Time
2 hours 37 minutes
Difficulty
Beginner
CEU/CPE
3

Video Transcription

00:01
Hey, everyone, welcome back to the course. So in the last video we covered re kon en G
00:05
in this video, where to go over social engineering. So we'll do some reconnaissance on a particular target in this video. And then in the next video, we'll go ahead and do a sample phishing attack on our target.
00:17
So let's go ahead and get started. Now. You will need a cyber, a lab environment for both of these labs. So if you don't have that, you may be able to set this up on your own side. What you could do is just look at yourself social media accounts.
00:29
So let's go ahead and get started. So we should be loved in the cyber or lady or ready. That's why we were able to a few the course. But what we're going to do next to select catalogue of the top I've already done that. So now I have the search box on the left side here.
00:41
We're just gonna type in ethical hacking. Now, if you're the using the latest version of the cyber website, you should see a search box at the top. You could just type ethical hacking in there, and you should see the lab's pull it for you.
00:52
So for me, I'm just gonna type in ethical hacking.
00:55
It's going to take a moment so it's gonna pull up everything. Ethical, hacking related.
00:59
What I'm looking for is this certified ethical hacker C E H practice laps. So that's what we want.
01:06
So once you find that, go ahead and click the start Now button, that's gonna go ahead and launch the lab environment for us.
01:11
But while it's doing that in the background will go ahead and take a look at her lab document.
01:15
So we just did step number four here and step number five. So we went ahead and launched her lab environment. Once we have found it
01:23
the next step here, we're gonna look for the social engineering reconnaissance lap. So it's down near the bottom of the list here,
01:30
so let's go ahead. Scroll down is take a look for it.
01:36
All right, so we see it's right here. Now you'll see mindsets complete, obviously, since I've gone through it already, but you're should just say social engineer and reconnaissance. Once you find that, go ahead and click on it and click the start button.
01:48
The next step is we want to turn on all of our virtual machines. So we see him all listed here. So go ahead and have your mouths over each one
01:55
and just click the power on option.
01:57
So it's going and click after all of them and might take a few seconds herself for them to pull up. Depending on your connection speed, it might take a little more time than that. So anywhere you know, up to I'd say the longest I've ever seen. That do is like 20 seconds, so it shouldn't take too long, but eventually it should boot up for you. Now all of these will turn green once that particular machine is booted up.
02:15
So, for example, you see the Cali box right there is on No,
02:19
and it shows in green.
02:22
So we'll give that a few more seconds for soda boot all the way up.
02:25
So it's come back to our lab documents. So
02:29
we've went ahead and we clicked on social engineering reconnaissance. We click the start button, actually launched our lab environment here. We're turning on the virtual machines right now. We just have a few more left to do,
02:38
and the next step here is actually choosing one. That's party on soapy lab. Win 10. So let's go ahead. Just click on that one. The way we do that, it's just clicking our mouse on the name
02:46
that'll pull up that lab Environment Force now might take a moment suffered to connect to the machine. And then also, you may see it running some different things in the background there. But we'll give it a second or so. Here.
02:58
It's taking a little longer than usual. Will give us some time to pull up. There we go.
03:02
All right, so you see it pulling up in the background there now.
03:06
Weird step number 10 of our laps. So step number 10. We're gonna open Internet Explorer from the task bar, and then we're gonna type in this. You are l right. Here's those http. Colon forward slash forward slash my book. Now, this is a fake u R l So this is something designed inside the lab environment. So don't worry about any criminal aspect here
03:24
unless it's illegal in your country to do any type of penetration. Testing stuff related,
03:29
um, but otherwise that should be fine for you to use.
03:32
So we're gonna take this year, Ellen the address bar once we launch Internet Explorer. So let's go and do that now.
03:38
So just launched Internet Explorer,
03:40
and that is type in their http colon force last four slash my book.
03:46
Just press and turn the keyboard. Take a minute. Let me take a moment or so for the site to actually pull up for you. Once it does, you'll see it looks like this with a guy named Philip
03:55
in the background there, as well as a picture of a dog and some other things. We'll take a look at some of these in just a moment.
04:01
Let's go back to our lab document.
04:04
It doesn't mention you see Philip there in the background.
04:06
Take a look at his page. So I want you to answer these three questions. So number one. How many followers does Philip half.
04:15
So let's take a look back here and to see if we notice where the followers are.
04:18
All right, so you'll see that Philip has 1325 followers. So we see right there that that many people follow him.
04:26
Let's go back to our lab document.
04:29
All right. Question number two. Just Philip Post frequently. So just see Postal Waters have been a while since he's posted.
04:33
So let's scroll down a little bit here,
04:35
and we'll see what kind of items we find. So we see. Looks like he posted something 15 minutes ago.
04:44
Yeah, well, keep scrolling down the page here, and we'll see. Okay, It looks like he posted yesterday. So you're just based off that? I think he's posted pretty frequently.
04:54
All right, so we're just gonna go back at the top now, we'll take a look back at our lab document.
04:58
