[ art / civ / cult / cyb / diy / drg / feels / layer / lit / λ / q / r / sci / sec / tech / w / zzz ] archive provided by lainchan.jp

lainchan archive - /cyb/ - 29795



File: 1464123198307.png (94.97 KB, 300x169, Image.png)

No.29795

Last thread was ages ago .

Online Resources :
http://www.social-engineer.org/ : Pretty useful site , plus it contains massive resources for social engineering

https://github.com/trustedsec/social-engineer-toolkit : SET github page .

if you have anymore websites , books or any kind of resources , add them in your post .

cont.

  No.29796

File: 1464123750900-0.png (913.58 KB, 200x200, How to win friends and influince people.pdf)

File: 1464123750900-1.png (2.67 MB, 200x200, What Every BODY is Saying - Joe Navarro.pdf)

File: 1464123750900-2.png (6.11 MB, 200x200, The Art of Human Hacking.pdf)

>>29795
Useful books :
"How to Win friends and influince people " : A must read for anyone intrested in making jolly company .

"What every "body" is saying" : the author is an ex fbi agent . and he explains non-verbals very well .

"The Art of Human Hacking" : a book that delves into social engineering and exploitation of the human nature .

  No.29829

>>29795
http://changingminds.org/ has a lot of useful information and things are still added here and there. Information is also in manageable chunks on it for those that that matters to.

Also I've personally noticed understanding myself leads to better understanding of others, which in this context can be applied and I'm unsure of this as it is something I have no evidence for, but I think I noticed a pattern between how emotional someone is and their ability to sense others emotions/read people.

  No.29861

>>29829
"It is said that if you know your enemies and know yourself, you will not be imperiled in a hundred battles..." ~ sun tzu .

humans are the same either you're a lowly beggar or the president of the united states .

only difference in status and actions divide them .

  No.30032

>>29853
This should be a Sister thread , since the things disclosed there are very helpful in social engineering .

  No.30034

>>29795

I take exception to the generally dry and academic nature in which we discuss this topic on here.But what I understand from social engineering is that there is very little that simply reading will teach you (besides a bunch of facts.) I mean yeah, facts are fun, and they make us sound smarter and we can internalize it and make ourselves feel superior that we somehow magically have the ability to socially engineer people simply by reading a few books

I would rather much have a discussion on real events,
In good faith I'll begin.

My various dealings with a client has lead me to many interesting adventures. I am paid to do market research of a kind for this person.

After two weeks of recon on the type of market research he was after, I noticed that the central contact point that would take me inside their organization would be this individual. Lets call him Steven.

I called up and he answered. I already knew he was at reception/scheduling or what ever his position was called. "Steven is that you?" I asked.

"Uh... how can I help you?"

"Steven Wallaby from Metro DC High?" I throw out a fake highschool name.

"Uh no.. this is Steven Gambino" he answers.

"My apologies! You sounded like an old friend of mine!" I continue with a mundane question.

I have his name, his place of employment, and also his name. I start google dorking through spokeo, radaris, and another site I have a membership to. I pick up a few of his profiles and pull up an older myspace profile out of archive.org. I learn that he's into Queens of the Stone Age, and that he liked skateboarding in the past. He's single, but enjoys hiking.

I have an older Win XP machine with a wonderful tool called Virtual Audio Cable. This thing allows me to take the sound output of one program and use it as the sound input of another. I use a cygwin instance along with a few ffmpeg and sox piped commands to pitch shift my voice to sound like a Woman's. Younger 20's, and pipe it direclty into Ekiga VOIP software.

I use a SOCKS proxy that I found open near by the city of the SIP host. And I dial back into Steve's line.

I start talking to Steve. Mind you I put on one of his favorite Q. ot SA's tracks in the background.

"Hello this is... Steve."

"Oh... oh sorry, hold on a second." I lower the volume on the "track" (still being fed in by virtual audio cable).

