I was looking for some social engineering links and examples google doesnt seem to be of much help.
Printable View
I was looking for some social engineering links and examples google doesnt seem to be of much help.
You could try www.astalavista.com, is theres not enough on there for you look at the bottom of the page, there are many links to good sites.
ive already looked at a lot of the stuff there on it
Who are you trying to socially engineer..... Anyone in particular? You schools sysadmin for example, or maybe the principal's secretary.... that would be a nice password.....
Sorry for the cynicism..... You're question was kinda "open ended" and I'm in a "pissy mood".... If you have good reason for asking then please elucidate - I'm sure we can help you....
lol...nice sig by the way
This page has some nice reads: http://packetstormsecurity.nl/docs/social-engineering/
New Order
there are a few articles, but they might some links you haven't looked at to other sources.
Got tons of info, even taught a short class on it...but like Tiger Shark said: why do you want to know? Who you trying to hack?
Im not trying to hack anyone im just interested in sociology... and taking advantage of people.
Social engineering is an information retreving method from the victim. There is ton of ways you can retreive information (I won't go into too much details because this is a security web site and we all are here for one reason. Keep melicious kid out of business :) , but the most effective one is just to call the victim in the big corporation. Where hundreds of employees are working and it is almost impossible to keep information handy about each employee. The art of social engineering is depend on your acting skills, how good are you at it. There are different services you can use for SE attack like telephone, email, chating inthe different rooms using different messenger services or if you are extreemly good you can just simply walk into the office building and could get benefit of your skills :) . You should definetly have two qualities in you:
1. Friendly, good communication skills
2. Good technical knowledge.
But don't get so excited, as most of the top corporate security experts are already passed through the ways you are walking through, they know about the risks and they already have applied security policies which protect their servers and their clients from social engineering. But try, may be you will get lucky. Since a whole lot of small businesses are still thinks that they don't need security experts.
"Got tons of info, even taught a short class on it...but like Tiger Shark said: why do you want to know? Who you trying to hack?"
Put up or shut up , really it is irrelevant what he is up to if you post it on a public bbs , you are showing it to tons of people good and bad. Thats just the way it is.
thesecession if you pm me your password and ip addy i will send you a whole bunch of info on social engineering. ;)
If you want a good pool of information go to amazon.com and order "The Art of Deception" by Kevin D. Mitnick. If you don't know who Mitnick is, I'd recogmend researching him before you order the book so that you understand just how powerful the knowledge in his book is. He is one of the greatest social engineers in the last 20 years and his exploits were done mostly through gullable people and his thorough understanding of human nature...very insightful indeed.
i would think if you need lessons on social engineering you'll probably be the one who gets taken advantage of
Not necessarily... I have had a few assignments which required me to socially engineer passwords and credit card numbers and the like from other students. I can't social engineer worth s**t. I'm just no good at it. I have also been the intended target of these attacks and recognized them for what they were. Although I can recognize the attack, I cannot recreate it successfully. I may one day find a use for it, however I will need to learn how first.Quote:
Originally posted here by Tedob1
i would think if you need lessons on social engineering you'll probably be the one who gets taken advantage of
Thesecession, this is not a place where you will learn how to take advantage of people. People here will teach you how not to be taken advantage of, and how to stop other people from being taken advantage of. If you wish to learn how to exploit others, please take your questions elsewhere.
Have a read of Kevin Mitniks book "The Art of Deception".
Although I totally disagree with Mitniks actions and happy he did some time, I found his book rather interesting. If you want to read more about social engineering I would recommend it.
Quote:
Originally posted here by lumpyporridge
thesecession if you pm me your password and ip addy i will send you a whole bunch of info on social engineering. ;)
:rofl:
Eh, did somebody call the google guy?
