Automating Social Engineering: Part Three
PHASE 2: Ruses Once we have enough information about the employees and company in question, we can begin to make some sense of the information and start crafting our ruses. It is worth noting that this stage currently does not have a lot of since it does require a lot of human intuition and information processing. Certainly as we continue developing the tool we will be able to automate more and create some decision making systems capable of creating useful ruses, but for now a key factor of…
Automating Social Engineering: Part Two
As with any other type of penetration test, we need to gather information. The only difference here is that instead of looking for operating system types, software versions, and vulnerabilities, we’re searching for information about the company, their employees, their social networking presence, et cetera. Given that we’re performing an assessment from a corporate perspective, there are some limitations with regard to privacy and employees’ private life, but the truth is that real attackers won’t abide by such limitations. So, you should assume that any…
Automating Social Engineering: Part One
since the original conceptualization of computer security, and perhaps even before, social engineering has been in existence. One could say that social engineering began when societies began, whether it was realized or not. It is now time to give some of this work to scripts and applications to make it a little more interesting… As the years passed in the computer security community, network penetration became more and more necessary, but computers were not the only thing getting compromised. Social engineering was part of the hacker subculture, but it was…
Safenet iKey 1000 In-depth Look Inside
We received a lot of attention from our previous article regarding the iKey 2032. We present to you a teardown of a lesser, weaker Safenet, Inc. iKey 1000 series USB token. We had two purple iKey 1000 tokens on hand that we took apart-Cypress 24 pin CY7C63001/101 type USB controller is a likely candidate underneath the epoxy above Cypress’ USB controllers run from a 6 Mhz oscillator and an 8 pin SOIC EEPROM might be beneath this smaller epoxy area Once we took our initial images…
In retrospect – A quick peek at the Intel 80286
We thought we would mix the blog up a little and take you back in time. To a time when the fastest PC’s ran at a mere 12 Mhz. The time was 1982. Some of us were busy trying to beat Zork or one of the Ultima series role-playing games. You were lucky to have a color monitor on your PC back then. We happen to have a 1982 era Siemens 80286 If anyone is interested in donating any old devices such as an i4004 or i8008,…
Safenet iKey 2032 In-depth Look Inside
Chances are you have probably seen one of these little USB based tokens made from Safenet, Inc. The one we opened was in a blue shell. Safekey says, iKey 2032 is a compact, two-factor authentication token that provides client security for network authentication, e-mail encryption, and digital signing applications.” As well, the brochure the link above takes you too states, iKey 2032s small size and rugged, tamper resistant construction, make it easy to carry so users can always have their unique digital entities with them.” Now we’re not really…