to
know,
even if they are told not to/you are not entitled
to/they don't want to/and
so on".
The 99% theory
The most astonishing aspect is that it works! The
reason goes more or less
like this:
of the 6 billions people in the world, 1% are
intelligent beings, the other
99% blindly follow their lead. No, I am not saying
that they have no brain:
the
previous sentence applies for each aspect of our life
separately. For
example,
I can not paint like Bilibin :-), nor I will able to
do it in my entire
life. For this,
I reside on the 99% side. But talking of computers, I
know only one guy who
can
beat me (in 'real' life, of course, the Net is full of
talented people), so
I feel
I stay on the 1% side. I bet the same is true for the
majority of you, since
you
are reading Fravia's pages. If not, carry on and study
some more essays, you
will
surely change your status.
What all that means for us? It's easy to guess: if you
are trained in
computer sciences, you unconsciously tend to think
that everything that is
easy
for you is easy also for the others; well, it's not!
All the knowledge you
have built during many years is a mystery for them. On
the net, you often
find expert and trained people, because it's the right
place to find them.
Everywhere else in the world, they are rare.
Now to the interesting part: after have picked up your
"victim", he/she will
almost surely reside on the 99% 'blind' side, and you
have a huge
advantage:
you simply know what you are talking about, he does
not.
I will give you a small example, very simple and
straightforward, but I am
lazy
and this is the first which came to my mind, since
it's the last I did.
So there was a guy, the story is long and I am going
to write down only the
relevant
parts. I exchanged some e-mail with him, and I was
sure he was hiding
something
important to me. Here are the relevant things I knew
of him:
- He was from my own country, so there was no
language barrier
(this is a must! If you cannot speak his language
very well, you
have almost lost)
- He had a hotmail account, so I knew his login
name
- He was not a computer guru, at 99% level
So what? Well, I wanted to read his past mail. I was
betting that, like most
99%-sided people, he was not deleting it after
reading. So I tricked him to
tell me his
snail-mail address, which people often give away with
little concern, btw.
A quick call to the local telephone company gave me
his number.
Here begins the difficult part: you have to play the
'perfect employee'
role.
- Find a quiet place, possibly with some low
'office' sound on the
background.
- You should be alone, with no one listening to your
call.
- If you think your victim has a caller ID, that is,
he can track the
number
you are calling from, 'borrow' some telephone at work
or somewhere else.
- Take some deep breaths, your voice must be polite
and look used to
telephone
conversations, try to learn from all the telephonists
you talk with.
- If you are a woman and your victim is a man, you
have another little
psychological
advantage over him, talk with a happy tone and he will
answer everything you
ask :-)
- If you can exibit a good knowledge of his personal
data, he will gladly
fill
just that small gap you need.
I picked up the telephone and called him, at
8.30am.
(conversation translated)
"Good morning sir, I am (insert faked name here), I am
willing to speak with
mr. (insert
victim's name here)"
"Yes, hold on please"
....
"Hello, I am (victim's name)"
"Good morning sir, I am an employee of the local
Hotmail agency (btw, I
don't think
Hotmal has 'local agencies'), I am sorry I am
calling you so
early..."
"Uh, hotmail, well, I was having breakfast, but it
doesn't matter"
(victim is surprised)
"I was able to call you because of the personal data
form you filled when
creating your
account, so don't be surprised" (with eye-blinking
tone)
"My pers.. oh, yes"
"I have to inform you that we had a hard disk crash
tonight, and we are
trying
to restore all our user's mail."
"A crash? Is my mail lost?"
"Oh no, sir, we can restore it. But, since we are
simple employees, and we
are not
allowed to mess with our user's mail, we need your
password, otherwise we
cannot
take any action"(first try, probably
unsuccessfull)
"Er, my password? Well..."
"Yes, I know, you have read on the license agreement
that we will never ask
for it,
but it was written by the legal department, you know,
all law stuff that's
needed
to open business and such. (effort to gain victim's
trust)
Your username is (insert victim's username), isn't it?
Legals gave us your
username and telephone, but, as smart as they are, not
the password.
See, without your password nobody can access your
mail, even we hotmail
employees.
But we have to restore your mail, and we need access.
You can be sure we
will not
use your password for anything else, well, we will
forget it."
(smiling)
"Well, it's not so secret (also smiling! it's
amazing...), my pass is
xxxxxx"
"Thank you very much, sir. We will restore your mail
in a few minutes"
"But no mail is lost, isn't it?"
"Absolutely, sir. You should not experience any
problems, but do not
hesitate to
contact us just in case. You will find contact numbers
on our web page"
(which our
victim has probably never read from begin to
end)
"Thanx, you are very efficient, goodbye"
"Goodbye"
And that's all. You see, nothing difficult. This time
was easy, because no
questions
came from the victim. Often you need a ready
imagination to reply with
convincing
arguments. You don't need to be, just pretend you are,
and remember that you
are
on the 1% side :-)
(none)
Obviously all this essay talks about some
theoretical situation.
Tricking
people into giving away their password is illegal in
some countries, and if
you
take every word literally this text could be seen as
illegal as well. But
you are
smart, don't you?, so you can see the irony between
the lines.
You are deep inside fravia's page of reverse engineering,
choose your way out:
homepage
links
search_forms
+ORC
students'
essays
academy
database
reality
cracking
how to
search
java-script
wars
tools
anonymity
academy
cocktails
antismut
CGI-scripts
mail_fravia+
Is reverse
engineering legal?