Actually here at ao, social engineering has been discussed a lot. So I guess telling him/her where to find the info is pretty harmless, since anybody can find it here themselves. There are even four tutorials were written about it (tho only two are in negative's tutorial index):
http://www.antionline.com/showthread...hreadid=247701 - whizkid2300 (2003)
http://www.antionline.com/showthread...hreadid=238683 - Spyrus (2003)
http://www.antionline.com/showthread...hreadid=231674 - jdenny (2002)
http://www.antionline.com/showthread...hreadid=140632 - Remote_Access_ (2002)
The most (only) important thing you need to learn from social engineering is how to combat it...
Peace always,
<jdenny>
Just some random SE links..
from nmap os fingerprinting faq:http://www.insecure.org/nmap/nmap-fingerprinting-article.htmlQuote:
Another possible use is for social engineering. Lets say that you are
scanning your target company and Nmap reports a 'Datavoice TxPORT
PRISM 3000 T1 CSU/DSU 6.22/2.06'. The hacker might now call up the
target pretending to be 'Datavoice support' and discuss some issues
about their PRISM 3000. "We are going to announce a security hole
soon, but first we want all our current customers to install the patch
-- I just mailed it to you ..." Some naive administrators might
assume that only an authorized engineer from Datavoice would know so
much about their CSU/DSU.
http://www.securityfocus.com/infocus/1527 also a good read
Once again we see the same old arguments on AO.
Quote:
I'm not going to tell you how to do that because it's naughty & we wont help people be naughty at AO
And of course the AP bull that goes with all of that.Quote:
This is a public board, it's okay to publish or ask anything, since all knowledge is good
thesecession posted a perfectly reasonable question, asking to be pointed in the direction of some info and bingo he gets negged.
I know we all won't agree here, but would it be possible for all us to exercise a little restraint with the negs.
Otherwise lurkers will be too afraid to post for the fear of being negged and we don't want that, do we?
Steve
here is a copy of his BOOK .... I have found it on some PC... on my School LAN....Quote:
Originally posted here by Tedob1
i would think if you need lessons on social engineering you'll probably be the one who gets taken advantage of
it is a gr8 book...... But after u read it u just notice that U have been using those tactics since u wer able to talk..... just watch children... remeber the GOOD ol'days... every person with a mind on his sholders...is a social engenirs....... this is just human nature .. :cool:
PS: If is not permited to put this book here plz tell me .. I will dell it Asap
thesecession > http://www.hack3r.com/index.cfm?sec=texts&page=24
hope that helps.
maxim_86ualb2 > thank you very much for the book.
-0
Ok, since there has already been a bunch of SE info posted on AO I'll go ahead and share the links that I found when doing my research. It's nothing that you wouldn't find doing your own research on the web...this isn't priviledged/top secret information here.Quote:
Actually here at ao, social engineering has been discussed a lot. So I guess telling him/her where to find the info is pretty harmless, since anybody can find it here themselves. There are even four tutorials were written about it (tho only two are in negative's tutorial index):
Use this info for good purposes only - as I did to help me with combating it in my organization!
Social Engineering Fundamentals, Part I & II
http://www.securityfocus.com/infocus/1527
http://online.securityfocus.com/infocus/1533
People Hacking: The Psychology of Social Engineering
http://packetstorm.decepticons.org/d...g/aaatalk.html
Social Engineering: What is it, why is so little said about it ...
http://www.sans.org/rr/social/social.php
Social Engineering: The Human Side Of Hacking
http://itmanagement.earthweb.com/sec...le.php/1040881
A Proactive Defense Against Social Engineering
http://www.sans.org/rr/social/defence.php
Example of Social Engineering
http://www.searchlores.org/social_1.htm
Social Engineering Web Style
http://www.salonmagazine.com/21st/bo...0/19books.html
Anti-social Engineering
http://www.csoonline.com/read/100702/machine.html
ur well come :negative_zero :
and I am happy that ppl downloaded the BOOK :D
dude honestly thanks for that book maxim... i went to barnes and noble and coulnt find it like 4 months ago so i gave up...thanks.