Social Engineering - iExploit

Fraud Manual

x3n0n — Sun, 11 Sep 2011 05:15:26 -0400

So basically, social engineering is like conning.
I was looking all over the net for a decent guide on doing scams, and after a while I found this.

Fraud manual
I think it is a very good read, and I wanted to share this with you ;)

Hope you like it ;)

The Social Engineer's Guide to Women

m0rph — Sat, 13 Aug 2011 09:08:18 -0400

--==::The Social Engineer's Guide to Women::==--

--==::Background::==--

For the last 3 or 4 months, I've really taken a break from the technical side of hacking to find out about myself. Turns out I am really good at picking up women. I never thought of myself as a ladies man before, I've always thought of myself as a pretty shy guy, but this time I've had to myself really opened up my eyes as to how I can mix what I love to do, with real life.

Random info:
Women can be intimidating to all of us, even to other women. Going off of the example of American women, they deeply fear wearing anything that another women is wearing, even more so if the other woman is attractive. Vulnerability, check!

--==::The Target::==--

This scenario has never happened to me personally, but I've seen this mysterious, unexplainable, nonsense unravel right in front of me. Melissa (made up character for our story), is 23 years old, brown hair, brown eyes, and is about 170 cm tall, and approximately 56kg. So she has quite the lovely figure, yeah? So Melissa has just gone to a Starbucks for a nice cappuccino with her two friends. They decide to sit outside, in hopes of getting some looks from some burly looking hunks.

Of course, what macho man is going to go out for coffee with his bros, right? So that's where someone like...oh, I don't know, someone like us comes into play. It doesn't take any fancy words, or flowers, or anything trivial like proclaiming your love to your new found princess, Melissa. Often women will go out in three's (if that makes sense). Three's as in three of them, or three women to be more blunt. Why? One, three is an odd number and goes against being by yourself. Two, it won't give them the appearance of just having a conversation between two of them. And 3, most importantly...will leave one just kinda chilling, and listening to the conversation. Yeah she might contribute every couple of minutes or so, but this is your target.

--==::The Approach::==--

So here are three basic rules for your approach:

[list]
[*] NEVER. EVER. approach a woman, or group of women from behind. Put yourself in their shoes for this one.[/*:m]
[*] If a woman glances at you, and does a double take, that's an invitation to talk to her at some point, preferably before she leaves.[/*:m]
[*] Keep conversations casual for first meetings, unless of course you're at a bar, or club, or any place where women expect anything but a casual conversation.[/*:m][/list:u]

So now we have some guidelines for our approach. Well what will we talk about when we do make an approach? Will they reject us wanting to sit with them? What if X happens, or Y????? What if they don't LIKE US!!!!!!!!?????? ... stop. Take a couple of deep breaths.

From my experience living in Japan (of course, the Japanese in general are infinitely more polite than Americans), it does not matter how great of a conversation they are having (unless of course, they are just two of them, and one just experienced a great loss, like death), they will generally, and even more so if you come off suave enough, will stop whatever they were talking about and will psychologically allow themselves to allow you to interrupt them. So take that inkling little bit of fear of rejection out of your mind. When you see them, you have to act quick, but you also have to keep your composure and remain in logical thought. In other words, slow your roll.

So you, our coffee-shop hero, approach Melissa and her two friends, and ask with a little bit of finesse, "Excuse me, I am so sorry to interrupt, but is this seat taken?" Now, obviously you have to play into the involvement they have with each other in their conversation. It wouldn't be very logical to interrupt them in the middle of a very active conversation, and would make you look like a very rude person. Of course, this isn't always true, as a matter of fact, some women like to be interrupted. It truly depends on the woman, but in this case, you interrupt them at a valley (low point) in their conversation.

Now, if you walked up to them with a smile, with great posture, and dressed like you are about to drink at a coffee shop, there's a pretty good chance you will be invited into the conversation. If you walk up to them with a half-ass "I pity myself" look, dressed like Harry Potter from Harry Potter (lol), you will probably get a disgusted look, and a remark of something along the lines of, "We're busy." or, "Yes, it is taken."

