/ / / File 04 / NIA070 / / Social Engineering A Way of Life / / Written by - Malefactor [OC] / / / Disclaimer ------------ I take no responsibility for any of the information contained hearin neither expressed nor implied. I also assume no responsibility for the actions or interpretations of the end user neither expressed or implied. This file is for informational purposes only and is an exercise of my right to freedom of the press. Although a few people out there get turned on by a good book burning. Introduction -------------- What exactly is social engineering? Social engineering is basically the delicate art of deception and manipulation for your own personnel gain. Social engineering can be used in every aspect of life to avoid a "F" when you withdraw from some insidious class, to convice a friend to loan you money, or where we are concerned to convice a company that you are who you say you are, and to give you what you want or need. Through social engineering I have gained accounts, dialups, and information on various things. This file is meant to introduce you and familiarize you to social engineering, and where you take it from there is your own concern. Guidlines for Social Engineering ---------------------------------- 1] When you know little or nothing about a company you are trying to get accounts for never try to find out that information by asking local offices. This not only ruins future sites that you could of gained accounts from, but also may alert them as to your intentions. By calling out of state offices the worst thing that can happen is you can raise suspicions in the Akron, Ohio office and not your local Palm Springs,Ca. office. 2] Never hang up or panic. A few handy phrases are listed below A] "Ohh I'm sorry I just started last week and am new here" B] Or if they ask for a number where they can reach you say, "I'm sorry but I am calling from an OutWATS line and cannot recieve incoming calls" (although sometimes this does raise suspicions) C] If you have a loop say, "Sure you can reach me at NPA-PRE-SUFF" D] "Excuse me one moment let me get my supervisor" E] begin to answer there question and mid-sentance say, "Please hold I have another call" 3] Whenever possible do it in a team with a friend then in the event of a "fuck-up" your friend can proceed to be either your supervisor, enraged boss for your indiscretion, or the person who says, "Hello who are you holding for?, I will have him/her call you back I need this line" 4] Never give them your home address or phone number, give them a busy number, and a fake address. Unless you are getting manuals in that case you will need a loop line and a drop site, PO Box, etc.... 5] Always take control of the conversation the more confident you sound the more apt they are to believe you. Always keep talking don't give them the opportunity to get a word in edgewise and question you. If you stutter for a moment some people will question you. Be firm, but not rude or discourteous unless of course the situation calls for it. Gaining information about an unknown service or company --------------------------------------------------------- First off you will need to get a little information before you can start doing anything. There are many avenues you can take, and I will list but a few of the better ones. Method 1 -------- T=Target Company Y=You Call the company or information and get the number to the company. T=Hello Joe Blow's Aerospace. Y=Hello this is richard weiss and I was recently considering investing in your corporation, but would like to find out a little more about it. Can you tell me where to call? T=Ok, Mr. Weiss call 1-800-XXX-XXXX that is our stockholder information line. Y=Thank you, and have a nice day Now you may direct any questions about products, where their main office is located, whether or not thier computerized, whether or not they utilize the networks i.e. tymnet, telenet, etc..., quarterly reports (for what their worth), etc... Note:Another variation on this theme is to actually call and say you are a stockholder and would like information usually they will send you out pamplets and brochures on products and services they offer, but this could take weeks and is 9 times out of 10 totally useless. ---- Now you should know whether or not they have a system, where their main office is, and whether or not its accessible through telenet or tymnet (in some cases they are reluctant to give out this information.) Now you are almost ready to begin. ---- Call up a out of state office of your targeted corporation T=Hello Joe Blow's Aerospace? Y=Yes this is Edwin Meese from the Joe Blows Aerospace main office in super city I need to speak with your computer division (or if it is a small organization say I need to speak with your computer account operator) T=One moment please (or the number is XXX-XXXX) T=Hello this is john oberheim I operate the computer how many I help you? Y=Well sir as you may or may not know we are recently updating your account and I need to know which of our dialups you use to access the