When we run out of password attacks, overflow attacks, script attacks, and so on, do you think you can also use the knowledge of social engineering to infiltrate? With regard to the definition of social engineering, my understanding is that social engineering is about building the theory through natural, social and institutional approaches and emphasizing, in particular, a step-by-step solution to various social problems, based on realistic two-way planning and design experience. The popular point is to use the weakness of human nature, combined with psychological knowledge to obtain the sensitive information of the target system. We can be disguised as staff to approach the target system, by collecting some personal information to determine the approximate content of the system password. There are still some differences between this method and the traditional method, but its function is absolutely not less efficient than the traditional method. Here I will like "research" to steal QQ as an example to explain.
First of all, we want to achieve the goal of our trust, and put some sensitive information to tell us. There are many ways to get a target email address (you can use sweet talk, but also through his forum where the registration information, of course, you can also directly to ask him:) Get the email address what can we do? We now have to do is disguised as Tencent headquarters staff sent an e-mail to him, told him for various reasons his password protection data loss, asked him to go to XXX site to add a copy.
Well, the general idea has been said now for the implementation of the method. First we need to find a computer with mail relay function, we can complete this action on 3389 Broiler. After landing the broiler, find the Management tool and then click the Internet Service Manager--SMTP Server--Properties--access--relay--Add your own IP to go in. So we can use him to send an email. Then we telnet to the broiler 25 port to send mail, the following is the process of my letter, pay attention to see ("//" behind my notes).
C:\>telnet IP 25//connection to the 25 port on the broiler, next we will see some version information of the SMTP server
C:\>helo//And the server to say hello, hehe, tell him you want to write.
C:\>mail from:qq_***** @tencent. com//We disguised ourselves as qq_***** @tencent. com This mailbox to the target letter, let him feel that Tencent sent him
C:\>RCPT to:xxxx@yahoo.com.cn//Tell the server to receive the email address of the person (i.e. our target) is xxxx@yahoo.com.cn
C:\>data//Tell the server we're going to start writing the message body now.
Then you enter the text of the message, because we entered the local command is not visible, so you'd better put the mail content in Notepad and paste it in. The message body is as shown in the picture:
The above use now fry very hot Shockwave worm as an excuse to lure each other to believe that this letter is issued by Tencent, the specific situation to be specific to this depends on the imagination of everyone. After entering the body, press Enter and then press the period. and enter to end the message body edit. Finally enter quit to exit the broiler.
Let's analyze what kind of human weakness the letter uses. First at the beginning of the message in order to standardize the official format to write the purpose, let people feel that the letter is indeed Tencent issued. Then use some popular, earth people know things to do cover. Use the name of the expert to prompt the target, because the person's psychology is to own organization, family friend and expert's words have a default trust, increase the credibility of the message.
Target after receiving this letter, if the content of the conviction, naturally he will click on the address mentioned in the Mail to re-register password protection (of course, we disguised as the Tencent site), it depends on the level of the story. And we in the mail mentioned site's address of course can not be written on their own that fake password protection of the Web site pull, so much can be seen by people. Here we need to learn about the URL knowledge (specific everyone to find information), in fact, we can send a site like this to his http://www.tencent.com@ broiler IP, Maybe some people think that strange web site is such a front www.tencent.com is Tencent's website, this can increase its credibility ~ and at the end of the @ is where we really want to go, that is, the content between http://and @ is not working, We will be more deceptive if we do some processing on the Web site. Here I simply say the details of the method to find information. For example, if we put the fake Tencent page on the www.*****.com, we ping it ip--61.135.132.173 first. Then open the win's own calculator. 61, 135, 132, 173 4 times input, each input after the conversion into 16 into the system and recorded. We have 4 of the 16 in the number of values and together we can get 3D8784AD this group of numbers and then enter the calculator to convert 16 into decimal, get 1032291501, submit http://www.tencent.com@1032291501/page file name. We will be able to visit the Sohu page, this is a demonstration, the specific situation of the specific treatment.
Disclaimer: This article is purely discussion technology, please do not use this method to sabotage activities, otherwise the consequences of the ego!