LinkBack URL
About LinkBacks
Code:__________ .__ __ _________ .__ .__ \______ \|__| ______| | __ ____ _______ ______ / _____/ ____ ____ |__|_____ | | | _/| | / ___/| |/ /_/ __ \\_ __ \/ ___/ \_____ \ / _ \ _/ ___\ | |\__ \ | | | | \| | \___ \ | < \ ___/ | | \/\___ \ / \( <_> )\ \___ | | / __ \_| |__ |____|_ /|__|/____ >|__|_ \ \___ >|__| /____ > /_______ / \____/ \___ >|__|(____ /|____/ \/ \/ \/ \/ \/ \/ \/ \/ ___________ .__ .__ \_ _____/ ____ ____ |__| ____ ____ ____ _______ |__| ____ ____ | __)_ / \ / ___\ | | / \ _/ __ \_/ __ \\_ __ \| | / \ / ___\ | \| | \/ /_/ >| || | \\ ___/\ ___/ | | \/| || | \/ /_/ > /_______ /|___| /\___ / |__||___| / \___ >\___ >|__| |__||___| /\___ / \/ \//_____/ \/ \/ \/ \//_____/ ___________ __ .__ .__ \__ ___/__ __ _/ |_ ____ _______ |__|_____ | | | | | | \\ __\/ _ \\_ __ \| |\__ \ | | | | | | / | | ( <_> )| | \/| | / __ \_| |__ |____| |____/ |__| \____/ |__| |__|(____ /|____/ \/ ####################################################################################################### ####################################################################################################### ####################################################################################################### ####################################################################################################### ####################################################################################################### ###################### This Tutorial Was Created By Risker @ D3Scene.com ############################## ####################################################################################################### ####################################################################################################### ####################################################################################################### ####################################################################################################### ####################################################################################################### ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ Risker ▲ ▲ ▲ ▲ ▲ ▲ ▲▲ ▲ ▲ Risks ▲ ▲ ▲▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲▲ ▲ ▲
Alright, I've decided I'd write a small tutorial on how to social engineer someone easily.
We obviously need to rather certain details such as these
- Full Name
- Date Of Birth
- Address
- Their IP Address
- Pets name
- Girlfriends/Boyfriends name
- ISP name
- Contacts on their MSN
- What services they use EG: eBay,habbo,forums
I'm going to base my social engineering around MSN conversations as that's the most common place that social engineering happens, but with a little brains you could easily apply this to forums,yahoo etc..
What Is Social Engineering?
Social engineering is the act of manipulating their victims into telling confidential information or performing certain things. While similar to a simple fraud gig, the term "social engineering" usually applies to deception and trickery for the purpose of acquiring information gathering, ID fraud, account hacking or computer system access. Most victims never actually meet their attacker in real life face to face.
Information About Social Engineering
Well the key behind social engineering is to basically be-friend your victim, so knowing them for longer then a day can usually help with gaining trust and keeping a conversation going.
Their gender being male or female also plays a big role in which methods you use to gain the information from the victim.
How to find and start with your victim
Finding a victim can depend on if your wanting to hack some random person or a particular individual. Usually you can find victims on ; Through MSN Contacts, Online Forums, Blogs, etc..
Once you've got your contact and now have them added onto MSN, we're going to start with obviously greeting them nicely.
Victim says : Who is this?
Attacker says : Oh, hi!!
Victim says : hi, so where did you get my Addy from..?
You continue the conversation on depending how you know them and just try discuss something that you'd think they'd like..
So example if it was someone from RL talk about your friends ( the ones you got their Addy off ) and just get them talking!
Female Victims
The whole concept with befriending a female victim is to usually flirt with them, compliment their looks and etc..
Try talk about stuff that girls like doing.. going shopping,hanging with friends etc..
Try be their "dream guy" for a short while.
Male Victims
The concept of befriending a male is usually to keep the topic on around bitching about girls, talking games, talking motorbikes and usually swearing quite a bit. ( Depending on the person though.. they may be offended by swearing )
How To Find Their Full Name
Well this is the simplest way to gain their full-name is through
right clicking their msn going to view>profile
Then a link will open and it will show their msn space which will have their full name sitting there.
To hack a hotmail account we only need that name that's sitting there..
How To Find Out Their DOB
I'm not going to write an example to figure out how old they are.. as its a simple question to asking how old they, usually in the start of the convo' you ask that question.
Remember to check things like their myspace for this kind of information and getting them to add you so you can read their personal information that they usually leave on their myspace such as full name, address, etc.
Make sure that once you start asking around for their day/month it's a little while after asking how old they are to hide suspicion
Female
To find out the age of a female, usually you need to have to have been talking for a little while now as this sorta question may be questionable if you throw it out quickly.
Examples :
Attacker: So out of curiosity when would your special day be?
Female Victim: Why do you want to know...?
Attacker: I'm just curious that's all !
Attacker: I like to put all my friends birthdays on my calender
Female Victim: We're friends..?
