Social engineering case: who leaked the source code of the firewall?

I hope you will like the wonderful social engineering cases!
Reprinted please indicate the source: mysterious Xiaoqiang
Address: http://www.smxiaoqiang.cn/blog/254.html

Foreground analysis:
After dropping out of high school, Liu Yu, a 22-year-old employee, once worked as a food sales staff, shopping mall staff, electronic equipment maintainer, etc. These experiences made him focus on dealing with all kinds of people. But in the next five years, he became crazy about computers, especially hacking technology, and involved in the underground hacking economy. He has many businesses, such as DDOS attacks against private servers, the compilation of targeted online banking key record tools, and the theft of game equipment for money laundering.
However, Liu is tired of repetitive attacks. Obviously, exciting things are more interesting. This time, he targeted a firewall, which was developed by Beijing Zhongguancun hengtian company. It is said that this firewall was well received in the industry as soon as it was published, and Liu did not agree. In his opinion, the source code of the firewall can convince him.

I. Sales Department Backdoor
Liu found the contact number between the sales department and the marketing department of hengtian from the menu bar "help" in the released firewall software. Then he

Then, as the manager of the purchasing department of a company, he called the sales department of hengtian company.

Hengtian company (hereinafter referred to as Heng): "Hello, this is the sales department of hengtian Company"
Liu Youyang (hereinafter referred to as Liu): "Well, I am Liu Youyang, manager of purchasing department of Beijing Asia Pacific electromechanical Co., Ltd. Our company needs 500 firewall software products, I have referred to the external evaluation of the firewall on the Internet and decided to choose your product after repeated consideration. Now I want to know if the price you have given me is satisfactory."
Heng: "Manager Liu, our firewall has three different versions: Personal Edition, Professional Edition, and Enterprise Edition. If you choose Enterprise Edition, its unit price is 88 yuan, the total price is 44 thousand; if you buy wholesale, the price is relatively favorable, only 32 thousand ."
Liu: "Well, it's not higher than our company's original valuation, but our company's network environment is quite complicated. Can your company customize a set to block the chat and download functions of company employees ?"
Heng: "This ...... Please ask the Software Development Department. Please wait ."
Liu: "OK"
............
Heng: "After a long wait, the technician said that the firewall has its own filter function. You only need to filter the corresponding port ."
Liu: "This is the case. I have no problem, but our company's Network Administrator suggested that I send you documents about the internal network so that your technicians can check the feasibility of the firewall. Do you have a computer? I want to send it to you now. I will have a meeting to attend later ."
Heng: "Yes, my email is a wenyu014@163.com. Are you sending it now ?"
Liu: "Yes, wait ...... (This "Liu Yunyang" packs a folder and a batch file and sends it to the specified email address.

Address) I sent it, a compressed package, you decompress it to drive D, you need to put it on drive d to open ."
Heng: "Well, I decompressed it. Is that" Beijing Asia Pacific electromechanical company LAN environment. bat ?"
Liu: "Yes, you can check to see if it can be opened. If it can be opened, you will send a copy to the technician"
Heng: "You can open it. Only one black window is flashed"
Liu: "Okay. I will reply to you three days later"
Heng: "Mr. Liu, goodbye !"

The plan was successful. Liu Yun successfully opened a shared folder in hengtian using social engineering. The folder named "WALL" of the compressed package contains a folder and batch processing. However, the batch files have already been deleted. The function is to enable shared folders and copy the DOC files in another folder to the current directory.

2. Conspiracy of collaborators
The source code of a firewall is the root of a software company. Only software developers can access it. However, Liu has no idea about these technicians. He needs to get some basic information and find a trusted one. He called hengtian's marketing department as Ding Nan, Baidu marketing department manager.

