Time
52 minutes
Difficulty
Intermediate
CEU/CPE
1

Video Transcription

00:00
Hey, everyone, welcome back to the course. So in the last video, we wrapped up our discussion on reconnaissance. We kind of learned the different areas that we can encompass inside of reconnaissance or foot printing or information gathering. And in this video, we're gonna go ahead and take a look at a fake social media profile. So I'm gonna be using the cyber lab environment for this particular lab.
00:20
However, if you don't have access to that, what you can do is just pull it like your own
00:24
social media profiles and take a look at the information that you're exposing to the world as well as you can look at. You know, your friends of families on DSI, what kind information they're sharing. One thing to note is, a lot of people will leave a lot of things unsecured, so you'll be ableto in most social media profiles, especially on Facebook. You be able to see
00:41
people's fun owes. You might see their date of birth phone numbers, email addresses.
00:45
You could see a lot of stuff if you look in their timelines a ce faras like information they're talking about like Hey, I always eat at this restaurant or, you know they'll attack other people. Or they might say, Oh, yeah, my car broke down yesterday. So a lot of stuff people are sharing out there. So as a as a attacker,
01:03
there's all sorts of good information that you can use. Some of it's not relevant. Some of it is, you know, But we're gonna take a look like I said at a
01:08
fake social media profile here and just kind of see what kind of information this fake person is sharing with the world.
01:15
So, as I mentioned, we're gonna be using the cyber lab environment. So I'm gonna be looking for the CH prep lab. Essentially eyes what they are, but it's a certified ethical hacker. Labs the easiest way in the catalog to find it is actually just typing in C. E. H and then searching for that.
01:32
And then you'll notice 1/3 option down. It's a lab we want to use. It's the certified ethical hacker
01:36
CH labs by practice labs,
01:38
and that's basically just a bundle of lab. So just go ahead and click on that and then select the launch button,
01:44
and it's a bundle of different labs to help you prep for the CH exam. For our purposes, we're just gonna actually choose one particular lab in there. So next just click the launch item button that's actually gonna launch the lab environment for us. So while it's doing that, let's go back to our lab guide here.
01:59
By the way, these lab guides are always in the resource is section of any of my courses that I participate in.
02:04
And so there's other documents in there as well. Be sure to go to that section of the course, download all that stuff. It's it's really intended to help you learn things better. And then these step by step lab guides are intended to help you. So that way, if I go too fast or if I go too slow because you know my pace may not be the perfect place for everyone, but I try to get the masses, so to speak,
02:24
the pace that works for the massive there. So
02:28
use this lab guide, go through it, pause the video if you need to. If you feel I go too slow or that I go too fast, just pause the video. Use the lab guide and go through like that.
02:38
The other thing will General generally have the resource is sections are like, you know, study guides, maybe some quiz questions. Power point presentation. So really, just trying to give you as much information as we can to help you along and learning these different areas.
02:52
So once you've launched this lab environment, so again, it's going to be the the ethical hacker Practice labs. Once we've launched that, we're gonna look for the social Engineering Reconnaissance Lab. So just scroll down the page here a little bit and you'll see that it will be down here. Um, you almost near the bottom.
03:07
You'll also notice that there's a social engineering attack lab listed here. We're not using that in this particular course, but just be aware of that. Just make sure you're clicking on the right social engineering lab. So again, social engineering reconnaissance is what we want there.
03:23
So go ahead and click on that. You'll see a start button, then just click on the start button there that's gonna actually launched this particular lab for us. You'll notice we have several virtual machines here, but most of them say off by default. We're just gonna go ahead and next we're gonna turn these on. So the way we do that, we just cover our mouths over top of them and select the power on option.
03:40
That'll start booting all of them up,
03:44
and it's gonna take a couple of minutes, usually to boot all these up. So I'm gonna briefly pause the video and use of magic of fast forwarding. And once they've come up, we'll start with the rest of the lab.
04:01
All right, So you noticed that all of my virtual machines have turned on all of them have that magical green button that says on yours Looks should look the same way. If you're still got some booting up, just go ahead and positivity and just wait until years. Fully Buddha, Like I said, it takes about a minute or two, depending on how fast your system is in your connection is.
04:17
In my instance, it took roughly around 45 seconds to a minute, too,
04:23
to boot him up, and that's kind of the common rough time for him there.
04:27
All right, so once all of your virtual machines are booted up, the next thing we're going to do is select the Windows 10 machine, which is this P lab win 10.
04:35
So we're just gonna go ahead and click on that machine there, and that'll boot up that desktop screen for us,
04:42
and sometimes you'll get a splash of a command box in the background there. We're just gonna give that a second or so to see if it does that or not. But what we're going to do in the next step of the lap here, step five, you'll see it splashed briefly in the background. Uh, we're gonna open Internet Explorer,