Attacker: SURE!! Why notI think your heaps nice so
Attacker: Only if you want though.. but yea
You don't have to follow it exactly and obviously she won't 100% say that but its just an example of what might happen.
Male
To find out the age of a male, usually it won't take much effort to gain this sorta of stuff from a guy.
Examples :
Attacker: Fucking hell man..
Male Victim: What?
Attacker: My freaking Girlfriend dude.. Shes having a go at me because i can't remember anyones birthdays or even her birthday
Male Victim: Lol.. that sucks man
Attacker: You ever got that kinda shit off your girlfriend man?
Male Victim: Nah, not really
Attacker: Lmao, shes asking me if i know her star sign at least..
Male Victim: Lol wtf.. thats fucked man
Attacker: Rofl, you want me to check your star sign while im at it ?
Attacker: Whats your birthday? and rofl i'll do you and your GF while im doing mine
Thats a simple example, you could talk about things like drinking under age, not being allowd in clubs, IDs, driving license, etc
How To Find Out Their Address
This proves to be one of the more difficult things..
We'll talk more about this once we have access to his email account.
One topic i like to talk about when trying to social engineer someones postcode
( Their postcode is very important in hacking their hotmail account !! )
Talk about "postcode" gangsters
Attacker: Rofl, have you know those postcode gangster peeps?
Victim: Lol, yea what about them
( If they say no.. explain to them what it is)
Attacker: Lmao whats the name of the ones around your area?
Attacker: Some of the ones around my area are like <postcode> 4life, <postcode> Gangzterz, Brothers of <town> hood
Victim: Lmao we have some like that mine are like <postcode> wateva, <town> wateva, <postcode> wateva.
If they didn't know what postcode gangsters were ask them if they were a postcode gangster what would theirs be.
Like their <postcode> gangsters!
Now that you have their town you could simply look it up on the net and you'd know the postcode.
How To Find Out Their IP Address
There is countless ways to find out peoples IP address's but the most easiest way to do it is by doing this little trick with php.
Alright,
All you need is a webhost that supports php script.
A good website to use may be 110mb.com
Step one
Create a directory called
"pornpic.jpeg"
Step two
Create a file within the directory "pornpic.jpeg" and name it
"index.php"
Step three
Paste this in the "index.php" file.
PHP Code:<? header ("Content-type: image/jpeg");
$newImg = ImageCreate(1,1);
$skyblue = ImageColorAllocate($newImg,136,193,255);
ImageFill($newImg,0,0,$skyblue);
ImageJpeg($newImg);
ImageDestroy($newImg);
?>
PHP Code:<?php
$file="iplogs.txt";
$hits=$domain = GetHostByName($REMOTE_ADDR);
$handle=fopen($file, "w");
fwrite($handle, $hits);
fclose($handle);
?>
Step four
Now create a file in that folder called "iplogs.txt"
When they visit the site it'll appear as a broken image but what its secretly doing is recording the persons IP address.
How To Find Out Their Pets Name
Well we've seen some of my examples already, so basically we just need to get a conversation going about pets.
Bring up how cute your dog is and how rad his name is and ask if they have a pet and what it's name is.
How to Find Out Their ISP Name
Just simply bitch about how crap or how great your net is and ask them who they are with and if they are good and if you should change to them etc..
How To Find Out People On Their Contact List
Female
Ask to meet some of their friends and well.. just go around the whole flirting and wanting to meet them or wanting to find some nices girls etc.
Male
We'll use the great male brain for this!
Attacker; Rofl i'm bored man..
Male Victim: Ay.. i know
Attacker: LOL I GOT AN IDEA
Male Victim: Lol what?
Attacker: Add a whole shit load of people here and we'll spam fuck them !!!
When he adds all his list write down as many people's emails as possible
More the better!!
How To Find Out What Services They Use
Like i've said in the previous few things.. you should just talk about this stuff while talking to them,
Try find "common intrests" but just try gather all the information possible as your talking to them and making sure to store it all in a notepad.
Final Steps
Now if you wernt' succesful on getting their address you could try using a "geolocate" tool on the net with their IP and hoping you'll get the right!
Hacking Their Hotmail Account
This is what you call hotmail "reverting" it was originally made to get back stolen accounts if your hotmail account has obviously been hacked. But now that we gathered all that information on that person we are trying to hack we can pretend we are that person!
Revert Link:
This method only works on @msn, @hotmail, @live email accounts.
Simply go to that link and fill in the form with all the information you have gathered.
Hotmail records the last IP that was logged into the account and it gathers the info via the IP
( Hence the postcode )
This will work 99% of the time and if it didn't you obviously did something wrong.
- Fill in their "full name" which you gathered off their MSN profile page
- Fill in their DOB
- It will ask for the email you wish for them to email about the hacked account, put your email their obviously!
- Fill in the country
- Fill in the state
- Fill in the postcode
- Now fill in the secret answers with "I can't really remember"
- Now it will ask for an alternate e-mail, just put the victims main email into that box
- Fill in the next few questions
- It will ask for the last time you signed in, simply put "today"
- It will now ask for people in your list, Fill that in with the emails we got earlier!