--==::The Infiltration::==--

Now, if immediately after you've asked them in your dashing coffee drinking attire, they all start giggling, you've pretty much already sat down at the table with them. To cut the over explained bullshit, if they have a positive reaction to your approach, you're in, if it's negative, continue to another coffee shop, because every other available woman at that coffee shop just saw you fail, and therefor have labeled you as the non-Alpha male (there are exceptions to this as with any other situation of course).

So you've been invited to the conversation...now you have to adapt, and you have to adapt rather quickly I must say for two reasons:

[list]
[*] You will have something (even if it's a very small amount it doesn't matter), to contribute to the current topic.[/*:m]
[*] You will give the appearance of being quick whitted. [/*:m][/list:u]
--==::Adapting to the Situation::==--

Have you ever caught yourself saying something very generic about some random topic to a seeming "expert" in that particular field, and come off looking like another seeming "expert" in the same field of discussion? Same principle here. Melissa and her friends are talking about computer troubles. FUCKING STOP RIGHT HERE. Repeat after me..."I do not know anything about computers." Say it again. Now say it louder. If you've disturbed a neighbor, or a roommate from saying this phrase so loud, you get 1000 cool points.

So again, Melissa is having computer troubles, and is talking about it with her friends. Do not interrupt, listen to how they respond to computer issues. Are they supportive of Melissa? Are they unsupportive of Melissa? Unsupportive opens avenues to possible new women, supportive obviously does not in most cases, but as always there are exceptions.

--==::Winning Over the Target::==--

Now obviously being a hacker (of some sort), you will have a couple of hook-ups with some other computer intelligent singularities.

You: "I am so sorry to hear about that!" (Melissa's computer troubles)
Melissa: "Yes, I've done everything I could think of to fix it!" :( ...... :)
You: "You know...I know a guy who's pretty good with computers, he might be able to help you out." <--- You become her coffee-shop hero here, if you didn't know this already
Melissa: "Oh my gosh, that would be awesome!"

--==::Information Gathering::==--

From this point, is where all of them start drawing interest into who you are, where you came from, things like that. Wouldn't you want to know the name of your personal hero?

Of course, these questions will be subtly brought up after the current topic dies out. From here you just have to be interesting, and somewhat contributive to the conversation. Not so much that you're overbearing, and not so little that you lose your cool-factor and become shy.

Now if you continue to be such a suave master of disaster, you will most likely be able to get Melissa's number.

Remember a couple of things though:

[list]
[*] Do not solely focus on the Melissa of your scenario[/*:m]
[*] You will need her friends' psychological approval before Melissa will give you hers[/*:m]
[*] DO NOT EVER GIVE OFF NEGATIVE ENERGY, unless if to sympathize, or proclaim a minor misfortune of your own. [/*:m][/list:u]
So great, we've approached Melissa, we've infiltrated her conversation with her friends, and we've won they're approval. Now what?

--==::Obtain Mission Information & Leave::==--

Now it's time to seal the deal and leave.

Any abrupt closure will do for this scenario. For those who rarely approach women, a good, "I am so sorry, I have to get going to do X." Stand up, give the appearance you were about to turn, and say, "Oh yeah, here is my number." Write it on a napkin or something, and finish with a cowboy-like exit. You know, throw your jacket over your shoulder, and give the appearance that you're walking away into the sunset....or the parking lot, really doesn't matter. Throwing a jacket over your shoulder as you leave gives off the Billy Bad-ass impression. Most importantly here, though, is the angle at which you leave them. Try to get as close to leaving at 180 degress as you can. As this is a quick and direct route out of the situation, and more importantly so they have to watch you walk away until you're completely gone(leaving your John Wayne persona sitting in their minds that much longer).

