Class 5 ‐ Social Engineering - Justin-Boyd/Ethical-Hacking-Class GitHub Wiki

Introduction to Social Engineering

SE Overview

  • SE stands for social engineering.
  • Nefarious activities based on human interaction and behavior
  • Involves the use of psychological manipulation

SE Process

  • Preparation
    • Choose a target and perform a background check to determine an attack method.
  • Deceive to Connect
    • Contact a target and take control over a session.
  • Winning Information
    • Expand the foothold to start the attack, use business activity as a cover, and phish for data.
  • Cover the Tracks
    • Leave no trace of the activity by covering the trail.

Why Is SE Dangerous?

  • Based on Human Error
    • The human factor causes legitimate users to do something they are unaware of.
  • Various SE Attacks
    • The attacks can be digital or based on human interaction and may be difficult to identify.

SE Methods

  • Phishing
  • Scareware
  • Vishing
  • Baiting
  • Water Holing

Phone Scamming

Phone Scamming

  • Burner numbers are temporary.
  • Burners are used to perform vishing attacks.
  • Burners can be traced.

Phone Scamming

  • Telecommunications can be exploited by scammers.
  • Phone devices and services require service providers.

Site Mirroring

Site Mirroring

  • Mirroring creates copies of websites.
  • HTTrack is a tool that can download webpages.
  • Mirroring tools require infrastructure.

Site Mirroring

  • Phishing projects exist for many known websites.
  • Facebook is often used in mirroring-based attacks.

Prevention

  • Suspicious Sources: If you are not familiar with the source, don’t open it.
  • Multifaceted Authentication: Protecting credentials ensures secure accounts.
  • Tempting Offers: Often too good to be true
  • Awareness
  • Maintain employee and device registration.
  • Be proactive in the area of awareness.

Awareness video

Awareness Video

Social Engineering Toolkit

SEToolkit Introduction

SEToolkit Introduction

  • SEToolkit executes SE attacks.
  • It supports various attack vectors.
  • SEToolkit can also work with Metasploit and other similar applications.

SEToolkit Operation

  • Social engineering attacks
  • Penetration testing (fast-track)
  • Third-party modules
  • Update SEToolkit
  • Update the configuration

Operation

  • After selecting an option, the attack types appear in a secondary menu.
  • Example: When SE Attacks is selected, a submenu appears.

SEToolkit Example

SEToolkit Example

  • SEToolkit can be used for mail spoofing via an SMTP server.
  • Sendmail is a CLI-based tool used for spoofing.

SEToolkit Example

  • SEToolkit can be used to create a fake login.
  • Hosts of fake webpages will log incoming POST requests.
  • The best approach is to clone a public template and customize it manually.

Hardware SE Tool

Hardware SE Tool

  • BadUSB poses as a keyboard or HID.
  • A variety of USB chipsets can be used for the attack.
  • SEToolkit can create Arduino routines.

Phishing Scenario

  • Clone
    • The attacker clones a login webpage.
  • Phish
    • The attacker tricks targets into entering the site.
  • Compromise
    • Information is sent to the attacker.
  • Hack
    • The attacker logs in to the authentic webpage.

SE Additional Tools

Ngrok

  • Ngrok is used to connect a secure tunnel from the public internet to a local server that uses NAT.
  • Secure tunnels
  • Password protected
  • Inspection requests
  • Multiple tunnels

Self-Extracting Archive

  • Fake executable documents can be created using a WinRAR feature called SFX.
  • The goal is to create a fake executable that seems like a legitimate document.

SFX Flow

  • Preparation
    • SFX (self-extracting executable)
  • Icon Change
    • Change the icon (optional).
  • Create SFX
    • Archive all files.
  • Hide Modules
    • Files can be extracted without being seen.
  • Modify File Name
    • Change the name to hide the file.

Creating SFX

Creating SFX

  • WinRAR can be used to create an SFX file.
  • Choosing the SFX option will automatically convert the file to .exe.
  • Additional options are in the Advanced tab.

SFX Options

SFX Options

  • Enable the Run after extraction and Hide all options.
  • You can define a new icon in the Text and icon tab.

Fake Documents

  • Special characters can be implemented. • RTLO is a special ASCII character that instructs the system to change the direction of the text.

Character Map

Character Map

  • Windows has a built-in tool called Charmap.
  • Charmap can be used to enter the Unicode for RTLO, which is U+202E.
  • By inserting RTLO at the beginning of a file, you can change the direction of the text.