"Oh hey Steve, this Belinda. Uhm yeah, I'm new at [sub contractor company] and my manager told me to get a hold of you regarding the new sales slips we were suppose to send to you"

"Uh... yeah, we got them last week, how can I help you."

"Oh gosh, Im such a klutz steve! I think I might have sent you the wrong slips meant for another company and I really need to get a copy of them to see if I sent the right ones, I don't know wha to do."

I become a damsel in distress.

"Do... do you think you can help me? Maybe we can meet up and you can show me the slips or something? I just need to verify you guys got the right ones."

"I don't know...."

I interrupt, "look okay I know this is unorthodox, but how about this. You can fax them over and then we can meet up later at maybe.. Applebees, or [Steve's favorite bar and grill], or [complete hole in the wall]?"

"I'm kinda new to this city so it'd be nice to make a friend or two, i mean if I can keep this job" start sniffling a little here.

"Alright. What was that fax #"

"Oh Steve! Thaaaaank you! The # is xxx-yyy-zzzz ext 1337 and where would you like to meet up and is 8ish alright?"

Steve sounds a bit more confident, "Well that grill you mentioned, lets go there possibly?"

"Sounds great! I heard it was a great place... and you know what steve... drinks are on me! here's my cell # text me kay?"

"Uh yeah... sure thing!"

And in the most earnest audio enhanced fake voice that I can muster, "Honestly, thank you Steve, you really did save my hide here.... I owe you sooo much. See you soon."

  No.30077

>>30034
Where did you leanr your techniques? Are you just naturally sociable or is there a guide you followed?

  No.30097

>>30034
you are a legend my dear lainon, please share more with us if you can .

  No.30099

File: 1464724525397.png (2.39 MB, 200x113, DSC_0003.jpg)

The chapter on social engineering in this book is very good.

  No.30129

>>30034
>>30097

There are a few things the books have taught me that do seem like valid pointers or good inferences on human behavior.

For example, doing someone a favor prior to asking them for one (or implying the asking) is enough for them to tip said action from no to yes. For example, I once was asked to get someone's fb password.

Context is friend A thought friend B was sleeping with A's S.O. and he wanted confirmation. these are not my friends mind you. Except some business arrangements that have been had with A; I digress, so in the course of ingratiating myself in B's life, we had a LAN party once and I suggested that we split pizza.

I knew he was broke at the time so he sheepishly said he didn't have the cash to cover, so I shrugged and said, "tonight it's on me." So I order pizza get him hisown favorite deep dish double stuffed whatever. He thanks me.

I turn the conversation over to this girl I've been trying to face book stalk. I point out the fact that he's mutual friends with her but she locks alot of her content to non-friends.

I ask him how the pizza is, he says, "good."

I then ask, "hey can you do me a solid? Could you possibly let me look at her profile through your account real quick to see if I can get some more info on her, like maybe where she likes to eat out? I'd like to ask her on a date."

I take a slow and deliberate bite of my pizza.

He hesitates for half a second and says, "sure!"

I get off /my/ computer and let him sit there. "Alright I'm gonna go to the bathroom real quick, you do your thing. Thanks man!"

He logs in and navigates the page over to her account. We spend some time talking about her and what he thinks about her and what not. The evening concludes itself and we partways.

Of course I had installed a keylogger on my own computer.

So, lesson learned, misdirection of intent and using social norms such as the returning of favors can be written into your social engineering script.

  No.30141

modernmachiavelli.com

  No.30143

>>30034

You kind of brushed over an important part, the whole dorking bit. That's actually OSInt, and really does require some book learning before you can just do it.

  No.30152

>>30143

In a thread about Social Engineering, I'd assume that the reader would understand the post I wrote as treating the subjects of human interaction as central. Dorking is simply incidental. Unless that's the only way you know how to arrive at a person's relevant intelligence. In which case, you can still arrive at the same point by gaming those around him.

Social engineering, which is overlapped with the world of grifting, everything besides the money, set up, and blow off, is merely a prop in scheme of things.