central system? T=Well we call TEL-ENET. (at this point you should be prepared if he gives you the local telenet or tymnet dialup to recognize it) Y=Ok yes sir, and after you connect to telenet which of our NUA's do you connect to? (At this point be prepared to explain what an NUA is and what a PSN is) T=We connect to 212440 Y=Ok thank you sir for your cooperation and have a nice day. T=No problem bye. ---- Now you are ready to begin getting accounts you should have a dialup via telenet or tymnet and an address, or an out-of-state dialup in which case you can call another office in that city and get an account and password. Hopefully by this point the first fool you called would of blurted out the name of the system if he did not it might be a good idea to call another office and find out what the system name is say something along the same lines except add in their local port or telenet address and NUA and when you get to the computer/system part say, "after you call xxx-xxxx and type 212440 you connect with uhhh I forgot the name of our system it's on the tip of my tongue I'm drawing a blank here etc..." at which point they blurt it out and you say "thats it ohh i cant believe I forgot I need to get more sleep" after this you can proceed to get this persons account and password using the below method ---- Method 2 -------- This is method is best when you know everthing, and can skip the first part. T=Hello Joe Blow's Aerospace may I help you? Y=Hello this is Ed McMan from Joe Blow's Aerospace main office in super city I need to speak with your X account operator. T=One moment please T=This is ed how may I help you? Y=Yes this is Ed McMan from Joe Blow's Aerospace main office in super city, and we are currently updating your account on X (system name) T=Uh huh? Y=Our records show you are using our xxx-xxxx dialup and using X (system name) at NUA 212440. T=Yes. Y=We need your account so we can update our records. T=Sure no problem its 12ASFD21. (This is where it gets tricky most people 9 out of 10 say yes unless you are calling new york where they are dicks don't even bother) Y=Ok and I also need your password. T=Ok it's "secret" (usually if it's user selected its pretty pathetic but most corporate systems dont allow user selected passwords anymore if he says no then you have to say, "I understand sir I will have my supervisor Bob Hope call you back whenever he is free" or you can say, "I understand can you call me back at 212-222-LOOP?" an added note here is if your calling from the main office supposedly in chicago DONT GIVE THEM A 212 LOOP) ---- Vica-Versa: A good ploy when employees are reluctant to give out passwords is to call the main office get connected w/the computer department and say you are having problems by now you should at least be able to give them a dialup an nua and an account, but no password. This they will provide for you say something to the effect that your new and everyone is out of the office etc... and that you lost the password to the account. Be real computer naive it works about 50% of the time depending on how convincing you sound. ---- Well that's the basics down now that you are aware of the basic principles behind social engineering I will cite a more prevalent example. ---- Social Engineering Dialog Accounts ---------------------------------- What is dialog? Well according to thomas jefferson Dialog is Power. Not really; just good for research and reports. If you want dialogs try Libraries, Engineers, and Large Research Companies. Here is what you say word for word. L=Library, Engineering Firm, Large Research Company. Y=You L=Hello this is X company how may I help you? Y=Yes this is Pia Zadora from dialog I need to speak with your dialog account operator? L=One moment please transferring your call.. L=Hello this is Charles Manson how may I help you? Y=Yes this is Pia Zadore from dialog recently as you may or may not know there was an earthquake in San Fransisco where all of our billing information is stored and your account information is outdated as we had to use tape backups from six months ago. (This is where it gets tricky a company called "AIMES" does a lot of dialogs billing in that case say you still need the information for your records) L=Ohh yes I heard it was awful. How can I help you? Y=Well I need to find out when you were last billed by us and on what account? (On Dialog bills the account number is used as a cover sheet on the bill) L=One moment please (or they might say their accountant isn't in or that it will take some time to dig up) (Option one if she's got it. Option two if she says it will take some time) Option 1 -------- T=Hello? Y=Yes. T=We were last billed August 13, on account 203247 and we were also billed August 13 on our other account 103452. Y=Thank you and what are the passwords on those two accounts? T=They are both "ursula" Y=Ok thank you very much have a nice day. Option 2 -------- L=Ok well I need this information now I have a lot of other calls to make whats your account and password and I will try to pull it up through