Members Online
Total Online: 35 Web Spiders: 18
Guests Online: 33
Members Online: 2
Registered Members: 70201 Newest Member: subnick
|
View Thread
| Author |
RE: My first Social Engineering hack |
Darth_Pengo
Member
Posts: 327
Location: /root
Joined: 03.06.05
Rank: Hacker Level 3 |
|
Wow thats pretty cool but you're telling us that you made "NAMEOFSCHOOLHERE_admin@hotmail.com? and they believed it?
Wow they must be pretty dumb
 |
|
| Author |
RE: My first Social Engineering hack |
Haykuro
Member
Posts: 177
Location:
Joined: 04.03.05
Rank: HBH Guru |
|
@Darth_Pengo:
Albert Einstein ounce said, "There are only 2 things that are infinite. The universe, and the stupidity of the human mind, then there are the former." That being said I will continue with backing that statement up..
I was on AIM one day and got bored, and I was reading Kevin Mitnicks' "The Art of Deception". So I decided to try and social engineer some passwords off some kids I kno from school.
I created an account that was supposed to represent a bot created by AOL to help keep usernames and passwords while doing a "database transfer."
Here is the exact message I sent to these 20 students. (Out of the 20, 16 replied with the information asked for):
Hello AOL User!
Here at America Online we are always striving to make using our appliances easier and fun!
Starting August 31, 2005 the database of screennames currently registered will be moved over to a more secure database. All screennames who do not reply to this message will be terminated and will have to re-register. Please reply with your screennames(s) and the password(s). You will be added immediatly to our new database!
When replying with your screenname(s) and password(s) please use the following format:
Username: user
Password: password
Thanky you very much, the AOL Staff!
As you can see I used a very stupid yet beleavable tactic to retreave the information in question, and got it. No questions asked, they just supplied the information..
"If we live to die, do we die to live?" - Haykuro |
 
|
| Author |
RE: My first Social Engineering hack |
nights_shadow
Member
Posts: 856
Location: /var/log/messages
Joined: 30.12.04
Rank: God |
|
lol, i did something like that to my school, but i first needed to get the admin to reply to one of my messages because of certain signature's and special qualities that staff members use in their e-mail. Next, I had spoofed an e-mail that was sent to all staff members as administratorsname@schooladdress (the Groupwise account) and they replied back, like the idiots they were, with their skyward usernames/passwords, which allowed me to get access to gradings/etc. This was also fun once i got a copy of school announcements sent to me from one of my other friends (that's some great sh*t). The one thing that i want to accomplish most in my school is finding a way to get control over the board in front of my school that has scrolling messages (oh, the fun I could have  ).
 |
|
| Author |
RE: My first Social Engineering hack |
Haykuro
Member
Posts: 177
Location:
Joined: 04.03.05
Rank: HBH Guru |
|
Those bulletin boards are usually controlled by janitors, and it is not over the internet, or the school network. there is a debug mode in the board that allows quick message altering for janitors.
search google for more information..
"If we live to die, do we die to live?" - Haykuro |
|
|
|
|
|
Main:
