Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this


  1. 1. Using Information Gathering and how it can change your attack!<br />
  2. 2. [bash]$ whoamiroot<br />ISP Systems Administrator for 5000+ subscribers<br />-Under attack 24/7 by IRC users<br />Owner of computer consulting firm - 6 year<br />-Under attack by other law firms<br />NYC Forensics Investigator<br />-Catch idiots and occasionally a smart one<br />C|EH from Ralph E<br />-This guy was sick<br />Security Engineer for fortune 500 company in Chicago.<br />-Loved it.<br />CTO for RESOLUTE Games - iPhone/iPad/Android Dev<br />-No Security for mobile platform<br />
  3. 3. The Original Attack<br /><ul><li>Financial Institute with PMI
  4. 4. Department to attack HR
  5. 5. 3 Monthattackwindow
  6. 6. SOW said no physicalattack
  7. 7. Attackat MIT recruitingevent
  8. 8. Poll and Phish</li></li></ul><li>Methodology<br />
  9. 9. Tools <br /><ul><li>Social Networks
  10. 10. Linkedin
  11. 11. Twitter
  12. 12. FacebookFanpage
  13. 13. Maltego
  14. 14. Google Apps</li></li></ul><li>Linkedin<br />Searched for VP levelemployeeswithoutlinkedinaccounts.<br />Created 3 and linkedthemtogether - thisadds a little more trust.<br />Joinedcommon groups <br />Watched as all the employees, includingmost of HR connected<br />
  15. 15. EX:<br />Find People<br />Create SEPERATE Gmailaccounts<br />Createlinkedinaccounts<br />Link together<br />
  16. 16. I likeTurtles…<br />No Turtles were harmed while performing this test.<br />
  17. 17. Twitter<br />Followed VP of Marketing<br />Followed VP of HR<br />FollowedDirector of IT Security (PersonalAccount)<br />Followed Hash of manyevents<br />Follow MIT Event hash<br />
  18. 18. Facebook<br />Createdfake MIT and RIT studentaccounts<br />Became fans of HR Event<br />Set up interview times – PDF resumes to come.<br />StudentID’s and USB sticks to come.<br />
  19. 19. Results of thisattack EPIC Fail!<br />This shit never happens to me.<br />Act of God? <br />Still cant believe it.<br />
  20. 20. Halt!<br />HR Executivestarttwittering about a trip.<br />Chicago, LostLuggage and lost Cellular Card<br />BestBuy, JimmyJohns and Google Maps<br />2.1.2_firmware.exe – Seriously that just worked?<br />
  21. 21. Thankyou idiot atBestBuy…you rock!<br />
  22. 22. Prevention<br />Think of Social Networking like any other system in/on your network.<br />Allow not to allow.<br />Monitoring the top level or all users just like email.<br />Apply new rules and policies with HR.<br />Training, for the love of God, training.<br />
  23. 23. Questions and Answers<br />