This is Dean Pompilio, and we are going to do a demo
for the social engineering class.
Our next tool that we're going to be looking at is called Seif
pretty interesting tool. It actually allows you to do a count enumeration or count harvesting.
what we can do is install this tool into your instance of Cali
and go to the get hub dot com website
on this website, you can do a simple search for Seif
and the one you're interested in Is this right here? Chris John Reilly
account the numerator.
So there's information here. There's documentation
and the software itself so you can go ahead and download the Zip archive
and just follow the instructions for how to get that on to your Callie system.
I've put seif into my
and we can see here that
it comes with a default account file dot text.
I'll cover that in just a moment,
main thing we weren't are concerned with as the python script saythat P y
all right, So the first thing I'd like to do is
Notice that it will tell you the current settings by default. It'll look for this account. Filed a text.
You can set a directory for all of the modules where those are located,
and what it's doing is extracting the information about all the modules and knows about.
So we're gonna go ahead and
move for just a little bit.
And what we can see here
is all the modules. So there's
things like YouTube and flicker.
There's some commerce websites,
he bay and etc. And caboodle.
get Hub even makes an appearance as a software development website.
some of the websites shown
you're able to search for a user name. Others also support searching for an email address.
So this is important because
the reason you're using this tool to begin with us to try to find out where your target
as part of your social engineering pen test,
where that target has accounts on various other systems websites.
We have all of our popular social networking Web sites here.
Yahoo hush male Gmail,
several blogging Web sites and even some gaming sites.
So this is this is useful.
Now we want to do is think about how
you're going to try to discover where your target has accounts.
So one of the first things we want to do is
at it the account file.
So I'm gonna go ahead and
and you'll notice one account per line
and we've got some some default
I can go ahead and add some more
We can also add some other ones like
again. These are just names
As part of your social engineering pen test, you would want to accumulate thes these names so that you could then
put them into this file. So I'm gonna go ahead and save that,
and what I can do now
with the help screen
so I can review some of the options
so we can specify Dash air dash dash account file for the FOB with names that we just looked at.
The dash al option or dash dash list showed all of the module names
you could specify a directory for the modules as well.
You can use a single module or you can do them by category,
So the categories are things like Commerce Forum social email Blog's ous were saw when I was reviewing the list of modules.
You can also specify
run threads. We're not gonna bother with that option for this demo.
Sometimes websites will time out when you're when the tool is trying to
to probe that looking for these accounts so you can tinker with ae ri. Try setting in order to get better results.
And another option that's useful is
showing the summary at the end of the work.
You can also save the output
into a separate file
so that you can capture this
some of the other tools that will look at, like basket and greatest.
These are tools that let you
collect all of your information as you're doing your social engineering pen test
so that you can keep all your data organized.
we've edited our file. We've got her list of names
now. What I'd like to do is
and I'm going to specify
and I'm also going to tell it were
my account file is actually, I don't need to do that, because by default, it will use the file that I've created. But if you do
want to create a different account file, you could have several of these in the same folder than you would specify that here,
option that we'd like to specify is the summary.
And I'm also going to spell
specify an output file.
Salt is called that out filed, not text,
It's like it made near there.
Oh, it's dash out, dash out. Put my mistake. Okay,
so we'll change that really quick.
Well, go ahead and run the tool,
if you want to run all the, uh,
testing all the accounts that are in this account filed out text
tells me that my category social
I'm also going to be capturing a summary, and I've got an output file specified, so I'll go ahead and click Hi, Free for yes.
And this will start to tell me because I've got a lot of names in that
in that account file.
And because the social category has a fair number of sites,
it tells me that there is going to be 288 test cases.
So as it goes through this list, which will take a little while,
we can see I've already found one account example. User exists on slide share dot net.
Otherwise we'll see some error messages. These these red exclamation points would tell us that that particular website either did not respond
properly or the the information does not exist there.
So I'm gonna go ahead and applause the recording here because this will take a little while to run.
Okay, So the script finally completed its run.
I took, uh, probably about 10 minutes by my my reckoning
so it can review the output.
All right, so if you remember, we saw that we had 288 test cases,
and as we go through the list, we can see that quite a few accounts were located
everywhere we see a green X.
So the account test user was located in several sites.
test 123 was also located in various places. Blawg spot.
We have the account. Chris. Bill. Bob,
and we see some periodic staffs reports here 25% 50% 75%. So
it gives you an idea of how long this script is? Is continuing toe work as the information's being gathered.
And then we see Kevin
being located. Kevin 12 being located.
Bill 78 also located.
So 46 total matches found,
and then the summary
then shows us which websites were
the enumeration activity.
Remember, I chose the social category.
So that will tell us the summary will tell us where these accounts were located on all the various websites.
saved this information in an output file.
So that shows the raw data again
in in a simple text file format.
So we can we can do a different test here. We know that. Let's see,
uh, the user test exists on slide share dot net.
So instead of creating an output file,
I'm gonna go ahead and move that
and going to remove category, and I can specify single
single website that I'd like to check
so I could just look at slide share dot net. Let's say
so. This is only 16 items, but maybe this particular website is interesting. For some reason, it's got
a fair number of people that were discovered there,
a fair number of identity ideas rather that would that were discovered there.
And we could already see that several of the
the names inside the account filed a text
are showing up on slide share dot net.
If you don't specify any category or any single website
category in all of the modules will be attempted.
So that's your your your widest net. If you want to think about it that way,
and then you would obviously try to narrow things down
as you get closer to identifying those websites where these particular accounts exist.
Well, let this run for just a little while longer,
just about all of the names in that
account file exists on slide share dot net.
Another thing to consider. Well, while we're doing this kind of work is the value of aggregation,
so trying to to gather little bits and pieces of information about the target
different different places on the Internet. In this case,
if this person has an account on slide share dot net and they have an account on Twitter and some other places, you might be able to infer certain information about
what kinds of interests this person has. And that could help
in creating things like phishing emails, spear phishing emails.
Okay, so that concludes the
I hope you enjoyed it. And we'll see you next time.