Social Engineering, the art of Server Hacking via Human Hacking
A note of disclaimer: I haven’t social engineered anyone for this article. Also, I won’t be responsible for any of your action.
Social Engineering, seems like social engineers go to people’s home and clean their homes and give them a good massage, NOOO! Social engineering means to make people reveal sensitive info. It gives you sensitive info like user’s credentials, company’s sensitive info like back-end process, etc. This information can help you in the step of exploitation
Social Engineering Methodology
So, for social engineering, we’ll be using the following methodology:-
- Get the victim’s basic info like email, name, location, DOB, etc (I’ll tell you how to collect this information ahead)
- Interact with user
- Ask sensitive info indirectly
Information about the target
So, first of all, we need to gather information about the target. For this google dorking can be your best friend. But to do this, you need a basic dorking skill. So first of all, we’ll be dorking for victim’s image.
Victim’s image can be found at their social media profile, their job’s website, email account, etc. After getting victim’s image, you can search more related image on google image search. If you’ve found the name of the victim, it would help you better.
- Go to images.google.com
- Click on the camera icon right to the search-text bar and go to upload image if you have the image of the victim on your system, or go to paste the image URL, that’s the default option
3. Now hit Search by image and here you go.
4. You’ll get the basic information like name, location (from exif data of image from similar images), etc.
Dorking is my favorite thing in hacking. You’ll be able to get victim’s social profile, etc. with help of it.
- Dorking for social accounts
For twitter profile:-
For Facebook profile:-
site: facebook.com “<victim’s_name>”
Like examples above, you can get more with dorking more.
Fun part, Interaction with the target
First of all, try reading the chat example below with a person with high reputation in the company, for e.g. network manager, company’s pentester, software engineer, etc
Attacker: Hello <victim>, I am a user of your company. I am facing the following problem with using your services. <some_fake_problem_with_edited_screenshot_with_exif_data_properly_edited>
Victim: Hello <attacker>, I’ve read your report and my team is trying to reproduce the vulnerability. Once the vulnerability is reproduced, we’ll inform you.
Attacker: Okay! By the way, what technologies you are using that your servers are giving a lot of errors?
Victim: We are just using <backend_technologies>
If you would be lucky, then you’ll get sensitive info. You can also try to get some other sensitive information that you can further use for social engineering.
Building trust with the victim can definitely give you something big. You can chat with the victim in a normal way, and sending some text that can build trust.
Creating some fake web
This can be also very interesting and comes under Phishing. To describe this, again read the chat along with an email.
After building trust
Attacker: Hey, I’ve created a website and is hosted at<website_url>. Try having a visit to it.
This website can have several payloads to perform some sensitive task.
Now turn for email
I want to inform you that we are performing a survey of our staff for <something>. Please login at <page_with_login_form_to_store_credentials>.
I am writing with this email for this purpose only.
You can send this email to many employees for better results, but remember not to send it to person whose name you have chosen. This might fail if asked to employee whose name you have chosen.
If you don’t have the particular information, then you can shuffle the steps according to you convenience.
I hope that this article will help you hack better. If you like it, you can hit the clap icon upto 50 times.