So why would you give your number in this scenario, and not ask for hers? This leaves her to seek you as an avenue of help once again for her computer troubles, once again making you the hero. This also makes her have to initiate contact with you, and most importantly, gives her and her friends the impression that yes, you are available, but they are not your only option (survival of the quickest to call, yeah?).

So what important, social engineering topics have we learned from picking up Melissa?

--==::Review::==--

[list]
[*] Blend in with others in your target's area. i.e. If it's a corporate business, dress in a three-piece suit. (dress right for the occasion)[/*:m]
[*] Assess what kind of situation you're in before you go further. (see the approach)[/*:m]
[*] No matter what the situation, remain calm. (Resisting fear of rejection)[/*:m]
[*] Infiltrate your target's area. (initiating the conversation is half the battle)[/*:m]
[*] Win over your target's approval. (offering an avenue of help for Melissa's computer problems)[/*:m]
[*] Get the information you need. (Melissa's phone number)[/*:m]
[*] Leave in a nonchalant manner. (Throwing of the jacket over your shoulder/path taken out)[/*:m][/list:u]

To close on this situation with Melissa, she most likely would give you a call to see how you're doing, and to ask for your computer genius friend's number (or in a perfect world for him to come over with you so you two can chat). If you were wanting to develop anything from that, you would have to put in the work for it. Which means asking her out. All of the doorways have been opened for you in this scenario, but ultimately..."You're the one that has to walk through it."

Most importantly though, always remember, the conversation can be manipulated, and so can people.

[TUT] Getting an IP through msn [TUT]

Scatman — Sun, 18 Apr 2010 12:40:36 -0400

Hey everyone !

I decided to make a tutorial on getting an IP through msn.

Things you will need:
- command prompt (CMD)
- MSN
-Basic knowledge

Ok, lets get started..

First up, you need to be logged into msn and talking to a friend (ect).
http://img52.imageshack.us/img52/2183/tut1x.png
Now open up CMD.
(Hold the windows button and click R,type in cmd and click enter.)
http://img72.imageshack.us/img72/517/tut2a.png
Ok now, either send your friend a picture (ect) and decline it straight away and say something like sorry, or actually send something.Both work.
http://img227.imageshack.us/img227/6419/tut3.png
Ok now open cmd and type in netstat -n
http://img339.imageshack.us/img339/4026/tut4z.png
Should look something like this..
http://img693.imageshack.us/img693/2572/tut5.png
The IP is outlined in red.(Some guys IP)
If the IP is not very obvious , use social engineering saying are you on bigpond(ect) and is it good?
(As you noticed next to the IP, it had bigpond.)

Now you have the persons IP !

That ends the tut for now :)

Any further questions or need help, just comment below.

New Social Engineering Toolkit Released

Corrosion — Tue, 05 Apr 2011 06:35:58 -0400

Check out the new SET: http://www.secmaniac.com/march-2011/the ... -released/

V1.3 Artillery, you may have to update it from svn "svn update"

Anyway it's pretty nice, and the new tools, since they've not be detected yet are 100% fud so enjoy them while you can.

Here is a test on uh... Avast I think is what i did it on: http://www.youtube.com/watch?v=IouzG6omQg0

I also ran it on AVG corporate edition (or whatever the highest is)

anyway I've since switched to linux for high security but... SET is powerful and at the very least it can use the credential grabber which will work on any os with Internet access.

Social Engineering Database

Corrosion — Tue, 29 Mar 2011 09:21:40 -0400

I'd like to create a social engineering database...

Something to hold data that is made up, yet believable and valid perhaps even including things like facebook accounts.
It'd include name, address, number, email, generated/valid looking SSN, bio, etc...

This would make it easier to have information on hand when needed about who you are trying to be... Having sections for different jobs and perhaps details and terminology about the business..

ex:

Name: Gary, Brockwell
Address: 3213 w3rd st asthabula, oh 44004
Social Sec: 506-64-5489 (Valid In NE according to http://www.fakenamegenerator.com/social ... number.php)
Bio: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Employer: Walmart
Lingo: xxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxx

etc...