the network? T=The account is 292910 and the password is "bubba" L=Ok hold on for one moment. L=I was unable to pull up the information. When do you think you will have the records and when would be a good time to call back I really need the last billing period? T=4 o'clock. (Ok so you call back and get the worthless information but they trust you more not every place you call will be easy if they are the least bit reluctant or untrusting lead them for ahwile talk and chat about the earthquake the weather or whatever turns em on. The reason you call back later is so that they don't call dialog with the last billing period trying to be helpful and killing your accounts) Social Engineering and the buisness office ------------------------------------------ Ok to find out information on a line listed or unlisted you can call the buisness office. Occassionally they won't give out information or they will want your local CNA or to actually call you back. Most of the time however they don't. The only ones that seem to be a bit fickle are 612 and 713 that I have encountered. It's just a matter of who you get. This works better than CNA and usually isn't as hard to get through to. B=Buisness Office Y=You ---- B=Hello this is the buisness office how may I help you? Y=Hello this is richard weiss of michigan bell I need a CNA Listing (or just a listing) on NPA-PRE-SUFF. B=Ok that number is billed to joe blow. Y=Ok and do you have an address on that? B=Yes its 1234 laurel lane. Y=And are there any other numbers billed to that account? B=Yes there is 123-456-6789 and 123-456-1234 Y=Thank you have a nice day. ---- Socially Engineering Mcdonalds Accounts --------------------------------------- This is the best one for you to practice your art on their are a multitude of Mcdonalds all across the nation and if they arn't a franchise they have a TI and ISP account on their mainframe accesible through telenet. A little background information their computer is at NUA 313160, and you enter your password then account. The passwords are in the format 1,XRRRRRR, and the accounts are usually MSNNNNNN. (The R's represent Randomn mixture of Letters and Numbers and the N's represent Numbers) M=Mcdonalds Y=You M=Hello this is Mcdonalds I am McChuck can I McHelp McYou? Y=Yes this is McGandi from the main McOffice in McChicago I need to speak with the McManager. M=This is the McManager McZsa Zsa Gabor how can I McHelp McYou? Y=We are currently updating your account are you the one who actually calls in and does the tandem reports? M=McYes that's me. Y=Allright so you call McTEL-NET (give em the number to telenet) and McConnect to McNUA 313160? M=McYes that's McRight. Y=Ok well I need your ISP Account and Password. M=Ok my account is 1,X23T2NN and my McAccount is MS629191. Y=Ok thank you and have a nice day. (A variation on this theme is to ask for the TI account and password another account type I have found they have with less priveleges than the ISP accounts. Unfortunatly the Mc's are all necessary it is a specialized McCode they use, and if you don't use it they McSpit in your McFace, and if you Mcbelieve that don't McTry McShit cause noone will McBelieve McYou. Seriously though the TI's are easier to get and more people than just the manager use them sometimes the managers make careers moves out of McDonalds (really brilliant individuals lemme tell ya) so they are fickle, so if the manager isn't in ask if they call in to the computer in the main office and then proceed to get their account.) ---- Variations on the themes ------------------------ 1] If you want manuals call up a location pretending to be someone else and say we are currently updating our manuals, and if you send us your manual you will recieve one for free blah blah blah. 2] If you need to find out commands or information on a system call up and say something to the effect I am calling from the main office and we are re-doing our system and taking a survey on it to see what changes to make which commands do you use the most often, and what commands do you feel are difficult to use and why? 3] Call up one office pretending to be from another and say your account is being updated or your computer system is down and you need theirs. This works excellently! ----------------------- 4] Call up large company buildings get transferred from about three departments until you are where you want to be and say, "Hello this is Tammy Fae Baker up in marketing on the third floor I need the code to the PBX, computer, or whatever you want. 5] Call up big department stores around christmas and get transferred a few times and when you get to a sales department say, "This is Joe in childrens clothes I need the tele-check number (or whatever credit check service they use)" If they give you any lip say look some kid tore off the sticker and I am going nuts down here. 6] Be creative and if you think you have something special figured out leave me mail I'd like to hear about it. Note: Unauthorized distribution or alteration of this file may result in severe credit damage.