Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

My first Social Engineering hack


ghost's Avatar
0 0

2 words : OMG Easy!

I just got the username and password of 7 people in my Novell login :).

How did I do it?

Well, yesterday, i had this Jazz club meeting where the teacher asked for the e-mail adresses of the members. I just copied some of the e-mails on a sheet of paper and went to my house. Then, I made a fake hotmail account like this : NAMEOFMYSCHOOL_Admin@hotmail.com. After that, I created a fake message saying that there were some errors in the school database and some accounts were delleted by mistake, so they needed to send their names, their user-names and their passwords! Easy!

That was pretty cool! Now i can do unauthorized in their accounts muhuhahah :P.


ghost's Avatar
0 0

Wow thats pretty cool but you're telling us that you made "NAMEOFSCHOOLHERE_admin@hotmail.com? and they believed it?

Wow they must be pretty dumb


ghost's Avatar
0 0

@Darth_Pengo: Albert Einstein ounce said, "There are only 2 things that are infinite. The universe, and the stupidity of the human mind, then there are the former." That being said I will continue with backing that statement up..

I was on AIM one day and got bored, and I was reading Kevin Mitnicks' "The Art of Deception". So I decided to try and social engineer some passwords off some kids I kno from school.

I created an account that was supposed to represent a bot created by AOL to help keep usernames and passwords while doing a "database transfer."

Here is the exact message I sent to these 20 students. (Out of the 20, 16 replied with the information asked for): Hello AOL User! Here at America Online we are always striving to make using our appliances easier and fun! Starting August 31, 2005 the database of screennames currently registered will be moved over to a more secure database. All screennames who do not reply to this message will be terminated and will have to re-register. Please reply with your screennames(s) and the password(s). You will be added immediatly to our new database! When replying with your screenname(s) and password(s) please use the following format: Username: user Password: password Thanky you very much, the AOL Staff!

As you can see I used a very stupid yet beleavable tactic to retreave the information in question, and got it. No questions asked, they just supplied the information..


ghost's Avatar
0 0

lol, i did something like that to my school, but i first needed to get the admin to reply to one of my messages because of certain signature's and special qualities that staff members use in their e-mail. Next, I had spoofed an e-mail that was sent to all staff members as administratorsname@schooladdress (the Groupwise account) and they replied back, like the idiots they were, with their skyward usernames/passwords, which allowed me to get access to gradings/etc. This was also fun once i got a copy of school announcements sent to me from one of my other friends (that's some great sh*t). The one thing that i want to accomplish most in my school is finding a way to get control over the board in front of my school that has scrolling messages (oh, the fun I could have :D).


ghost's Avatar
0 0

Ooooh! That would be awesome! I wish I could somehow edit those school messages!


ghost's Avatar
0 0

Those bulletin boards are usually controlled by janitors, and it is not over the internet, or the school network. there is a debug mode in the board that allows quick message altering for janitors.

search google for more information..