View Full Version : Social Engineering

10-22-2010, 02:19 AM
This post is also represented by my friend Crypto in Ethical Hacking Tutorials in Orkut.

Let us discuss Social Engineering today.

This topic is rarely discussed because,it is a non-technical type of hacking. But believe me it has great importance.

What is Social Engineering ?
Social engineering refers to the method of influencing and persuading people to reveal sensitive information in order to perform some malicious action. It is used to gather confidential information, authorization details, and access details by deceiving people and manipulating them.
Thus in this we intentionally ask the victim , such type of questions so that we can guess his/her confidential information by the answers of those questions. The social engineering can be seen in movies like oo7, Italian Job, Catch Me if you can, Bourne Identity & other series, Eagle Eye etc.

One of the greatest advantage of Social Engineering as compared to other attacks is that there is no software or hardware to halt it. It can only be halted by the , understanding power & IQ of victim.

Types of Social Engineering :
Social Engineering can be broadly divided into two types:

Human Based Social Engineering:
Human-based social engineering involves human interaction in one manner or another. It means that it will involve the attacker to perform some activities manually or physically.

The Human based social engineering is performed by following ways:

1. In person :
Attackers might try to visit a target site and physically survey the organization for
information. A great deal of information can be gleaned from the tops of desks, the trash, or even phone directories and nameplates. Attackers may disguise themselves as a courier or delivery person, a janitor, or they may hang out as a visitor in the lobby. They can pose as a businessperson, client, or technician. Once inside, they can look for passwords on terminals, important papers lying on desks, or they may even try to overhear confidential conversations. Thus attacker is like a rouge in this attack.
For eg: Attacker can enter an organization by pretending to be an Air Conditioner
mechanic. As A/C are mostly implemented in organizations. Now he can freely survey
the organization's structure and even if he gets a chance he install keylogger or trojan
in any of the machine. Other example is the attacker may possess himself as a company employee and make call to company's tehnical support to eilcit information.

2. Third-party Authorization :
Another popular technique for attackers is to represent themselves as agents authorized by some authority figures to obtain information on their behalf. For instance, knowing who is responsible to grant access to desired information, an attacker might keep tabs on him/her and use the individual’s absence to leverage access to the needed data. For eg:
let Mr. pr3dat0r be the Networking and Security Admin of Zenia Company. Now he will only have permission to gain access to information related to company's network. Let miss. Xena be pr3dat0r's junior network admin and all information about network status is given by her to pr3dat0r.
Now consider an attacker Crypto wants to gain access to network information of zenia company. So what
he will do is , Crypto will keep recording the daily routine of Mr. pr3dator, and try to
know how he works & how he gets information about Network of company. Now when Crypto knows all
the working schedule of pr3dat0r, so now whenever mr. pr3dat0r will be not present in office, Crypto will goto Xena and say politely "Hi, I am MR. Crypto from your ISP, I have an appointment with MR. pr3dat0r and he asked me to collect the Network Log from you." Now when xena learns that Crypto is reffered by pr3dat0r , she will soon hand the n/w Log to him. Usually it has been seen that junior employees don't ask much questions to the persons who are reffered by their seniors employee.
Then what, after Crypto gets Log & he flee away.

3. Tailgating :
Usually this attack works in big organization, having enormous emplyees.An attacker, wearing a fake ID badge, enters a secured company's area by closely following an authorized person through a door requiring key access.
An authorized person may not be aware of having provided an attacker access to a secured area. The attacker usually says following words to an authorized person who is having ID:“I forgot my ID badge at home. Please help me...”
An authorized person provides access to an attacker by keeping the secured door open, or the attacker waits for an authorized person to open the door & then attacker quietly enters.
eg: An attacker can intentionally hold something in his/her hands and stand near the door waiting for some authorized person, pretending that he/she is unable to open the door because his/her hands are not free. Now when authorized person opens the door, the attacker will silently enter.
Thus by following the authorized person closely the attacker will enter the secured areas of company, as attacker follows the authorized person closely so it is called Tailgating.

4. Shoulder Surfing :
This attack is very common among the students in school & colleges. It is also very common in cyber cafes.
In this attack the attacker silently stands stealth behind the victim at some distance and carefully watches the keystrokes that are hit by victim when, victim is entering password or any other such sensitive information during surfing. for eg: Here is how I one day used this attack to get password of Admin account of a machine in my internet lab at college, usually students are provided limited account at Labs. So, I went to the Lab assistance and said him that "Sir, I want to install Turbo C++ in a machine in this lab so I could practice here, because I don't have laptop or PC." So, he came along with me and now he was going to login to Admin account of that
machine. I stood little away and watched the keystrokes. How ever I was not able to see all keystrokes. But soon after he went I easily guessed the password by knowing the keystrokes that I had seen. Then I owned that machine. However shoulder surfing is a risky attack, because you can be caught red hand. But I feel fun in risks.;)
The other great example is that some boys keep standing near the STD or Phone Recharge shops, & when some girl comes there to get her cell recharged those guys overhear her contact number when she is telling to shop keeper. ;)
Other place where this attack take place in large amount is ATM, when someone is withdrawing cash from ATM the attacker usually sees the code entered by the person, and if that person throws the slip that ATM machine prints out after any transaction
then attacker picks up & read that slip to know how much money that person got. After that it is upto attacker how to obtain that ATM card.
You should better know how to get ATM card from owner because I can't teach you martial arts in this topic. :p

5. *****ter diving :
In this the attacker basically searches the garbage of company to gain information. The attacker will search the printer thrash bins, dust bins, filled with papers that contain information about the company. Usually this type of attack provides following information:
Employee name, employee ID, Phone numbers, email ID, FAX, Financial information.
So this is the reason why many banks usually burn the ***** before they throw them.
Now for eg: If an attacker gets some employee's contact number by *****ter diving, now attacker can call him/her in middle of night and ask him/her to work for you by giving greed of money or threatening . Usually disgruntled employee will agree soon.
This attack can also be implemented at ATM, by searching ATM dustbins.

10-22-2010, 10:37 AM
HEy thanks for the share friend :)

10-22-2010, 10:36 PM
Thank you my friend.

10-22-2010, 10:40 PM
Dear readers,

Due to some technical problem I was unable to continue my this article here so I posted rest of article with name Social Engineering continued..
Refer to that article too for complete reading.
Sorry for inconvenience.

10-22-2010, 10:54 PM
you are welc0me friend.

10-24-2010, 02:51 AM
try to get hands on "No Tech Hacking"... . its an awesome book... would upload it in couple of days somewhere and post the link

10-24-2010, 02:58 AM

10-24-2010, 03:01 AM