When programmers see beautiful women? A social engineering case

I browsed the circle of friends yesterday and saw this article from @ binarytree.

At that time, I was not happy. are programmers so weak?

Go directly to the topic. Next, let's take a look at my social engineering case. Let's see what happens after programmers see beautiful women.

Statement: This case is purely a fictitious YY. If there are similarities, it is a coincidence.

0x01 background

Bear is a software engineering school student. He learned a little dark technology in his junior high school. He knew something about cross-site injection and got a little idea about webshell Elevation of Privilege. He also had some contact with social engineering personnel. Unfortunately, after going to college, I switched to development and didn't do security again.

Today, he was eating in the dining room and saw a beautiful girl. Her voice and smile, graceful body, and sexy black silk make the heart of the bear a ripple. He wants to talk to her, but he is a programmer. According to the settings, he will not talk to beautiful women. What should he do? How can he get the contact information of a beautiful girl without a conversation skill?

Lightning strikes his head: Yes, I will have some social engineering!

0x02 student ID

Bear immediately returned to the computer that had been waiting for more than a month and began to sort out his ideas. When he was in junior high school, he heard a saying from his predecessors: "thinking is more important than technology in the process of intrusion ".

Bear thought that he could first take advantage of the technical advantages and start from the school database. So he began to intrude into the campus educational administration system.

I haven't reviewed my security knowledge for a long time, and I am not familiar with it. I have been busy for a long time and have not obtained the permissions of the school's educational administration system. However, he found a very useful bug (and it seems to exist in all xx educational administration systems): he obtained a student ID photo through the student ID without authentication logon. As shown in:

We can see from the file header that this is a jpg file (which has been processed by meitu.com ?), We saved the webpage and changed the suffix to jpg to see the photo.

Little Bear has never forgotten the appearance of a beautiful girl. Now he needs to use this vulnerability to determine the student ID of the beautiful girl.

Because the bear knows that this beauty is not an undergraduate student, because he never saw her in the relevant course, and she is not in the same grade as him, because he only saw her this year. Therefore, cubs now need to find the student ID mode for the 13-level student. This is not difficult. Just ask a person. The student ID mode for grade 13 students is 13105 [Class] [serial number]. For example, the first student in class 1 is 13105101.

Now we only need to traverse all the pictures and recognize the goddess. Because the students in each class are arranged on top of the girls' student ID, the boys' student ID is on the back. So as long as a boy is found in a certain class during the time, skip can be transferred to the next class.

Because the College of software engineering has only three courses in total, the traversal volume is not very large. Therefore, bear handwritten a bash script:

#!bin/bashfor stuNumber in $(seq 13105101 13105130);do wget "http://xxxxx.edu.cn/readimagexs.aspx?xh=${stuNumber}&lb=xxxxx" -O ~/studentImages/$stuNumber.jpgdone

Each class has a maximum of 30 students. Even if there are more than 30 students, the number 30 can also include all the girls in this class. In this way, you only need to modify the corresponding student ID range and run this script to traverse and download the corresponding student ID photo.

Soon, the bear discovered the beauty she met in the canteen today. Her student ID is 13105301:

0x03 mobile phone number and other information

After obtaining the student ID, it is still a little progress. The Little Bear thought this way. However, it is far from enough to obtain the student ID. He understands that he must use this information to obtain more information.

To this end, he tried:Cheat the counselor and say that the student who picked up the student ID had a meal card, hoping that the counselor could help him check the student's number so that the bear could contact the owner.

Let's do it:

During the chat, the bear pretended not to know that she was a girl, but it was wrong because the meal card was printed with photos and names.

Although not good, but at least the bear got the beauty name, called Bao xx. Of course, the bear will continue to look for another counselor, but before that, the Bear wants to use the name to expand the results. He immediately logged on to the social media website xx to search for the girl's name. Very lucky, this name is rare, and you can see the beauty at a Glance:

Let's see how her xx privacy permissions are set. Click on her home page and find that she can browse almost any information. Through xx network, we get the following information:

Birthday: My hometown: xx Province xx City High School: xx Middle School

Of course, there are several more photos to talk about with her release history. These talks will play a great role in understanding her personality and experience.

Next, let's continue with the previous clue. Through another counselor, the little girl got her phone number as expected. However, the information search work of the bear is not over yet. He put the name and related information of the beauty in google to search for it. I got something more interesting: the registration summary of a certain exam saved by her college, and the examination form at the university entrance:

I still have an ID card number! Then, search for the ID card number in google? I got another form that I didn't get. This form also contains a mobile phone number that I didn't get before. I checked the address with ip138.com. It should be the mobile phone number of a beautiful girl at home.

Now, the bear has obtained the name, student ID, birthday, ID card number, home, high school, two mobile phone numbers, height and weight of the beautiful girl.

0x04 what's next?

If the bear is still a black fan, he will continue to use this information to generate a "Dictionary" to guess the passwords of various social network accounts of the beauty.

But now he is a programmer. What will he do?

As soon as I remembered that there was still a lot of code to write, I went on to write the code.

I declare again: This article is purely fictitious. If there are similarities, it is a coincidence.