BANGALORE INSTITUTE OF TECHNOLOGY

DEPARTMENT OF COMPUTER SCIENCE AND

ENGINEERING

Pen-Testing using Social Engineering

Techniques
Presented By

NAME USN
Suchith Narayan 1BI14CS160

Under the guidance of

Prof. Hemavathi P
Asst. Professor
BIT Bangalore
 Introduction
 Literature Survey
 Problem Statement
 Flow Diagram
 Types of Attacks
 Techniques Used
 Applications
 Reference
 Technology has made some fraud more difficult to
commit, however it has created all sorts of new
opportunities for adaptable fraudsters.
 Social engineering is an attack vector which involves
manipulating the human element into breaking security
procedures.
 It is the art of convincing people to reveal confidential
information.
 Generally requires very little to NO technological or
security knowledge.
 The very strongest security can be overcome by a
clever social engineer.
 In order to protect their networks, IT security
professionals need to understand social engineering,
who is targeted, and how social engineering attacks are
performed.
 Source,
Title Author Contribution
Year
Going White Hat: Security Zrinka Lovrić IEEE, 2016 Types of attacks and attack phases
Check by Hacking Švehla, Ivan
Employees Using Social Sedinić, Luka
Engineering Techniques Pauk
An Analysis of Social Ana Ferreira, IEEE, 2015 Phishing Methods
Engineering Principles in Gabriele Lenzini
Effective Phishing
Effective Defense Schemes Longfei Wu, IEEE, 2015 Extracting User credentials by Phishing
for Phishing Attacks on Xiaojiang Du
Mobile Computing
Platforms

User-Side Wi-Fi Evil Twin Omar Nakhila, IEEE,2016 Evil Twin Attack
Attack Detection Using Cliff Zou
Random Wireless Channel
Monitoring
“A method which is used to show how Social
Engineering vulnerabilities are exploited and prevent
attacks.”
 The attacker tries to gather information about the target
 The information about the target can be collected from
various resources and means, such as dumpster diving,
the company's website, public documents, physical
interactions, and so on
 Reconnaissance is necessary when targeting a single
user.
 The attacker makes the initial move by trying to start a
conversation with the selected target
 This phase establishes a working relationship with the
target.
 This is a critical point as the quality of the relationship
built by the attacker determines the level of cooperation
and extent to which the target will go to help the
attacker accomplish the goal.
 Attacker uses both information and relationships to
actively infiltrate the target
 Attacker is focused on maintaining the momentum of
compliance that was built in phase 2 without raising
suspicion
 Exploitation can take place through the divulging of
seemingly unimportant information or access
granted/transferred to the attacker.
1. Phishing
2. Vishing
3. PiggyBacking
4. Shoulder surfing
5. Dumpster diving
 Involves fake emails, websites, ads designed to
impersonate real systems with the tricking the user.
 Can target specific entities (“spear phishing”)
 Phishing over phone
 Calling the help desk pretending to be someone else
 Usually an employee or someone with authority

 Tailgating
 Someone asks you to hold the door open behind you
because they forgot their company ID card.
 Ultimately obtains unauthorized access to the building
 Someone can watch the keys you press when entering
your password

 Looking through the trash for sensitive information

 Credential Harvesting
 Evil Twin
 Target Page

clone

Cloned page

Extract login Username

Credentials Password
Redirection

Original page
 Target site is cloned, and the fake page is used for
Phishing.
 Login credentials are then extracted from the fake page.
 User is redirected back to the original site.
 A phishing based network attack.

Client Client
Client 2 3
1

AP
 Attacker creates a Rogue AP with the same name and
MAC address as the a legitimate access point (LAP)
 DeAuth frames are broadcasted to the LAP

Client Client
Client 2 3
1 Evil
Twin

DeAuth
AP
 Clients are disconnected from the LAP

Client Client
Client 2 3
1 Evil
Twin

Disconnected

DeAuth
AP
 Clients are reconnected to the Rogue AP as it has same
name and MAC address
 Attacker with phishing gains the password of the LAP

Client Client
Client 2 3
1 Evil
Twin

DeAuth
AP
Social engineering penetration testing will uncover
security weaknesses in the following areas:
 Physical security (of the entire building and particularly
sensitive areas).
 Corporate security policies connected to proper usage
and disposal of sensitive data.
 Employees' security awareness and implementation.
Sl.
Reference
No.
1. “Going White Hat: Security Check by Hacking Employees Using Social
Engineering Techniques”, Zrinka Lovrić Švehla, Ivan Sedinić, Luka Pauk,IEEE,
2016.
2. “An Analysis of Social Engineering Principles in Effective Phishing”, Ana Ferreira,
Gabriele Lenzini, IEEE, 2015.
3. “User-Side Wi-Fi Evil Twin Attack Detection Using Random Wireless Channel
Monitoring”, Omar Nakhila,Cliff Zou, IEEE, 2016.
4. “Effective Defense Schemes for Phishing Attacks on Mobile Computing
Platforms”, Longfei Wu, Xiaojiang Du, IEEE, 2015.