  No.30533

>>30129
I feel like you have to be a bit of a sociopath to manipulate a person like that. Hanging out with someone, eating pizza together, pretending to be their friend, all just to use them or to extract information from them. it seems so dehumanizing; fear of being treated this way myself has lead me to paranoia at times in my life.

  No.30534

>>30533
Believe it or not, this is how most people function. If you are a dumb shit, crap like this happens to you.

  No.30544

>>30533
I'd say your best bet would be to strictly separate your friends from your "friends".

Remember, everyday a new sucker is born, only waiting to be exploited.

  No.30548

>>30534
Not the one you're replying to, but is it dumb to want to do a favor for someone who treated you pizza? Or help someone in a similar line of work who made a mistake and might be in trouble with their boss?

Aren't these are normal actions any person would take?

At least, wouldn't guarding against this mean being unnaturally suspicious of others?

I'm not trying to have a go, but who wouldn't fall for these aside from the extremely paranoid or sociopaths?

  No.30557

>>30534
Yeah you sound like a textbook sociopath

http://www.mcafee.cc/Bin/sb.html

>They never recognize the rights of others and see their self-serving behaviors as permissible. They appear to be charming, yet are covertly hostile and domineering, seeing their victim as merely an instrument to be used. They may dominate and humiliate their victims.


>Does not see others around them as people, but only as targets and opportunities. Instead of friends, they have victims and accomplices who end up as victims. The end always justifies the means and they let nothing stand in their way.


>Unable to empathize with the pain of their victims, having only contempt for others' feelings of distress and readily taking advantage of them.

  No.30560

File: 1465408656291.png (33.74 KB, 200x150, 10409365_596148010511074_5383875152187344947_n.jpg)

>>30534
Yeah, you're literally a sociopath.

I will agree that people use each other, but its through actual relationships and without forethought and pre-planning.

I used to think the same way you do, but changed throughout the years. Now I look back and realize how fucking insane it is.

  No.30561

I really can't understand what you people are on about. It's tough out there and blessed is he who has a silver tongue. I can't blame the so-called sociopath, no, I admire his tactics and respect him for his guts. Obviously you have to be a little cold when making business but that's what separates suckers from hustlers. It's always been this way and the sooner you realize and apply those tactics, the sooner you'll be able to help yourself and perhaps someone you like

  No.30562

>>30533

Well, needless to say it takes its toll on me too. And in these cases, my objective is clear, the target is contained (not indiscriminate targeting) and it's comes from a moral decision (moral to me) to help a friend out despite the extent of the actions.

The socioapathy in it is determined by the joy extracted from it. Which in most forms, isn't that joyful. And to some extent we all do it. Of course we make ourselves feel better by lathering on a veneer of some pretense we operate under as a salve.

God forbid you realize that we truly are self-serving to a point, and that the difference between those that cry "SOCIOPATH!" and those that merely recognize the fact, is that the former fears that in themselves.

Yes, true altruism is possible, but we weight our operational day to day decisions based on risk/reward metrics. And use social bartering, favors, socially contracted behavior, to drive that behavior along generally sociable lines.

And if you like at the entirety of the situation, who's more in the wrong, if we're framing this as a moral discussion? The cheaters? Or the one that is trying to bring it to light? Is it moral for snowden to abuse his position (waaah but it's not the same!) but immoral for me to abuse mine for the sake of a friend?

Welcome to the muck of moral relativism.

  No.30563

>>30557
>never
>covertly hostile
>does not see others around them as people
>unable to empathize
>implying so so so much

One thing I do want to note, if you can't empathize while SE'ing, you'll fail at SE.

  No.30564

>>30563
Actual sociopaths tend to fail at most things in life, despite edgy pop culture memes. Its not difficult to see why from the link.

  No.30568

>>30099
anywhere i can get this ebook?

  No.30580

>>30568
1. There is no ebook in this picture.
2. http://libgen.io/search.php?req=security+warrior

  No.30591

>>30564
It's pretty probable that a good portion of CEOs and politicians are sociopaths.


  No.30639

>>30600
thsi is an odd thing to have a wikipedia article on.

