Monday, April 18, 2016

Final Social Engineering Assignment

1 My task was to set up a phishing site and see if any of the people around me would fall for it.
2 I decided to use Kali and some of the tools within since we don’t get to use them much other than in the virtual labs. Figured it’ll be fun to try it out in the real world. I decided to set up a fake Facebook login page and send the link to people through email, where you can change the URL link to whatever you want.
3 The exploits themselves were quite easy to catch onto if you had any IT knowledge. They pretty much require the victim’s input to work, at least the exploits I tried. Still, I did have a friend that was bad with PCs.
4 Targeting and tricking someone for their lack of knowledge does feel quite filthy. At the same time, as I was trying these exploits against my friends, I did have fun. Most of them can see what I was doing the moment they got on the false page.
5 You can do a lot with credentials. The victim could possibly use the same credentials for other sites/services. There are loads of information on these social media sites.

6 It was pretty fun to be honest. This probably the first time I have done anything like this other than using pre-made tools to hack a few games. As these exploits actually require you to setup, I have to say, I learned a lot through experimenting with Kali. Of course, I referred to the lab assignments to help me with some tasks.

The task was conducted at the BHCC computer lab.
The one guy that fell for it...






As I couldn't take screenshots of the actual run, I do have several word docs of my exploration into Kali and the tools I conducted in my home network. They are setup in the same fashion as our labs. There is a webcam exploit and a cmd prompt exploit in there along with the Facebook phishing site. BHCC computers do not have webcams so couldn't do it there. The cmd prompt exploit gets picked up by the BHCC antivirus so the Facebook phishing was the only one that worked.
Word docs of my little experiments below:

Webcam
https://docs.google.com/document/d/1k5sMQRYAxFVabNNp_tM15OJz6XwwrqTtkYuGsqzkaWg/edit?usp=sharing

Facebook
https://docs.google.com/document/d/1HmffaZXaLy-bxAVmL-PkdoJhq1qWuCT7KcpNDKGL16A/edit?usp=sharing

Cmd Prompt
https://docs.google.com/document/d/14wxdtx5CtrZSLKDGjOtX626sqcdqOqOE_Z7nahuxK_4/edit?usp=sharing
Posted by at

3 comments:

  1. Helion BlackApril 18, 2016 at 8:42 PM

    nice!!!

    ReplyDelete
  2. UnknownApril 19, 2016 at 8:13 AM

    Hellofa job. Now I really miss being in the class. I'd love to get with you and learn more about how you did what you did.

    ReplyDelete
  3. UnknownMay 11, 2016 at 1:32 PM

    So cool! 10 points

    ReplyDelete

Subscribe to: Post Comments (Atom)