Follow us on Twitter!
Don't judge the unknown - Grindordie
Thursday, April 24, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 26
Guests Online: 21
Members Online: 5

Registered Members: 82895
Newest Member: kevy90
Latest Articles

Getting information from a person who thinks you\\\\\\\'re...

Arrow Image Someone that you aren't.



To get a full and just understanding of this article, you may want to read Xer0X's articles on S.E.ing etc... (btw Xer0X == Me, but i got a new nick). The following example is a real life conversation that i had with someone, I bet my friend 20 dollars that I could get his mother's library card number through the phone, and with an extremely easy method. He accepted the bet. This is the dialogue. Note that just to make it look even more official, I spoofed my caller ID to say [my county] library.
---Phone was picked up, number was dialed, phone rings two and a half times before being picked up.---

Friends Mom(will be hereafter referred to as Mom): Hello?

Me: Hi, this is [my county] library, is this [full name of persons mom]?

Mom: Yes, this is she, what can I do for you?

Me: Well, Ma'am, there's a problem with your library account, you have approximately 12 books highly overdue. The names of the books are 'Sea Fishes and Bumblebees, [i said 11 more random names of non-existant books].'

Mom: Umm, I dont think that I ever even borrowed those books.

Me: Oh? Well, it could be a mistake because there have been some problems with our database going on. Could you please give me the number below the barcode on your Library Card, because we group book rentals by that number.

Mom: Oh, sure, one sec.

Me: Take your time, Ma'am.

---Friend's mom ruffles in purse or wallet or something---

Mom: Okay, I've got it.

---Friend's mom then recites the numbers on the card slowly---

Me: One moment, ma'am

---I make typing noises, a few clicks on a mouse, wait a few seconds---

Me: Oh, dear, I'm sorry that we've wasted your time, it turns out the person wasn't you!

Mom: Oh, it's no problem!

Me: Thank you for your time ma'am.

Mom: Sure, Bye

---Phone was hung up---
As you can see, it is extremely easy to get valuable information by just asking for it, and a very helpful book for things like this is K. Mitnicks 'Art of Deception.'
The thing with Social Engineering is that you need to make it sound as authentic as you possibly can and you need to be prepared for anything that this person could throw at you, which is why i spoofed my caller ID, just in case the person was paranoid or something like that.
-Psycha

Comments

Darth_Pengoon June 18 2005 - 09:32:07
Mitnicks books are great i was going to buy one yesterday but i left my money at home
0wnedon June 21 2005 - 01:52:36
I got the first art of diception, but hes in alot of trouble now Sad boohoo
CNS Chemiston September 17 2005 - 22:23:54
And by the way.... Why the HELL is this in Windows XP tweaks?
Pandaon November 25 2005 - 19:59:30
If this is true, your a ledgend.
insane_phreakon January 14 2006 - 04:15:55
ha ha thats funny im gonna make that bet with my friend thanks for the idea
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.