Wednesday, February 5, 2014

An Introduction to Social Engineering

Image source: http://www.madsecurity.com/wp-content/uploads/2012/08/social-engineering-still.png
           The art of social engineering is exploiting human nature of trusting people. In most cases, an attacker who is trying to do a Social Engineering attack will impersonate an official such as a bank officer, a system administrator whom you might trust. Based on the techniques used by attackers, social engineering attacks can be classified into two.

  •  Computer Based
  •  Human Based

    Computer Based attacks are done impersonating legitimate websites and applications and trick victims enter confidential of important information through a computer. Following are few techniques that uses a computer based approach.

 Phishing

 This is the technique of create a fake clone of a legitimate existing website which a user might frequently use. Common examples are Facebook like social engineering sites and Gmail. A user carelessly enter his/her login information to the website without checking its identity. Then the attacker logs the inputs user just entered and redirect to the legitimate website without showing the victim any difference.

 Baiting

 Baiting is keeping a pen drive/cd/dvd which includes a malware/trojan intentionally on a place where the victim might see. In most cases if one sees a pen drive which does not seem to have an owner, they plug it into their computers and check for the content. In baiting, if the victim plugged in the usb or inserted the dvd/cd, a malware or a trojan horse inside it will be silently installed into your system in the background. Even after you removed the device, the malware is now installed in your system. This can be done using drive by downloads as well.

 Tabnabbing

 Tabnabbing is similar to phishing but follows a rather different approach. When a user switch from the malicious site to another site through the browser's tabs, after some time the malicious tab became inactive, it will be disguise itself as the phishing site. When victim returns to the malicious tab, he/she may not understand that the previous web page has changed. And phishing happens if user enters his information.

 Popup windows

 Browser popup windows are a great way to offer discounts and other offers which users might click on. This can also be dangerous since an attacker can redirect a user to a malicious site.

and many more..

  •  URLs in Instant messages/IRC
  •  Email attachments
  •  Email scams
  •  Advertising websites and offers

 Contractiction to above, Human based attacks follow a human-to-human interaction to cheat victims and grab the important information what attacker needs.Following are few human based approaches.
  •  Impersonating a technical staff member (such as bank official, system administrator, service desk officer etc.)
    • Gather information verbally or by email/chat impersonating a trusted technical officer or an authorized party.
  •  Shoulder surfing
    •  Peeping into keyboard to see what a user type for password. An attacker should be near the victim or a way to remotely see ( a camera) user types password to do this.
  •  Dumpser diving
    •  Search for victim's dump for sensitive information accidentally thrown away.

Important things on above methods and much more things will be discussed, demonstrated on the ISCSE Session 1 on Social Engineering attacks. And participants will be able to get hands on experience on how to perform those attacks.
Further References:

Tuesday, February 4, 2014

Credential Harvester Attack


You all might be wondering what does credential harvester attack means. It has a very simple definition. Credentials are the sensitive data that we would use to log on to systems. Credentials authenticate us in a system and would pass the authorization so you could access it without violating integrity. Which are the most essential properties in computer security. So simply what this attack perform is that it would steal someone's credentials and would enable them to get impersonated. So in simple words this is phishing. 

Back Track is an operating system which supports such capabilities. It is white hack(Good guys) OS which can be used as a framework so you don't need to perform your tasks from the scratch, backtrack would care lots of work of yours and so it is a very essential tool which is used in the computer security community. 

Following video shows a demonstration of the attack. I am running Backtrack Operating system in my virtual box VM. And in Backtrack you could find set of social engineering attack methodologies which would perform useful tasks. The tool is running a local Web Server which can host a social networking page for your liking. I am using facebook here and and this particular attack works remotely as well. So if you give your public IP address to a victim once he redirects to your web server he would find the facebook page we've hosted. And when he enters his credentials to the fake page all of them are harvested.

That's all for today. Watch the video for more information. Happy hacking!!! :)