How I got access to soap through Social Engineering

[DronVR]

How I got access to soap through Social Engineering

Now I don’t remember exactly what year it was, in my opinion 2015 may be earlier, I stuck at the computer, as my friend knocks on me, asking - "urgently need to crack the soap." According to his story, I realized that this is a matter of life and death, good and evil, well, as it usually happens. Since there was nothing special to do, I decided to get down to business, although I personally do not really like everything related to social services. networks, mail and other shit.

As everyone trumpets, a good start to hacking is a lot of useful information, here I agree, the information is never redundant. Therefore, first of all, I asked about everything that my friend knew about the victim, he laid out to me the whole background, links to pages in the social. networks, phone number, date of birth, etc., in general, everything that he knew.

Ok, a start has been made. First of all, I rushed to the website soap.com =) and decided that it was worth trying to find the answer to the secret question, but the dick swam there by clicking on the treasured button " I forgot password "I was asked to restore access to the SMS, which was tied to the victim's number. Bummer ...

But it was too early to give up, as the best hack is hacking the person himself, and he is more accommodating than authentication systems. Having picked up the phone and inserted a new SIM card bought from gypsies, I cut the VK page, a very nice and stupid girl (in order to cause more trust). After 2 cigarettes and 1 cup of coffee, the page was washed down, with cute pictures, cool, vanilla statuses and other chips. The task remained - to make contact with the victim.

After thinking a bit about how and what is best to do, I decided to study the victims ’VK and saw a very interesting thing, its phone number was not hidden and was visible to all users. This is in our favor. I quickly run to - soap.kom clog the victim’s soap, write victim@map.kom and press - “I forgot the password”, as usual they suggest me to enter the code with SMS, which I agree to. As soon as I sent the code to the victim, I returned back to the social network and decided to make contact with it. Having turned on a complete fool, which was what my character was aiming for, I write this message to the victim:

- "Hello, excuse me, please, I wanted to register by mail, but I entered the phone number incorrectly, I made a mistake with one number. I was lucky that I found you in Google by phone number. Could you name this code so I can log in to mail and bind your phone? " - the text was something like this.
And then the crucial moment came whether they would send me or write the coveted numbers. As a result, after a few minutes, the victim wrote me a code from SMS. What I began to praise the victim in order to lull her vigilance - " thank you very much, you really helped me out, there are still responsive people . "In principle, access to soap was obtained and successfully transferred to a friend that he asked for it. I do not know the further fate of the soap and what was needed there, too.

Well, I got a reward for hacking and invaluable experience in obtaining access to soap using SI techniques. Hope you enjoyed it.

(c) deeptoweb