  No.30659

>>30591
...but they don't know it themselves.

  No.30689

>>30591
sociopathy is the new autism

  No.30708

>>30689

It really is used these days to describe any level of ruthlessness or dispassionate ambition.

  No.30711

>>30708

Well social apathy is a characterstic trait of those on the severe end of the autism scale. Although, obviously not meant to denote that they are incapable of empathy. Rather, their inability to show it in a socially meaningful way.

As per everyone's "WAAH RUTHLESSNESS", I think you guys have been coddled too much by kids tv shows where everyone is supposed to be friends and hug it out.

Fucking filthy millennial whiners.

  No.30715

>>30533
Jamie plz. I've already socially engineered you many times over.

  No.30727

>>30708
well, no, it is used to describe the condition of having no capacity for empathy. Sure, it's over-applied, but in many cases(as in among people with a lot of power), it is being used legitimately.

>>30711
>only millenials give a shit about their fellow human beings

I find that hard to believe.

  No.30728

>>30711
>you guys

Literally no one on this thread was acting as you described. Are you another one of those defensive self-diagnosed "sociopaths"?

  No.30739

>>30727

Its not about millenials actually caring, it's about them having to confront that reality isn't lined with soft clouds and coddling reassurance that everyone is supposed to get along.

>>30728
No, unfortunately I'm not a sociopath. Nor would I trust myself for self-diagnosis of anything. That why we have medical professionals.

  No.30744

File: 1465672069291.png (70.05 KB, 185x200, Yuri Gagarin and Alexey Leonov during a party in Star City.jpg)

>>30739
>unfortunately I'm not a sociopath

  No.30993

>>30739
I haven't seen anyone in this thread display an inability to confront this "reality" you speak of. Who are you even talking about? We need not embrace with open arms the shitty world we live in.

  No.30997

>>30591
One of the core parts of sociopathy is impulsiveness. Basically, a sociopath is bored all the time, is impulsive, and will fuck with anyone and anything to make things interesting.

Being impulsive to a pathological degree would make it nearly impossible to hold down a C-level job. Sociopathy is really rare, less than 1%, and while probably like 5% of CEOs are sociopaths, it's far from a "good portion." Just overrepresented, because the job selects a little bit (or a lot of a bit depending how you look at it) for sociopaths.

  No.31021

>>30997
You're thinking of psychopathy, which is similar to sociopathy but with some added bonuses like the inability to function in society.

  No.31730

we need a new hacking general too. Anybody save the last one?

  No.32678

Is it a good idea to start straight with social engineering or should I build up some charisma first?

>>29796
How to win friends and influence people doesn't strike to me as a good book on social engineering. It's a book on how to treat your subordinates properly so they like you and have a healthy relationship to you. It's good but not really about social engineering.

  No.32686

>>32678
and here my friend is where you're wrong .

The book teaches you ways to gain peoples trust and manipulate them indirectly .
sure, the man who wrote it may have had no malice in mind while writing every line in the book .

Infact , this book may be the greatest social engineering book out there.
ofcourse if you believe that Charles Manson used what he had learned from this book to make women kill on his behalf .
anyhow , social engineering is build on exploiting the human trust ,and this book teaches you how to gain it and let it grow .

  No.32688

>>32678
also , best way to build charisma is through social interaction and confidence .
aka , better start interacting with random people on the street .
also , better start lying to yourself about a lot of things if you want to get better at lying to others .

  No.32697

I can't wait for this meme to die.

  No.32709

File: 1468179318114.png (136.58 KB, 142x200, 1465252312314.jpg)

>>32688
Charisma is genetic.

SE reduces to imposing your version of social reality on others. It exploits basic vulnerabilities every human is designed to have and who will be succeptible to if they're unskilled in it's application. Everyone who isn't a psychopath fears violating norms, status abasement, conflict and drawing attention to oneself through incompetance or ignorance. These are largely evolutionary drives and result in unconcious cognitive functions that govern how people collect and process information to create emotional responses that control concious behaviour. It also exploits cognitive biases (naive realism, confirmation bias, social proof etc), behaviourism and other shortcuts that result from the human mind being far less impressive than our species would care to admit.

