Collection of information through social engineering and social networks

Abstract: Social networks have a significant amount of information that can be exploited. Roelof Temmingh, the author of Maltego at the conference Hack.lu 2008, explains how to leverage this knowledge using the tool.

This presentation Roelof Temmingh was made at the conference Hack.lu (link) held for three days in Luxembourg from 22 to 24 October 2008. The subject had been raised a week earlier at the conference bluehat (link), organized by Microsoft.

It was highlighted by the abundance of information flowing freely on the internet via their use and storage of social networks by the largest number, with sites like Facebook (link) for individuals or LinkedIn (link) for professional example.

These sites alone centralized database of personal and professional information very important both in size only by the sensitive nature of the information it contains. The consequences are probably very damaging to many if they were to fall into the wrong hands

The author of this presentation explains how to take advantage of information available on these sites using a tool he developed and named after Maltego; we had already talked about it very recently with the first version (link), the second is now available on the project's official website (link).

A concrete example of use would, from a domain name like microsoft.com, to recover all the IP ranges used by the alias of the domain. The collection of these aliases would then recover as much information as possible (names, addresses, phone numbers, e-mail) on the owners of fields via type queries WhoIs (link).

It is then possible to see if the owners are on social networks and establish an operation of "social clouding" of their knowledge while recovering the pictures to pass such a study morphopsychology (link).

It is also possible to retrieve other sensitive information like keys PGP / GPG (link), occupations of the persons concerned and other information yet. Ideally, this tool allows for multiple different kinds of information to best prepare for an attack targeted social engineering (link).