- It will ask if you know if there is any old emails in your accounts, now if they use ebay type ebay emails, habbo emails, myspace emails .. anything that sends an email to the account
- It will ask for people in your list again just fill it in with the emails we got earlier again.
- Now it asks for the nickname of the person.. simply copy and paste it into the box from msn, if they're name has lots of spaces or is really long or something maybe take a few spaces away etc to make it look like your guessing how long it really is.
- Click submit and wait 24hours!
Example Reply Of Hotmail
Hello < Victims Name >,
Thank you for writing back to Windows Live Technical Support. I understand that you were not able to use the link that I sent you for you to reset your password since it has already expire. I believe that this service is very important for you. I am pleased to provide you with further assistance.
< Victims Name > , as you requested, I have resent you another link to reset your password for your < Victims email > account. Please check your e-mail < Your Email > , and see in your e-mail "Inbox" folder the message with the subject "Reset your Window Live ID password."
For more detailed steps to reset your password please refer to previous message that I sent you.
Again, let me remind you of the following information:
- You can use the link for 3 times only.
- Use the link within 3 days, or it will expire.
- Never use any of your former passwords.
If ever you have not received that e-mail, please write back to us and provide another e-mail address for us to resend your reset password.
We appreciate your continued support as we strive to provide you with the highest quality service available. Thank you for using Windows Live ID.
Sincerely,
<Staff Members Name>
Windows Live Technical Support
We Have Access To Their Email Now What?
Well i always go straight for myspace and facebook first because if you "reset your password" they will send you an email containing their password!
So thats one password straight up. Forums also send the username and password so go reset their forum accounts if you know them.
Make sure that read all their mail so we can find where they are registered and some more details and etc..
Social Engineering Via Phone
This may be more known as fraud, but it is classed as social engineering, so i figured i should at least write an example on it.
Also if you wanted ( This is becoming dangerous if continued ) you may use information gathered from the social engineering earlier.
EG: looking their name up in the phone book
Example:
-Atacker calls victim-
Attacker: Hello, is Mr or Mrs. <Last Name> there?
Victim: Speaking, This is Mrs <Last Name>
Attacker: Hello, This is <Random Name> from <ISP Name>. We have recently noticed on our servers with your internet connection . Would you mind doing a few tests from your home computer for me to be sure your computer's security is fine, as we don't want your personal information to be taken.
Victim: Oh.. Alright, What tests may you need me to run?
Attacker: Can you please go to your computer now, i'm currently starting some system checks to make sure it's working fine.
Victim: Ok, what do you want me to do now? i'm at the computer
Attacker: I will need you to do a few tasks for me so i can check someone on my computer.
Victim: Alright
Attacker: Uhm, Ok now open a web browser and go to google, please let me know once you've done that
Victim: Yep, Done
Attacker: Thank you Mrs <Last name> Can you now close down your browser, and go to your start menu on your computer and click the "run" option.
Victim: Ok, ok
Attacker: A black box should pop up any second after you click that run button
Victim: Correct
Attacker: Can you now type CMD into the black box for me please and press enter, tell me once you've done that.
Victim: Done
Attacker: Ok good, can you please type something in the black box for me to check that your window firewall is working fine.
Victim: Alright, done now what do you want me to type?
Attacker: please type netsh firewall set opmode disable
Victim: One second...
Attacker: Do you need me to repeat?
Victim: Nope, Its done now
Attacker: Yes thats right, your connection to my server here seems to be secure. I will now fix that problem on our system and this little problem will be done.
Victim: Good Good, no probs. May i ask for your name please? So i can call and confirm later that you are working with <ISP Name> and that i have already spoken to you about this problem if anyone else calls.
Attacker: No problem Mrs <Last Name>, I am <Random Name> from <ISP Name>
Victim: Thank you
Attacker: Thank you for being so co-opertive, Goodbye
-Attacker hangs up-
Well in that quick 5mins of talking on the phone we got them to disable their firewall. That was just an example but you can just imagine all the things you can get them to do with a little brain.
The Conclusion
You have learn't how easily it is to completly take over someones internet life and possibly take their bank account details and more!
Now you've learn't that you such never give out Personal Information, unless the recieving end is already verified and trusted, also when logging into a website such as hotmail.com make sure that it's hotmail.com not hotzmail.com or hotnail.com or something like that. If you recieive an email that even looks a little suspious just delete it and move on and never go looking through it or even for a second believe it no matter how official it looks, because if it is real they will get their message across to you via a more trusted route.
Also most companies in which personal information is exchanged, have a toll free number on their official site for you to call. Never ring the emails given to you or provided in an email.
Disclaimer
This text is for educational purposes and should not be attempted to re-create some of the steps shown within this tutorial on how people social engineer.
I or this site are not liable for any trouble you may bring apoun your self as this is a criminal affence to do fraud.
Reply With Quote
! 
Originally Posted by dog_keeper 