You will learn nothing from books, it has to be trained. Much of it involves replicating emotional reactions that have facial/verbal manifestations in situations that are completely detached from their culturally understood context. People get culturally conditioned to associate emotive responses of others with certain subjective meanings that will be evoked if you can reproduce them. Most relatable example are women who think they "deserve" getting beaten or abused, because their uncoincious mind can't comprehend a context where extremes of violence or anger don't have some justifiable cause. Same thing as "you're selfish" in application to something that obviously favors the person applying the elastic word or concept.

The US politico-media complex is a great example of impression management and attitude conditioning at a broad scale. If you want to understand social engineering, just watch some ads.

  No.32713

>>32709
lainon , what you've just implied is that all social engineers or "unsocial" people are psychopaths , which is probably untrue but i do agree on you with some points .
but i'm sure even you can agree that anything can be achieved with enough training , heck even uncharismatic people learn to behave given both time and instruction , i like to believe that reading these books and slowly applying their teachings can also reach what a nature born charasmatic leader has .
only difference is achieving it through effort ,not natural selection .
also , fuck ads .

  No.32715

>>32713
>you've just implied is that all social engineers or "unsocial" people are psychopaths
>basic vulnerabilities every human is designed to have and who will be succeptible to if they're unskilled in it's application
Nope. I also didn't imply that all psychopaths are good at SE.

Prepare to see a lot more psychopaths in the future though, because disinhibited emotional functions are objectively better than their genetic counterpart in individualist post-industrial nations. They'll still be vulnerable to good old stupidity, bad attention spans and conditioning, however. They just can't feel remorse, fear, empathy or shame.

  No.32717

>>32715
Not the lain you're replying to, but I think in general these things move in such a long cycle that we probably have nothing to worry about in our lifespan, short of extended lifespan shenanigans.

The way I look at it, if evolution or adaptation happened that quickly, there would be a lot less stupid people, since there is no benefit to stupidity in today's society, right?

  No.32721

>>32717
Intelligence plateaus early in the amount of reproductive fitness it confers. It's heritable, but that doesn't mean it's correlated with parental IQ.

  No.32722

>>32717
the lainon he replied to , believe it or not lainon but humanity has evolved in the last few years faster than anything before.
hell we're even closer to the technological singularity than ever before .
which brings us closer to something more
dangerous than any war terror or destruction .
human devolution.

to put it in a simple way , we've reached a point where everything is made so easy that there should be no direct need to tackle hardships .


and even if humanity evolved that fast , there should be a few slips in the cracks and couple that with disagreements in personal philosophies and misjudgments on peoples parts and we'll have people calling eachother stupid on nothing but first impressions through a computer screen .

which brings us closer to something more
dangerous than any war terror or destruction .
human devolution.

as our dear philosophical anti-corporations lainon would put it ,as i could try to mimic through our brief interaction in this site .

'corporations are making consumerism an even more mundain task for anyone to partake in , made even simpler by our more advancing technology .'
to put it in a simple way , we've reached a point where everything is made so easy that there should be no direct need to tackle hardships .

there is also the fact that more researches these days proves that children born in the last few generations are becoming less sympathetic by time .

alas , less sympathy does not equal more intelligence .

  No.32723

>>32722
great , pressed ctrl+c instead of ctrl+x .
forgive my mistakes dear lainons .
i got to exited while writing this reply .

  No.32732

>>32722
>closer to the technological singularity
>reached a point where everything is made so easy
And yet, humanity is collectively as economically stratified as it was a thousand yeas ago. Tell me about how "easy" things are when the only way to scrounge up enough pleb credits for the next nutrient bar is by sucking unmetaphorical dick. The best way to enjoy post-scarcity is with arbitrary labor and a dash of media rhetoric about "personal responsibility" and "economic independance".

  No.32780

>>32709
Wait which is it? Genetic or trained?