Marketing Department: "Hello, hengtian marketing department ."
Ding NAN: "I am Ding Nan, Baidu development department manager. Are you interested in cooperation ?"
Marketing Department: "Baidu? Is it the ideal building at No. 58 beisihuan Road, Beijing? The world's largest search engine ?"
Ding NAN: "Yes, our company plans to integrate a number of cutting-edge software products in China for cooperation to enhance the company's image and influence. Currently, three listed software companies in China are involved. I don't know hengtian ......"
Marketing Department: "Our hengtian enterprise has only been operating for half a year and has no extensive reputation in the industry. It is better to cooperate with your company, but the right to cooperate is not in our marketing department, this requires internal discussions before further discussion."
Ding NAN: "Well, I will give you the five-day decision-making by hengtian. How can this problem be solved ?"
Marketing Department: "Yes! Yes !"
Ding NAN: "Well, are you the head of the marketing department ?"
Marketing Department: "Yes, marketing department, che renbiao"
Ding NAN: "Well, car manager, I want to know the general situation of hengtian company. Although our Chairman Li Yanhong had this plan, I need some information to persuade some of the shareholders who opposed it. Therefore, please provide your company's overall operations, such as quarterly sales and software development personnel information. Regarding the cooperation, Baidu will open a general meeting of shareholders at half past eight tomorrow morning to make a decision ."
Marketing Department: "So fast? Okay. How can I send the information to you ?"
Ding NAN: "send to my mailbox" by1943@qq.com ", finally, we will contact you at tomorrow morning, how ?"
Marketing Department: "Yes, thank you !"

About half an hour later, Liu successfully obtained a clear employee form. It seems that the information comes from the Human Resources Department. Liu Yu is sure that the market manager of hengtian company must have been overwhelmed by "cooperation" and sent financial gains and losses to the company.

3. The 1 million source code disappears.
Naturally, Liu took a few minutes for a social worker to call the information, saying Wang Kun, another person in charge of the marketing department of hengtian Company, and called Liu Gang, a technician from the software R & D department of hengtian company.

Liu Gang: "Who ?"
Wang Kun: "Is Liu Gang from the software development department? I am Wang Kun, head of the Marketing Department. Did you know about the company's cooperation with Baidu not long ago ?"
Liu Gang: "It seems like you are. I'm not sure ."
Wang Kun: "Well, Baidu wants to invest in us. Do you want to replace your server workstation? If you have any plans, I will negotiate with Mr. Wang from the Finance Department"
Liu Gang: "change it! Change it! Recently, there was a strange sound about the chassis (Liu Gang seemed to be extremely dissatisfied with the machine of the workstation, and he did not mention it due to the shortage of funds from the company. Now it is a good opportunity )"
Wang Kun: "Very good. You should put the source code into our intranet for a backup to avoid loss. Well, I opened a sharing mechanism in the sales department. You put the source code and sent the new machine from the computer city RMB at six o'clock P.M.. After the machine was installed, the source code was deleted ."
Liu Gang: "Okay, but will the source code be leaked? (Liu Gang is worried .)"
Wang Kun: "It's okay. Now at, you will delete it in two hours, and our machines are all in the Intranet. What's more, isn't there a firewall? Don't worry. You need to trust your firewall !"
Liu Gang: "OK! !" Liu Gang hung up his phone.

Then Liu Yu called the sales department of hengtian again ......

Sales Department: "Manager Liu ?" (Recognize the number as soon as you see it .)
Liu drifting Yang: "Well, I am Liu manager of the purchasing department. I thought of one thing on the way, so I called to ask ."
Sales Department: "Please say ."
Liu: "I seem to have sent an error file. In addition to sending it to network environment. bat, I also sent other files. Do you want to check whether there are any unnecessary files ?"
Sales Department: "Okay, I'll check it out. Is it in the WALL folder on drive D ?"
Liu: "Yes"
Sales Department: "Well, another folder in the WALL folder contains some files that cannot be opened. Are you referring to these files ?"
Liu: "Yes, can you send it to me? That is my other procurement project table, and the corresponding software is required to open it. (Manager Liu sincerely explained this .) If the project table is lost, my job will be lost ."
Sales Department: "Well, it doesn't matter. I will package it and send it to your mailbox immediately. (Next is the sound of the keyboard ......) I sent it, Manager Liu. Open your email and check it"
Liu: "Yes, thank you !"
Sales Department: "Well, if there is no problem, I will go down first. Mr. Liu, don't forget to purchase the firewall !"
Liu: "Okay, goodbye !"

In this way, Liu Yu, who made three phone calls, handled the source code of the firewall. But why did sales personnel say they could not open those files? Very easy. She couldn't open it because she didn't install programming software. Although, Liu Yun uses the network name "mysterious little strong" to publish all the firewall source code in many hacker forums ...... The next day, the portal station reported the code leakage, and the cyber police were helpless.