04:57
and then we're gonna go to this. You are l So the H T T P Colon for its last Ford slashed my book. That's actually the
05:01
the court unquote fake social media website for us.
05:05
So let's go and do that now. So we're just gonna launch Internet Explorer from the taskbar here.
05:11
And then we're just gonna go to http Colon force eyes forward slash my book. So I'm gonna be a little lazy here and just take out intranet and then type in my book. You can type in the whole thing again if you want to, but for our purposes, we're just gonna type that in just like that,
05:26
it's going to take just a few seconds. Risotto actually pull up the site. I will note that sometimes
05:31
the site in the lab itself goes a little slow. See, you might notice that as we kind of go through it, that it might take a moment to kind of scroll down and do some other things in the lab. And that's normal in this particular lab. That's that's the kind of unexpected thing. So just be mindful of that. And part of that's related to the security of features in place, too.
05:50
Help prevent me against becoming nefarious and
05:54
doing other things that I should not do in this particular sandbox.
05:59
So we've pulled off the page here. Let's go back to our step by step. That guy didn't look at the first things we should be taking a look at in this particular fake profile.
06:08
So we see. Of course. You know here. Yes, we do. See Philip Nomad. So a couple things we want to look for him. We want to see how many followers does he have.
06:15
Does he post pretty often and is he married? Is there any indication that he might be married. So those were three questions we're gonna answer on this particular page,
06:24
So let's take a look. So number one How many people were following him?
06:28
Well, we see right here. That's kind of right in our face. Right? We see 1325 people following him. All right, Cool.
06:33
So let's scroll down. Now. We want to see if you post pretty frequently or not.
06:38
So we scrolled on his timeline here. We're gonna take a look. So we see a post their looks about 15 minutes ago. Or so
06:46
Let's keep scrolling down here a little bit.
06:48
All right, so we see it looks like he posted yesterday
06:54
and maybe a couple of post yesterday Looks like. Okay, so I would say, even though we can't see, like, hundreds of post in here, we have a generalized idea that he does pose pretty frequently. Um, and maybe he doesn't m burst. Right? Maybe he doesn't like every Friday or something. He he posts, you know, a whole lot. And then he takes a break for a couple days or whatever.
07:12
So we don't really know that information, but we do so that
07:15
at least in the past couple of days, he's posted pretty frequently.
07:18
Now, that last question there is Is he married? Right? Is there any indication that he's married? So let's come back up to the our first post here, and we're just gonna screw it on a little bit and take a look. And do you see anything that indicates he might be married or not?
07:33
All right. Yeah, that was That was pretty easy, right? We see. Hey, I can't believe I've been married to my beautiful wife. You know, Nina for, you know, two years now. So obviously he's married at least of the timing of this video. Maybe he'll get divorced in the future. We don't know that's outside of the scope of this course. All right, so we've taken a look at that. Let's go back to our step by step. Glad guide.
07:53
Are so next we're gonna go ahead and look through the various photos that he's posted here. And I do want to mention that the background of these photos might indicate where he's been, too. Right? So our questions around those posts, though, ours We're gonna take a look and see. Has anybody else commented on his post? If yes, you know. Who are those people?
08:09
The next question. Does he have Children? If Yes, what are their names?
08:13
And then we're just gonna take a look at some of the other posts that he's posted there and see what other information we get.
08:20
So it's going to take a look, those different posts. So we do see as when we look at the first post here. We do see that other people are posting already. Um, so we also see we kind of going back to the second question there. We see that they're asking when the baby's due.
08:35
So it doesn't really tell us, like, does he do They actually have Children right now, but they may be, are pregnant like his wife might be pregnant or
08:43
this might be friends just kind of like trying to pressure them. You know, it's a lot of people probably due to pressure you into having Children, right, so pressuring them into into having Children. So we don't really know for sure if they have Children, as of right now or if they're expecting, but we do see that you know, they may potentially be pregnant or
09:01
they're friends might be trying to encourage them. Or there might be some plans in the future of the near future of having
09:07
Children.
09:07
I'm gonna pause a video briefly here were to pick things back up in the next video. I always like to keep things under 10 minutes. That way, if you're at work or some like that, you can quickly grab a video or two on your lunch break. Someone a pause, a video here in the next video. Continue on with this lab on. We will probably wrap it up in that video. We may have to do one more, depending on how long we take
09:26
with how much extra Burbage I throw in here.
09:28
I so look forward to seeing you in the next video.

Up Next

Online Reconnaissance

In Online Reconnaissance, Ken Underhill goes over the gathering of data through reconnaissance-related labs, with a primary focus on open-source intelligence (OSINT). He walks you through a social media profile analysis lab and a whois lab to give you a hands-on overview of information gathering.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor