informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/uploads/line-interruption.txt

124 lines
6.1 KiB
Plaintext
Raw Permalink Normal View History

Initial commit
2021-04-15 11:31:59 -07:00
__ _
.: .' '. how to social engineer into anything
/: / \_ or; the line-interruption method
;: ; ,-'/`:\
|: | | |() :| an infosec writeup to help protect
;: ; '-.\_:/ companies from filthy blackhat scum
\: \ /`
':_'._.'
|| fucc steve case
/__\
.---. {====}
.' _,"-,__|:: | warning: this technique has been used
/ ((O)=;--.:: | to infiltrate various large companies
; `|: | |:: | resulting in dox and hax!1
| |: | |:: |
| |: | |:: | warning 2 hackers: don't friggin do it!
| |: | |:: |
| |: | |:: | shouts: syphor, dropcode, egod, the|one
| |: | |:: | mist and every ><oh>/int scroller from
| /:'__\ |:: | the ao-daze. it's 2017 & aol hacking is
| [______]|:: | finally retro and cool. we made it fams.
| `----` |:: |__
| _.--|:: | ''--._
; .' __{====}__ '.
\ .'_.-'._ `""` _.'-._ '.
'--'/` `''''` `\ '._ written by big pad tha don
jgs '._ _.'
`""--......--""`
###how it's done###
i'll use a hypothetical aol attack to explain the process, but this can be reworked for pretty much anything.
first, you'll need an accomplice or the ability to pull off two very distinct voices.
second, you'll need to make an account on the target service with the name and address information filled out
with things like "THIS IS A TEST ACCOUNT", "TEST PURPOSES ONLY" etc.
friend = person #1, the oblivous customer
se = person #2, the social engineer
jeff = phone rep
> pregame
jeff: thank you for calling america online's new registrations department, my name is #jeff# how many i help you?
friend: hello i'm tony and i need internet. now you guys have the email and the web, right?
jeff: we certainly do! with america online you can blahblahblah
*let this exchange go on for about a full minute*
se: #beep boop# (use two rapid touch tones)
se: hello, i'm sorry to interrupt this phone call. jeff how ya doin today?
jeff: i'm fine..
se: great, [name of friend] do you mind if i place you on hold for a minute or two?
friend: n.. no that's fine
se: great thanks. #beep boop#
se: ok i've placed the caller on hold, jeff how ya doin today?
jeff: i'm fine..
se: great. well i'm chad and i've been monitoring your activity this evening and had a couple of things i wanted
to run by you. firstly, have you been seated at your terminal all afternoon?
jeff: yes
se: so nobody else has had access to your workstation?
jeff: yes
se: ok, on my end it looks like you're mistyping credit card information for new members. i only see a couple of
instances but it's something we do need to address, as it results in errors in our billing processing systems.
jeff: no i never mistyped anything today
se: hmm, ok. our data retrieval system might be misinterpreting something... ok i'm going to have you pull up
a test account. navigate to your pegareach quick search screen and let me know when you're there.
jeff: ok i'm there
se: great. ok let me pull up my data retreival software. give me a moment....
se: *taps around on a keyboard for about 10 seconds* ok ready?
jeff: ready
se: jeff go ahead and look up the screen name "PhoneTest22"
> when jeff looks up "PhoneTest22" he'll feel immediately at ease for two reasons
1. you interrupted his phone call with a customer like some leet high level supervisor
2. you created the "PhoneTest22" account and all of the name/address fields say things like "THIS IS A TEST ACCOUNT"
> attack scenario #1: let's condition jeff into resetting account passwords
jeff: ok i've pulled it up
se: great, now go ahead and reset the password on the account to aoltest1
jeff: ok done
se: hmm, not seeing anything in my data retrieval software. some packet errors. let's try again.
navigate back to the search screen and let me know when you're there
jeff: i'm there
se: great. go ahead and pull up the scren name "target"
jeff: ok done
se: great, now go ahead and reset the password on the account to aoltest1
> at this point you can either say "ok, looks like your mac address was misissued. i'll have noc address that. thanks"
or you can just have him sit there and reset tons of passwords on multiple accounts all night until he asks about
overtime.
> other attack scenarios
- once you've earned the phone rep's confidence you can do various things such as:
1. ask him to press "prnt scrn" and copy and paste a screenshot of their internal software into new email addressed to you.
this is useful in followup calls because you'll know more about their internal systems and how to speak the lingo.
2. have him install patch.exe because your darn data retrieval system is on the fritz
3. read off sensitive information on target accounts
.........
.'------.' |
| .-----. | |
| |owned| | |
__| | :o | | |;. _______________
/ |*`-----'.|.' `; //
/ `---------' .;' //
/| / .''''////////;' //
|=| .../ ######### /;/ //|
|/ / / ######### // //||
/ `-----------' // ||
/________________________________//| ||
`--------------------------------' | ||
: | || | || |__LL__|| || | ||
: | || | || | || `""'
n | || `""' | ||
M | || | ||
| || | ||
`""' `""'
###backstory###
this was conceptualized in 2003/2004 by yours truly and used relentlessly on various utilities, carriers and isps.
i'm convinced that variations of this technique would still work present day on virtually any large tech/communications
company with enough phone jockeys. isps, registrars, banks, mobile carriers, etc. employees need to stay vigilant
in the face of unorthodox social engineering vectors.
###fun fact###
mark zuckerberg started out as an aol/aim hacker. one of us, one of us, gooble gobble and whathaveyou.