But how should it be setup, preferably usable over terminal but idk how to program... ideas?

Social Engineering without the hard work. [MITM/DNS Spoofing/SET]

Sh3llc0d3 — Sun, 24 Oct 2010 17:10:29 -0400

[align=center]Social Engineering without the hard work. [MITM/DNS Spoofing/SET][/align]

About
First of all for this tutorial I will be using the social engineers toolkit or SET as it's known. I will also be using a various number of other tools to help me attack a windows machine. The windows machine will have Avast installed and Online Armor Firewall. The specific attack will be a MITM aided DNS spoofing attack that will re-direct a user to a malicious page we have set up locally. This will in turn, open a java drive-by attack on the victim and spawn a Meterpreter session which is a trojan Metasploit developers made for use within the Metasploit environment.

Methods to understand
Java Drive-by
DNS Spoofing
MITM [Man In The Middle] Attack

Tools needed:
- SET
- Ettercap-ng
- macchanger
- possibly netdiscover or nmap but not covered here.

note: you will need netdiscover to find out the targets ip address, you could always use nmap but for this tutorial I won't use either as I know the IP address of the victim.

First we boot linux up on our attacking machine, this can be any form of linux that you have SET and my other tools installed on, however I will be using BT4 as they are all ready and preconfigured.

If you're using BT4 make sure you start networking before you do anything as if you don't you will not be able to continue through this tutorial and have officially failed backtrack basics. ;)

Just to show this is not an elitest tutorial for the more experienced backtrack is availble from www.backtrack-linux.org and the following commands will start networking on your box.

type in a konsole window the following...

/usr/bin/start-network
/usr/bin/wicd-client on

once it shows Done. then you're ready to continue.

I will firstly go through the routine of updating the software from SET. Open up the 'start menu' and navigate to "Backtrack>Penetration>Social Engineering Toolkit". You will now see a konsole window that has opened displaying the SET program. First thing you MUST do is to update the software for both SET and Metasploit. This is a vital step as with older releases of BT4 SET did not have as many features etc as the current release.

Metasploit especially takes a while to update so it is worth (while M'sploit is updating) to open up Ettercap which should be under "Backtrack>Privilege Escalation>All>Ettercap-GTK" You can use the GTK version or if you have knowledge of the command-line version either will do. This is a noob friendly tutorial so I'll use the gtk.

We need first open a new shell (konsole window) and type in the following to allow for IP forwarding, some people have complained in the past on other sites that they cannot use ettercap properly without setting ip forwarding.

echo 1 > /proc/sys/net/ipv4/ip_forward

After this has been done we need to setup the re-directs, a little like editing the hosts file on a windows machine. To do this we go to the Etter.dns file and write the website we wish to re-direct to and the IP address. Type in the following command in a konsole window to bring up the file for editing.

nano -w /usr/share/ettercap/etter.dns

scroll down and see where they have put microsoft sucks etc and a few examples. We need to enter first the site, in this case www.google.co.uk or .com depending where you are. You can also put google.co.uk to eliminate them being able to navigate around the redirect. Similar to wildcards in hosts editing for windows.

an example would be:

www.google.co.uk A 192.168.1.68

The Ip address being your address that you will be re-directing the victim to. Don't forget to add the " A ". When you have finished editing press "Ctrl-x" then "y" then enter to save then exit the nano editor.