So question number three is Philip married? That's a good question.
05:01
So we do see somebody in the background there with him.
05:04
So let's take a look and see. So what? Scroll down a little bit here.
05:10
Oh, yeah. Look at that. So it looks like Philip put a post that Hey, he married his beautiful wife.
05:15
So it's been two years since I got married. So yes, he is married. So that answers Question number three for us.
05:19
All right, let's keep moving through our lab document.
05:23
So now what? I want you to do is look at the various photos that he's posted. So it is posted various photos.
05:28
Now,
05:29
let's take a look and see, you know? So we look at this and we say, Okay, well, the photos themselves make tales. Tell us some things. Right? So we see here that he's gotten married, and maybe they went toe some kind of Laker a beach or something when they got married. As we keep scrolling through his photos, we see other information, you know, we see the kind of clothing he wears. We see what his wife wears.
05:47
We even look and see what his friends were, right.
05:51
So question number four has anyone else coming up. Phillips Post. You know, the answer to that is of course, yes. And then, you know one of their names. So you go through the different post and find out the names of the individuals. So we see. Like Linda and Sophia, for example, on this post,
06:08
let's go back to our lab documents. So question number five just Philip have Children. If yes, what are their names?
06:15
And then we're taking on that question number six. So keep scrolling through the different post by Philip. Is there any other East useful information that you see?
06:25
So let's go back to a top here. We'll keep screwing the post to see if Philip has any Children. It'll.
06:33
So when's the baby due? So it might indicate that maybe they're pregnant, right? But it doesn't seem like they have any Children right now. We'll keep going through the post, but it doesn't seem like Philip and his wife have kids right now, but it seems like maybe they are expecting. Or maybe they're planning for a baby right now.
06:49
All right, so that's all the post I see. So it looks like they don't have Children right now, but they might be planning for Children or have one on the way.
06:58
Okay,
06:59
So what other information that might be beneficial. You noticed that I was scrolling there. The last post was about Philip's car breaking down. So what I could use there is I might be able to find out his repair shop and then from there, call the repair shop, find out what kind of work he had done, and maybe even just, you know, attack the repair shop. You know, a lot of small businesses knows to cure their data.
07:17
So maybe I could find out information about Philip through that avenue as well.
07:24
All right, we're now we're under step 14 here. So we're gonna click on the about tab at the top of the page, and I want you to check and see if you notice any from personal information about Philip.
07:34
So it's cookout about. We'll see if you notice any personal information about Philip.
07:40
All right. So I immediately do s o I C, that we've got a date of birth and a phone number in there as well. It's educational and work information.
07:49
All right. So Step 10 we see Philip works as a software engineer. So again we could connect with them like a social media and say that we're a software engineer is well, we also see past employers. So again we might be able to locate information. He's doing so like articles. He's published project. She's working on even patents that he's a part of. So that's good information to get
08:09
question number 89 here, Does Philip speaking languages besides English? If yes, which ones? And then also what country doesn't look like he's posting from
08:18
All right. So does he speak any other languages besides English?
08:22
So it's scrolled out to see if we notice anything at all.
08:26
All right, so, yes, looks like he speaks French beginner level, but also English is his main language on. Then it looks like he's posting from the UK.
08:35
Let's go back to our lab document.
08:37
So now what we're gonna do at the top is click on the album tap. So, uh,
08:41
we'll take a look at some of the things once we do that. So let's go back to the top here and click on album.
08:48
All right, so let's see what kind of information we find out about Philip here.
08:52
So we see some photos in the background there. We also see the Philip mentions. He's a creative director,
08:58
all right,
08:58
so as that, we might be able to assume that he's got admin level at his particular company because he's a director level type of position. Now that that's not always the case is some companies make up titles, but in most cases that might be accurate.
09:11
We also see several photos of a dog in there, so that might be in. He's actually the owner of that doc. And so that might give us a hint to his particular password because a lot of people use a pet's name in their password.
09:22
All right, so the last part we're gonna do here is just click on friends at the very top of the page here.
09:28
And what we see is we see a lot of different friends that Philip has. So what we could do is we could connect with these different people, get that information to find out more about Philip. We could say, Hey, you know, I met him on a software engineering for room. He seems like a cool guys. He married, you know, what does he do and get more information about him?
09:45
So in this video, we just talked about social engineering and some reconnaissance to do so again. That's a very good, valuable information gathering peace. In the next video, we're gonna talk about fishing so we'll talk about fishing as part of a social engineering process.

Up Next

Footprinting and Reconnaissance

This course will cover common tools used during the footprinting and reconnaissance phase of the ethical hacking testing methodology.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor