Training session 19: Social Engineering
Learn how to get what you want with Social Engineering
The human psychy is built around fear. Everything we do as 'conditioned' people is out of fear. We fear death, and therefore do everything in our power to stop it from occuring. We work because of the fear of being looked upon as less of a human being, less able to support yourself, and in times of danger, the more likely to be canibalised. Many years ago if you were born with some form of disability, you were killed at birth, or as soon as it was noticed. People realised long ago that if someone with a cronic disease was to have kids, the kids would probably carry on the cronic disease, and because of this, the human race would become weaker as time goes by, effectively decreasing the life time of future generations. Humans by nature do not wish for this to happen, so we act out of fear and fight to split the poor and weak from the strong and prosperous.
Computers act on an entirely diferent basis, they have no fear, and act only on what they are told. When a program crashes, it is not the computers fault, the fault is totally the blame of the user. If i broke off the side of my video card, i can assure you it would not work, however if i was to break off someones arm, they would still be able to live, and would learn to compensate for their disability. This means, for a computer, something is either right or wrong, but for a human, there is an inbetween. Exploitation of this ability to compensate leads to social engineering. By finding this mid point, we create instability in the human mind, instability causes fear, which causes the person to either believe or deny what they are unsure about, depending on how much superior they believe the source to be. If along the way to getting the information required, you hit the extreme of disbelief, then it can be very dificult to convince them otherwise.
An example of this is, would you believe a two year old if he said there was life on mars, more than you would believe a scientist in his thirties? Ofcourse the scientist offers a more reliable source, even tho we have not seen proof of the statement. Due to our instability as to whether to believe the source or not, we rely on their superiority in the sources field of knowledge.
If you wanted to convince someone for example that there is a new computer chip coming out called the 'ZX2486' that was twenty times the speed of anything currently on the market, you would have to consider a few areas. First consider the target, if the target was a computer illiterate middle age man, then you would merely have to pose as a computer repairman, and your story would be believed, even tho it is an utter lie. Now when the target is changed to somone with good computer knowledge, and keeps up with all the latest in technology development, the work required to convince the man would be of much higher levels. First thing you would have to do is convince the man that you have contacts into large businesses. Wear expensive clothing if you are talking in person, no one would believe that you know anyone from a big company if you walked around in normal street clothes. Since this technology is more of a secret, as the man has not already heard of it, you cannot just walk upto him and say "have you heard of the new ZX2486 processor?". Give them a false sense of security, talk slowly, make them feel like they are in control of the conversation. Ask them what their computer is, and then ask if they are going to get the chip when it comes out. Proceed to spit some lies to him, just to make him believe you know what you are talking about. As you can see, the effort required to convince two diferent individuals into accepting the fake information is much diferent.
There is nothing wrong with social engineering while hacking. If you are doing a hacking game, there is absolutely nothing wrong with social engineering someone into giving you the answer, just remember that if you do it wrong, you could get into alot of trouble. If for example you were planning on hacking your local ISP, then rather than putting your ip into the logs just to find out what box's are available, ring them up from a silent number, and while posing as some computer repairman like 'Shane Smith', say you are setting up access for a customer, and wish to know the IP addresses of the FTP server, the Web Server, the Dialup Server, the Mail Server and the DNS Server. The chances are that without much trouble, you would be able to get the information without much trouble.
Always remember, that if someone believes they have been ripped off, they will retaliate, which may mean trouble. If you are looking to sell a motherboard with a blown com port, then ask the potential buyer what they plan on using with the motherboard, find out whether they use an external modem. If their initial uses require the com port, and you sell it to them, you are obviously gonna have one pissed off customer, but if the customer uses an external modem, you might find yourself getting a phone call a few months later asking why the com port doesnt work, just say something like "it worked when i had it, remember i was using a serial mouse on it, so the com port wasnt blown when i still had it". You are lying, you know you are lying big time, you know that you were using a USB mouse, but, as time goes by, people memories change. By now they probably cant remember, and take your word for it, if you sound both sympathetic but sure of your actions. Never social engineer someone more than you have to, if you do it alot to them, they will begin to feel more and more unsure around you, and you will loose your superior status.
For the average person, if they feel they will gain from a situation, and no one else will be harmed in any way, they will carry it out without thinking. Even tho you are gaining more than them from the situation, they should never know this, or they will believe you 'owe' them.
Here are some simple steps to get what you want from social engineering:
1. Become confident with what you wish to gain from the exercise, know what outcome you want and work directly for it.
2. Approach the target with a superior status, but not a confronting one.
3. Make them feel they are in control, and that they are gaining from the situation.
4. Only ever confuse them as much is needed to get them into their 'midpoint' of whether something is right or wrong.
5. Once you have the desired result, do not just leave, rather hang around, help them a little, give them something more interesting to think about than what you have just done so their ability to remember what they have given/told you is decreased.
6. Avoid confronting the person again for as long as possible, but never go totally out of your way to avoid them.
7. Do not brag about the information you gain, no one should know of its consequences.
While hacking, it can normally be easier to convince someone to giving you some form of access rather than taking direct measures to break in. If the system administrator of the target is aware of attempts to break in at recent dates, there is less chance of them falling for social engineering.
Hopefully you will have a good understanding of what social engineering is, how it works, and why it is to your advantage to use it. Study situations around you to work out the best way to approach your own situation.