Previous Article (http://www.bkjia.com/Article/201205/130631.html) due to the relationship of time, write very abrupt, did not write anything to, say sorry to everyone, summed up the next thought to write the second article.
This article will not talk about specific technical details, but just lay a foundation for you to correct the incorrect ideas. When talking about incorrect ideas, I have to say something about the current online and some seemingly very professional materials. If we say, someone steals anyone's QQ or email through the search engine and some brute-force software. If online game accounts are social engineering accounts, I think if Kevin and other experts know that, what do they think,
Let's call the so-called pseudo-social engineering as "a human game ". Real social engineering attacks (hereinafter referred to as social engineering attacks) are very different from pseudo-social engineering attacks. So what are the specific differences between the two?
You may have read many books and materials about social engineering, is there a feasible plan? Are you familiar with everything that information has, including professional terms?
Smart friends may have already understood that the information sources of pseudo-social workers are all from the Internet, so the corresponding tactics must interact with the victims (contact, talk, and so on ). Even more, someone finds the real-life information left by someone through the search engine and says, "This is a very successful social engineering job ". I have to say that it is a tough task.
Here we have to explain why there is an attack like social engineering attack. You may wish to open your mind a little bit. It is a sense of accomplishment to win a pure-Technology-built server, but you have to admit the hardships in it.
Dare to ask if you have ever been wandering around on a fort-based server and have been struggling with code logic vulnerabilities? Have you ever regretted the fact that a trojan cannot take the computer permissions of the beautiful girl because it cannot be killed? If so, let me tell you a scientific and biochemical solution, that is, social engineering.
Why is there a social engineering attack? What is the significance of social engineering attacks? The answer came out, because social engineering can infinitely scale up attacks, so that the hacker's attack methods are not limited to the network. It can directly ask for a password through social networks that collect information and make phone calls, it makes intrusion penetration easier and easier.
In fact, social engineering is also a kind of God-class strategy for looking for beautiful girls in a large area. Do you ever think about how to talk to a star on the Internet one day )? When you use a music player to hear an exceptionally sweet girl song, have you ever thought about finding her and working with her? (it's easy to hear a sound that is too attractive )! When you encounter a beautiful girl intentionally or unintentionally on the yy channel, do you want to explore her and her little privacy secrets? When your boss oppress you, have you ever thought about using a method that doesn't let the other party know to retaliate against it? After you break up with your girlfriend, do you want to know if she has been okay? Did you find another boyfriend? Do you want to tease each other?
Hackers are gorgeous and free to go through the Internet. They like to challenge every type of programs and systems, explore their existing vulnerabilities, and learn their knowledge. Likewise, a social engineering engineer is romantic. Like a magician, he knows everything about you without seeing you.
As a common farmer, I have no ideals or knowledge. I do not dare to say anything about hackers here, but I feel that I still have at least one typing right, so I am not afraid to talk about hacking. People who know the history of computers may know about it. From the popularity of phones at the AT&T Bell lab in 1870s to the prevalence of phone hackers, the rise of computer hackers (hacker) once known as the hero in the history of computer development, they can creatively discover system vulnerabilities and change the security of computer systems, but no one can question the two sides brought by things, that is, creation and destruction, change and reconstruction.
It rained out the window, lit up cigarettes, and recalled the past few years. Suddenly, it was a bit sad. The glory of the overflow attack, the madness of script boys in the open-source era, and the rise of kill-free technology, pandatv was so horrible that it was then covered by wireless networks that more and more script boys now use the tools of their predecessors to perform the same traffic, account, and database transactions, the old predecessors left behind a legend to conceal the disappearance of the mall. Today, our generation of hackers who have grown up in an environment where they show off force and destroy themselves are doing this kind of sales, looking at the Heights, our hackers used to envy Microsoft and Google companies, but now we can only envy them. The more we live, the more we go backwards.
I am not in the mood to continue writing my questions. Sorry.
Let's talk about the social engineering syllabus in the future. We are going to talk about the technology in the next section. If you are interested, follow up.
General Arrangement of chapters: accurate locking of information owners, forgery of identities and files, clever setting of traps, information collection, sorting, and filtering, mining of sensitive information, and locking of geographical locations, network tracking and Other Information Tracing technologies. Check whether there are advanced information collection and spying techniques as needed, as well as eavesdropping and monitoring GPS positioning techniques. The next step is the use of psychology, privacy spying, and human intrusion. Finally, it is anti-Information Tracing and anti-reconnaissance technology.
I don't know if you have found a problem. In fact, we can see in various dark forums that the master and cainiao are out of touch, and the high-handwritten articles and tutorials cannot be understood by cainiao, however, some tutorials cannot be imitated because they do not clarify the specific principles and details. Even if you can imitate them, it is still difficult to solve new problems, in this way, I have been wandering outside the door, finally even attacked, and then gave up. The importance of the foundation is clearly unknown. Scz predecessors said: "BBS cannot really learn things, but it is enough to broaden people's horizons and get guidance in the general direction ." Yes, it's enough.
There is no one to put on the shelf, and there is no life to do this.
Author: Yan Han from the Dark Group