Really the answer is mostly trained. It's just that genetics can cause you to get much better training at a young age. People are nicer to "the beautiful people" and so they're more confident and that builds on itself. It's not so much a science as you make it sound though. Ads and stuff work on large scale playing of averages but you can't apply those same techniques to individuals and expect consistent responses. You really have to play it by ear and there is nothing better than knowing your target well.

Abused women are not great examples. They're examples of long term conditioning, though with a lot of evolutionary drive mixed in from both the abused and abuser. If you control someone's environment you can do basically anything you like with enough time but that's not realistic for most SE applications unless you're trying to start a cult or something.

Also
>because their uncoincious mind can't comprehend a context where extremes of violence or anger don't have some justifiable cause.
That's not why they come to those conclusions. Their "fault" in matters is going to be hammered into them generally during the violence. "You make me so angry" etc. This is a small part of a much larger thing though. The whole of their relationship and life has to be taken into account and often there are a lot of causes there as well, social isolation causing something similar to stockholm syndrome being chief amongst them.

>"you're selfish" in application to something that obviously favors the person

This is a great example of a technique where it pays to know your target. On most people this will go down fine if you drop it naturally enough but a lot of the old 80's businesmen types will almost take it as a compliment and more assured/paranoid people will take it as an attack or wonder what your angle is and all of these responses can have quite different effects.

>>32732
Stratification has nothing to do with how easy it is. We live easy lives of wealth and luxury compared to those of similar stratification a thousand years ago.

  No.32802

File: 1468258195993.png (126.55 KB, 134x200, b8d1441bcfe5681c804745a2619d5c17.jpg)

>>32780
>Their "fault" in matters is going to be hammered into them generally during the violence
I disagree. Why not set up an experiment? :^)

You might give them concious substance to distract themselves with, but it's only effective because of potent conditioning events at an earlier age where anger or violence was connected to misbehaviour. Another example - and this one affects me - is every time someone coughs around me I experience tinges of anxiety and unconciously take it as directed at me. Despite how silly and obviously unrelated it is, this is how people work.

>Stratification has nothing to do with how easy it is

Selection still occurs when people are being competetively selected for something.

  No.32808

>>32802
>it's only effective because of potent conditioning events at an earlier age where anger or violence was connected to misbehaviour.
I can get behind the idea that this would impact the situation but, despite that everyone underwent this conditioning, you cannot just start hitting someone and expect them to think that it's their fault. There are certainly other factors at play. Pimps spend months of preparation in order to evoke this behaviour from people and abusers do similar things without really understanding what they're doing.

>this is how people work.

You're right but there is so much more to abuse than this. In general there's so much more to people than this. It might be able to offer some explanation of how you respond to coughing but it doesn't come close to explaining all of human action. Well, you can explain everything with it but that comes with the subject being so difficult to test. Freud managed to explain everything with sex no problems but there are always areas where it starts to seem contrived. What about cult members who run away despite having almost no contact with the outside world? People are surprising.

  No.32812

File: 1468265735881.png (106.89 KB, 142x200, c9c8a58b32442aa38e07c5809cea25af.jpg)

>>32808
I'm not trying to advance a Skinner-brand reductionism. Those were really simple examples for people to use to understand equivalently simple representations of isolated neurological mechanisms that underpin all instances of the phenomenon in question.

Ever questioned the inexplicable stock image sea of people smiling?

  No.32845

File: 1468282771157.png (120.34 KB, 200x96, HERESY!.png)

>>32812
>Ever questioned the inexplicable stock image sea of people smiling?

Why would you do such a terrible thing, Lain?

  No.34207

>>30548
>At least, wouldn't guarding against this mean being unnaturally suspicious of others?

Not at all. This is why good OPSEC for at least this level of stuff is important.

>Yeah sure, here's her facebook (whips out phone)

>Sure, I'll bring the printouts to <<that grill place>> at 8 tomorrow, wear something cute ;)

Easy to deflect.

  No.35634

Moved to >>>/sec/445.