Exploit the possiblities

sploit.html

sploit.html
Posted Aug 17, 1999

Bernz's Social Engineering Exploits: Revenge, Corporate Stuff, Payroll Scams, Garage Break-Ins.

tags | paper
MD5 | 464ba0a52544a1925ab96885d5e10835

sploit.html

Change Mirror Download
<HTML><body bgcolor="000000" text="ff22433" link="9900cc" vlink="#22aa22" 
alink="#0077ff">
<TITLE>SPLOITS</TITLE>
<BODY>
<H1><CENTER>Bernz's Social Engineering Exploits</CENTER></H1>
<HR>
<CENTER><H1>Revenge</h1></Center>
I'd say that if if you really want to get him, get
his number and address through four11.com or something like that. If four11 doesn't have it,
your local library will have national phone books. Write
a professional letter. Use a water mark. Make the letter look really
nice and trustworthy. Do you have some kind of mailbox besides your own
residence to send it to? If so, use that as your return address. If you're
a phreak, so use an alternate phone number. Write to him as something
scary like as a bank or credit card company and tell him he's $5000 or
something overdrawn. At that point he should go apeshit and call that
number to straighten things out. If he doesn't respond, send another and
label it "urgent, final notice" or some shit. He should call and ask
about it. Tell him according to your computers he's too overdrawn and
you have to confiscate his credit card/or freeze his bank account. He'll
read his account number off to you at one point to which you will (a)
have his credit card/bank number and (b) tell him its not the number you
have. Tell him to go to his bank to straighten it all out. He'll go and
find nothing wrong. Send him another letter and start the cycle all
over. You'll be a pain in the ass. It doesn't really do much as far as computers
are concerned. It's just a scam that's annoying.<P>
<HR><CENTER><H1>Corporate Stuff</H1></CENTER><P>
> I read your tutorial/essay on Social Engineering, thought it was pretty<BR>

> accurate and damn funny. I was curious - got any special advice on good<BR>

> approaches to engineering law firms, and/or other private companies<BR>

> that handle legal matters and information as opposed to a generic<BR>

> business or computer centre? I haven't got anything specific in mind,<BR>

> just curious what your thoughts might be on approaching that area of<BR>

> commerce.<BR>

> -j. jc7664b@american.edu
<P>
i'd recommend the getting in by means of disguise (suit). Then ask the secretary something and take a peek at her computer. Look for what she
types, look for post it notes. Try to get her to leave for a second so
you can rifle through her stuff.
<P>
it depends what kind of building for a law firm. A garage entrance is
good for letting you in. Just walk in and go up the garage elevator,
bypassing security. Secretaries are not smart. That's why they are
secretaries and not lawyers. Take advantage of that. Look clean shaven
and respectable. It's an influence con game. Make them believe you are
there for a reason and you're scott free. You can also tell them you're
from some computer company so they give you run of the computer.
<P>
Another good thing is a very long term plan, but it works. If you know a
bit of programming, alter your favorite office or internet program with
vis C++. Put a bit of messed up code in it so it crashes. Go to kinkos
or staples and make a nice little package for it for $5. It looks pro.
Take it to the victim office and present it as a demo package. Make sure
you put your phone # in there. Tell them to call in case anything goes
wrong. Also tell them they get a full version for being beta testers.
Make sure they take it and try it. they'll call you. go back in and fix
the problem. this gives you full run of the computers. I know that this
one is a longshot, but I've used it and to much success.
<P>
<HR><CENTER><H1>Payroll Scam</H1></CENTER><P>
Security guards make only slightly more than McDonald's employees. At $6.50
they are not really willing to stop a bullet. They are hardly willing to stand. They
are not smart, otherwise they'd be cops (which aren't too bright either). In other words,
they are a push over.<P>
You have the knowledge that you can manipulate security guards. That $6.50 matters to them
more than anything and you know it. Let's say you need some access to their place. Call relatively
late at night where there is the late shift guard. IT MUST BE A THURSDAY NIGHT. He should be the dumbest and the last thing he
wants at four in the morning is to be bothered and deal with people. Give yourself a professional
sounding name and speak gruffly and demandingly. This is part of the illusion. Tell him you're from
accounting and you're working on tomorrow's payroll. You're computer went down and you need some access or else
"There will be no paychecks tomorrow" or something like that. That's a nightmare to this guy. He will do
anything he can to get his $200 bucks for his hard work. He will help you in any way possible. Walk him
through his system and things like that. Ask him to tell you what's around. You control him. Be creative.
<HR><CENTER><H1>Garage Break-In</H1></CENTER><P>
Getting into a computer is hard. So is getting into a corporate or large building. Walking past
a security guard isn't great for keeping a low profile. Underground garages stay open almost all
the time. This is a good thing for you. No one pays attention to someone walking into a garage beacuse
they could hypothetically be getting their car. Makes sense. Garages also have elevators that go into buildings.
Some have keys to prevent awful people from getting in. Be patient, someone will come down and just
hop in. You can bypass the lobby through the elevator and go right to the place you want. If you're
wearing a suit (which you should be), scam the janitor into letting you into a place. Look hurried
and pat yourself for keys. Tell him you left them in your car and you just have to grab something really quickly. He's not smart. He's a janitor.
If he was smart, he'd be in your place. Think on your feet if anything comes up.
<HR><CENTER><h1>More to come!<BR>Send <a href="mailto:bernz@ix.netcom.com">me</a> more</h1></center><P></BODY></HTML>

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close