[Article]-Social Engineering as a Technical Tool

Viewing 1 reply thread
  • Author
    Posts
    • #7929
      Don Donzal
      Keymaster

      After a month off after BH & DC, Chris is back. Hope you enjoy.

      Hey Chris, Good luck with your talk tonight at DerbyCon.

      Permanent link: [Article]-Social Engineering as a Technical Tool

      [align=center:3rc6d366][/align:3rc6d366]

      By Chris Hadnagy

      When we speak about social engineering the normal conversation steers away from the technical and more to the psychological.  This month we are going to change it up a bit and steer head on into the technical arena for a discussion about penetration testing.

      There seems to always be a debate online about pentesting, what it is and what it isn’t.  How to do it right, how to do it “real world,” how to do it hardcore and even l33t. But at the end of the day what each and every pentester wants (or should want) is to uncover the holes in the clients network, so they can be mitigated before the bad guys use those very same holes for malicious purposes.

      That desire should drive each “real world” pentester to use every tool – technical or not – at his disposal for the benefit of his clients.  This is where our discussion about how to use social engineering as a technical tool or as a tool to get technical details.

      Share your thoughts and your own stories,
      Don

    • #50152
      hayabusa
      Participant

      I think Chris makes an excellent point (without specifically saying it), on the often “over-glamourized” uses of social engineering.  I mean, sure, you can tailgate, or you can throw a SET-initiated attack at company employee X.  Those are both fully valid, and I use them all the time.  And if you can, and you get the access and data you need, you’ve done your job.  But that’s not always necessary. 

      As Chris noted, all it takes is gathering enough information to get full access to a database.  From there, all bets are off.  On one side, it might let me plant some malicious scripts or code in a web-fronted db, and gain a shell on the server.  Now I have my pivot, and can go on about my business.  Yep, a more ‘glamorous attack’, from a technical perspective, after first carefully gathering some info and getting in.  But maybe I don’t even have to go THAT far.  Is simply pwning a MAJOR database enough?  Depending on the database, and the target, it just might be.

      Suffice to say that with a little time and patience, you could reap far greater rewards than trying to waltz in the front door.  And if done right, the stealth factor is so much greater as, if you’ve played the cards right, customer X thinks that at least SOME of your database activity is legit, buying you a little extra time to dig in further and leave your backdoors.

Viewing 1 reply thread
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?