We then go to Ettercap and on the top select "Sniff" on the toolbar and then "Unified Sniffing". Select the device connected to the internet. mine is Wlan1 yours may be wlan0 or eth0 or something different. If you hve problem finding your device or connecting to the internet in Backtrack let me know and i'll try and help but you should pretty much know how to use backtrack. Next in Ettercap press the combination "Ctrl+S" to scan the network for online hosts. You can also use the toolbar "hosts>scan for hosts" once your scan has completed press "h" to show the list of hosts, this can also be done from the menu but I'll let you explore the menu's on your own time :)

You will see on the hosts tab that several have shown up. You need to/should know your default gateway, this is the one that your router will be located at. Select the gateway's ip/MAC and then click "Add to Target 1". For the next bit you will need to find the IP of your victim's machine. If you have the luxury of using two computers like me, just run ipconfig in cmd on the windows box your penetrating. If not you can use netdiscover or nmap to find the victims target IP. You can if you wish target everyone on the network but this is very dangerous and can cause you to DOS the network or at the least slow the router down. My advice is select one target. I have chosen my gateway and victim 192.168.1.xxx and 192.168.1.65 respectively.

The technique being used is called a Man-In-The-Middle or MITM for short, we need to next select to poison the ARP cache, which is under Mitm and just click "ok". Already I have been alerted in Online Armor that their is a change in network configuration however most firewalls wouldn't and even if it did most people wouldn't pay any attention as they are still connected. In Ettercap you can double-check the targets selected by pressing "t" and viewing currently selected targets. Once all the above steps have been completed go to "start>start sniffing" or "ctrl+w".

Now you are currently performing a MITM attack, however this is not the aim of the tutorial. We want to perform a DNS spoofing attack. First in ettercap go to the plugins menu from the toolbar and select manage plugins. we can first check that the arp poison is in effect, this is done by selecting the "chk_poison" plugin and pressing enter. It should come back saying at the bottom that poison was successful, whoopee sorted. Next we stay in the plugins menu and select the â€œdns_spoofâ€ plugin. This will activate the redirect you edited in the etter.dns file. We probably should have started the SET process first however it took a while to update metasploit on my old testing laptop. So here goes setting up SET for the attack.

You should have it opened in another window after it has finished updating both set and metasploit. You may now see a different menu (due to more features being added) itâ€™s appearance changed. Enter â€œ2â€ and press enter as we want to perform an attack using a website. Next select â€œ1â€ from the menu as we will be using a java â€œdrive-byâ€ style method, then select â€œ2â€ to clone a site already in existence. Whatever URL you decided to clone enter it here, it should be the same url you entered in the Etter.dns file earlier.

Next is the interesting and fun bit, putting together the exploit to be used. Itâ€™ll now ask you to select a choice of exploit to use. Iâ€™ll be using choice â€œ2â€ Windows Reverse_TCP Meterpreter exploit, this attack uses the Metasploit Meterpreter to spawn a session shell on the victimsâ€™ computer. Most people for the next bit use option two encoding â€œshikata_ga_naiâ€ however I like overkill and use option 15 â€œMulti-Encoderâ€, either is fine. Next choose a port to listen on I chose â€œ999â€ and press enter.

You will now see SET creating your exploit and starting metasploit. This can take a while depending on the speed of your machine. It shouldnâ€™t take too long though. Metasploit will start and then the Meterpreter 'handler' will activate listening for inbound connections from your victim. Once a session is created use the â€œsessions -lâ€ command to show any sessions available to you, once you've found a session you want to connect to, ie your victim, then use the â€œsessions -iâ€ and then the number associated with your chosen session.

For example:

â€œsessions -i 1â€

congratulations, you have now connected to the machine. Without wanting to go into too much detail use the â€œhelpâ€ command while in the session to see options available to you.

A good tip that I've missed out because it wasn't entirely necessarily needed here was using macchanger, this tool spoofs your MAC address to another address you specify.

In backtrack macchanger is installed already and the usage as an example is below:

macchanger --mac 00:11:22:33:44:55 wlan0

wlan being your network device.

Important
One thing to note when performing a MITM attack you MUST re-arp your victims cache. If you don't you can ruin a good computer or at least slow the connections down. To do this in Ettercap-gtk go to "MITM>Stop mitm attack[s]"

Sorry there's no pictures guys I'll hopefully be making a video on this at some point to demonstrate it's use. Metasploit was playing up too so if i've missed anything out let me know.
S-P