First actual face to face SE.

Social engineering is the art of manipulating people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most cases the attacker never comes face-to-face with the victim.

First actual face to face SE.

Post by capflyboy on Mon Jul 11, 2011 1:21 am
([msg=59635]see First actual face to face SE.[/msg])

It's the best feeling ever getting away with it.
I was with a group of friends.
One of them who is very computer oriented.
He doesnt know me very well,
So he knows nothing about my knowledge of "hacking" or anything computer.
I convinced him today that this flash drive I had wouldnt open a file. (it was really the shutdown code)
I changed the icon and named it Photos.
He didnt even double guess putting it in his computer.
He gave me the "you're retarded" look. (He has a HUGE ego)
He double clicks it, and starts to freak when he sees my custom line... "Computer shutting down due to Security Breach"
I had set it for 30 seconds before shutdown.
I acted like I had no idea what happened and apologized constantly.
I used his ego against him.
With his ego and "knowledge,"
He should know not to put some random flash drive into his comp from a random guy he barely knows.
Had I been a real stranger with ill intent.
I could have had an autorun file on the drive, and have it copy the folders to my flash drive and walk off.
Not even autorun it, just convince him the file I want him to click on is the broken one.
I had fun though! lol
capflyboy
New User
New User
 
Posts: 17
Joined: Fri Jul 08, 2011 12:26 am
Blog: View Blog (0)


Re: First actual face to face SE.

Post by mShred on Mon Jul 11, 2011 1:25 am
([msg=59636]see Re: First actual face to face SE.[/msg])

You'd think someone who claims to know computers would be able to tell the difference between a folder icon and a batch file icon. You would think.
Image

For those about to rock.
User avatar
mShred
Administrator
Administrator
 
Posts: 1687
Joined: Tue Jun 22, 2010 4:22 pm
Blog: View Blog (2)


Re: First actual face to face SE.

Post by capflyboy on Mon Jul 11, 2011 1:57 am
([msg=59637]see Re: First actual face to face SE.[/msg])

I said in the beginning of the message I changed the icon and named it photos... lol

But in any other case, I'd agree. :P
capflyboy
New User
New User
 
Posts: 17
Joined: Fri Jul 08, 2011 12:26 am
Blog: View Blog (0)


Re: First actual face to face SE.

Post by acevic on Mon Jul 11, 2011 2:21 am
([msg=59639]see Re: First actual face to face SE.[/msg])

capflyboy wrote:It's the best feeling ever getting away with it.
I was with a group of friends.
One of them who is very computer oriented.
He doesnt know me very well,
So he knows nothing about my knowledge of "hacking" or anything computer.
I convinced him today that this flash drive I had wouldnt open a file. (it was really the shutdown code)
I changed the icon and named it Photos.
He didnt even double guess putting it in his computer.
He gave me the "you're retarded" look. (He has a HUGE ego)
He double clicks it, and starts to freak when he sees my custom line... "Computer shutting down due to Security Breach"
I had set it for 30 seconds before shutdown.
I acted like I had no idea what happened and apologized constantly.
I used his ego against him.
With his ego and "knowledge,"
He should know not to put some random flash drive into his comp from a random guy he barely knows.
Had I been a real stranger with ill intent.
I could have had an autorun file on the drive, and have it copy the folders to my flash drive and walk off.
Not even autorun it, just convince him the file I want him to click on is the broken one.
I had fun though! lol


wh04 d4t w45 l33t. u d4 b055 d4 l33t h4x0r t3ch me 1 w4nt5 2 h4x
My crime is that of outsmarting you, something that you will never forgive me
for.
User avatar
acevic
Poster
Poster
 
Posts: 328
Joined: Mon May 16, 2011 10:12 pm
Location: Siberia
Blog: View Blog (0)


Re: First actual face to face SE.

Post by pretentious on Mon Jul 11, 2011 6:19 am
([msg=59642]see Re: First actual face to face SE.[/msg])

capflyboy wrote:I could have had an autorun file on the drive, and have it copy the folders to my flash drive and walk off.

Do you know how to do that? I've attempted to do it before thinking it would be useful but wasn't successful.
Goatboy wrote:Oh, that's simple. All you need to do is dedicate many years of your life to studying security.

IF you feel like exchanging ASCII arrays, let me know ;)
pretentious wrote:Welcome to bat country
User avatar
pretentious
Contributor
Contributor
 
Posts: 552
Joined: Wed Mar 03, 2010 12:48 am
Blog: View Blog (0)


Re: First actual face to face SE.

Post by Vulpine on Mon Jul 11, 2011 10:48 am
([msg=59645]see Re: First actual face to face SE.[/msg])

pretentious wrote:Do you know how to do that? I've attempted to do it before thinking it would be useful but wasn't successful.


It's been removed on Windows 7 but can still work on XP if the autorun service is enabled (it is by default). How you word the "open=" line in the INF can trick a lot of people up, though. It doesn't actually open. It only executes, so you may need to invoke the appropriate application to run whatever file you're trying to autorun.
User avatar
Vulpine
Poster
Poster
 
Posts: 381
Joined: Fri Mar 26, 2010 11:14 pm
Blog: View Blog (0)


Re: First actual face to face SE.

Post by mShred on Mon Jul 11, 2011 1:48 pm
([msg=59648]see Re: First actual face to face SE.[/msg])

capflyboy wrote:I said in the beginning of the message I changed the icon and named it photos... lol

O.o I was under the impression that you can't change icons in Windows. You can only change shortcut icons.

Vulpine wrote:It's been removed on Windows 7 but can still work on XP if the autorun service is enabled (it is by default). How you word the "open=" line in the INF can trick a lot of people up, though. It doesn't actually open. It only executes, so you may need to invoke the appropriate application to run whatever file you're trying to autorun.

This, I did not know.
Image

For those about to rock.
User avatar
mShred
Administrator
Administrator
 
Posts: 1687
Joined: Tue Jun 22, 2010 4:22 pm
Blog: View Blog (2)


Re: First actual face to face SE.

Post by VPR3 on Mon Jul 11, 2011 4:41 pm
([msg=59654]see Re: First actual face to face SE.[/msg])

Either way a good anti-virus should catch it.
VPR3
Poster
Poster
 
Posts: 161
Joined: Fri Apr 22, 2011 11:35 am
Blog: View Blog (0)


Re: First actual face to face SE.

Post by capflyboy on Tue Jul 12, 2011 11:42 pm
([msg=59705]see Re: First actual face to face SE.[/msg])

@ Acevic quote: wh04 d4t w45 l33t. u d4 b055 d4 l33t h4x0r t3ch me 1 w4nt5 2 h4x /quote]

Digging the sarcasm... lol.

-- Tue Jul 12, 2011 11:43 pm --

Oh, and no, an AV wont stop it.
If you have your AV stopping batch files, you may have some problems with some programs... haha
capflyboy
New User
New User
 
Posts: 17
Joined: Fri Jul 08, 2011 12:26 am
Blog: View Blog (0)


Re: First actual face to face SE.

Post by tucak on Wed Jul 13, 2011 2:46 am
([msg=59713]see Re: First actual face to face SE.[/msg])

capflyboy wrote:Oh, and no, an AV wont stop it.
If you have your AV stopping batch files, you may have some problems with some programs... haha

Actually, the AV will probably stop the autorun.
tucak
New User
New User
 
Posts: 47
Joined: Wed Jun 04, 2008 12:20 pm
Blog: View Blog (0)


Next

Return to Social Engineering

Who is online

Users browsing this forum: No registered users and 0 guests