Morioh
Login
Wiley Mayer

Wiley Mayer

3 years ago

@nathan-house

Nathan House

Nathan House is the founder and CEO of Station X a cyber security training and consultancy company.

Social Engineering uses influence and persuasion in order to deceive, convince or manipulate. As a result, the social engineer is able to take advantage of people to obtain information with or without the use of technology.

The following is an example of a previous job I performed for a client. It demonstrates what seemed like insignificant information can build trust with people and compromise a company.

This has been provided as further reading for an interview I did on penetration testing and social engineering for PC Extreme magazine.

Social Engineering Tools

To explain how I might go about using a combination of social engineering and technology I need to first explain the tools that I may use.

We have many tools that we have developed for the purpose of penetration testing. In this Social Engineering example, I will be using a package or executable wrapper, a rootkit, and The RAT (Remote Access Tool).

In simple terms, the wrapper can create executable programs that appear to do one thing but, in fact, perform other tasks as well. Our wrapper also encrypts and compresses the contents to help deflect virus detections and computer forensics.

The RAT is a remote access tool that, when run on a machine, searches for connections out of the network to the Internet, utilising proxies and other devices if required.

The RAT uses outbound connections from the target machine to receive its commands to completely bypass any security from a firewall or NAT. The communication traffic is also sent as legal HTTP/HTTPS traffic so even if the target’s proxy or firewall has application-level filtering, the control commands will appear as normal HTTP traffic because, in fact, they are.

This means that we can communicate with targets deep inside the company’s networks and defeat firewalls/proxies/DMZ, etc.

The RootKit is a program that hides the hacker’s actions from the operating system and anybody examining the machine. Our rootkit hides Processes, Handles, Modules, Files and Folders, Registry Keys and Values, Services, TCP/UDP Sockets, and Systray Icons.

What this means is the task manager, netstat, regedit, file explorer, etc. will not be able to see anything that has been placed on a machine by the hacker that has been rootkitted. The hacker’s actions and programs will be completely invisible.

There are some less sophisticated versions of these types of tools available on the Internet but there are two good reasons why a professional hacker won’t use them. One is they don’t provide the required functionality, and the other reason is that many virus checkers will pick up their signatures and stop them.

This is the difference between the script kiddie and the professional hacker.

Social Engineering call #1

Call to main switchboard of the organisation from my mobile phone.

Nathan: Hi, I’m having a problem with my desk phone. Can you put me through to someone who may be able to sort this out for me?

Reception: Connecting you.

Phone Services: Hi.

Nathan: Hi, I’m having a problem with my desk phone. Sorry, I’m new here. Is there any way I can find out who is calling me when they call my desk phone? Is there a caller ID?

Phone Services: Not really, because we use hot desks here. Because people usually use their mobile phones, the caller ID isn’t often related to a name. Is this a problem for you?

Nathan: No, it’s fine now. I understand. Thanks. Bye.

I now know that the company uses hot desks and that phone caller ID is not always expected. Therefore, it is not an issue if I call from outside the company. If it was expected, then I could work around it anyway.

Social Engineering call #2

Call to main switchboard of organisation.

Nathan: Hi, could you put me through to building security?

Reception: OK.

Building Security: Hello, how can I help you?

Nathan: Hi, I don’t know if you will be interested but I found an access card outside the building which I think someone must have dropped.

Building Security: Just return it to us. We are in building 3.

Nathan: OK, no problem. May I ask who I’m speaking to?

Building Security: My name’s Eric Wood. If I’m not here, give it to Neil.

Nathan: OK, that’s great. I will do. Are you the head of building security?

Building Security: It’s actually called Facilities Security and the head is Peter Reed.

Nathan: OK, thanks a lot. Bye.

This told me the name of a number of people in security, the correct name of the department, the head of security, and that they are the ones who deal with physical access cards.

#hacking #training #cybersecurity #social-engineering #social-engineering-example #how-social-engineering-works #cyber-security #hackernoon-top-story

How Social Engineering is Used to Bypass Your Security...with Ease

hackernoon.com

How Social Engineering is Used to Bypass Your Security...with Ease

Social Engineering uses influence and persuasion in order to deceive, convince or manipulate. As a result, the social engineer is able to take advantage of people to obtain information with or without the use of technology.

1.35 GEEK