Содержание
- 2. Agenda Introduction Things are changing... Part I – Finding info Demo Interlude Part II – uses
- 3. Introduction Who I am? Roelof Temmingh Completed Bachelor's degree in Electronic Engineering Started SensePost with friends
- 4. Think deep...introspection Why do we hack? No...I mean...really... “See if it's safe because I bank there”
- 5. Things are changing (at least from the outside) When last did you fully own a box?
- 6. Job security - NOT! Company X asks for a external security assessment. Company X has one
- 7. Hacker's 6th sense People regularly ask me - what can you find out about...? ... without
- 8. People always ask me... Non-tech people ask “what can you tell me about this: Email address
- 9. Part I – relationship collection The thinking behind the framework Step 1: What can you tell
- 10. Part I – relationship collection Thinking behind the framework Entity or Entities -> Transform -> Entity
- 11. Part I – relationship collection: Transforms Transforms are: (as of 3 April 2007): /core/transforms roeloftemmingh$ ls
- 12. Part I – relationship collection The thinking behind the framework Transforms - “who can do anything
- 13. Transforms Some really easy examples DNS name -> IP number(s) IP number -> DNS name Domain
- 14. Transforms tel -> email Some more interesting examples: Consider Telephone number -> email address How would
- 15. Transforms: tel- > email Assume the number is +27 83 448 6996 =~ 083 448 6996
- 16. Transforms – confidence levels Same goes for First Name/Last Name Results on search query for “Roelof
- 17. Transforms: factors when sorting by relevance Frequency of the parsed result If, after parsing, I get
- 18. Transforms : using Google So, for each “fuzzy” search (where relationships are not 1:1) I can
- 19. Dragos & Ursu ;) cansecwest->pacsec/eusec->dursec->kyx.net->dragos.com (http://guestbook.husi.ro/index.php?page=18) -> Ursu Dragos (ursulet@dragos.com) ...With all the gritty details inbetween
- 20. Applications a.k.a So what?? For conventional security: Stock standard footprinting (DNS, IPs, domains etc) Nice for
- 21. Applications a.k.a So what?? Is abc.com a phishing site? Domain -> email addresses at domain ->
- 22. Applications : more interesting stuff Who at the NSA uses Gmail? Domain -> telephone numbers Telephone
- 23. Even more applications In which countries do the USMC have bases in? Domain -> Sub domains
- 24. OK..so he's 49 and into pot
- 25. Demo http://www.paterva.com
- 26. Hold your horses ...a.k.a 'but this is BS' “...my mother/grandma can't even operate a mouse...” Not
- 27. Interlude You are : the information you publish the information others publish about you your associations,
- 28. Collecting your search terms Recently AOL 'lost' a couple of search terms (well OK 20 million
- 29. Collecting your search terms If we control the infrastructure of a network we can Redirect outgoing
- 30. Collecting your search terms I run a super secret project called Sookah. I don't ever want
- 31. Collecting your search terms
- 32. A different thought Your life story in no more than 5 pages ...A.k.a your resume' Once
- 33. Part II : Using the information Hackers are not good at applying information. They are devious
- 34. Using the information Hit & run Spoof email from the FD to employees (& Bloomberg) stating
- 35. Using the information Back to company X Let's assume we create a 'information footprint' of X
- 36. Using the information Personal online identity theft If these people don't have a strong online presence
- 37. Using the information: identities are grown, not born People don't appear from nowhere We need to
- 38. Using the data Starting a campaign Now that I am you and your board I need
- 39. Coming soon to blog near you: automated comments /code/autosent roeloftemmingh$ perl generate.pl data-disagree/ I don't understand
- 40. Go watch “Wag the dog” again... ...but think of the Internet of today.
- 42. Скачать презентацию