Social Engineering - Christopher Hadnagy [4]
To my son and daughter, I cannot express enough gratitude for your support, love, and motivation. My hope is that my son and my little princess will not have to deal with the malicious, bad people out in this world, but I know just how unlikely that is. May this information keep you both just a little more secure.
Paul, aka rAWjAW, thanks for all your support on the website. The thousands of hours you spent as the “wiki-master” paid off and now we have a beautiful resource for the world to use. I know I don’t say it enough, but “you’re fired!” Combined with the beautiful creation of Tom, aka DigIp, the website is a work of art.
Carol, my editor at Wiley, worked her butt off to get this organized and following some semblance of a timeline. She did an amazing job putting together a great team of people and making this idea a reality. Thank you.
Brian, I meant what I said. I am going to miss you when this is over. As I worked with you over the last few months I began to look forward to my editing sessions and the knowledge you would lay on me. Your honest and frank counsel and advice made this book better than it was.
My gratitude goes out to Jim, aka Elwood, as well. Without you a lot of what has happened on social-engineer.org as well as inside this book, heck in my life in the last couple years, would not be a reality. Thank you for keeping me humble and in check. Your constant reality checks helped me stay focused and balance the many different roles I had to play. Thank you.
Liz, about twelve years ago you told me I should write a book. I am sure you had something different in mind, but here it is. You have helped me through some pretty dark times. Thank you and I love you.
Mati, my mentor, and my achoti, where would I be without you? Mati, you truly are my mentor and my brother. Thank you from the bottom of my heart for having the faith in me that I could write this book and launch www.social-engineer.org and that both would be good. More than that, your constant counsel and direction have been translated on the pages of this book to make me more than I thought I could be.
Your support with the BackTrack team along with the support of the team at www.offensive-security.com have transcended all I could have expected. Thank you for helping me balance and prioritize. My achoti, a special thanks to you for being the voice of reason and the light at the end of some frustrating days. With all my love I thank you.
Each person I mentioned here contributed to this book in some fashion. With their help, support and love this book has become a work that I am proud to have my name on. For the rest of you who have supported the site, the channel, and our research, thank you.
As you read this book, I hope it affects you the way writing it has affected me.
Albert Einstein once said, “Information is not knowledge.” That is a powerful thought. Just reading this book will not somehow implant this knowledge into your being. Apply the principles, practice what is taught in these pages, and make the information a part of your daily life. When you do that is when you will see this knowledge take effect.
Christopher Hadnagy
October 2010
Chapter 1
A Look into the World of Social Engineering
If you know the enemy and know yourself you need not fear the results of a hundred battles.
—Sun Tzu
Social engineering (SE) has been largely misunderstood, leading to many differing opinions on what social engineering is and how it works. This has led to a situation where some may view SE as simply lying to scam trivial free items such as pizza or obtaining sexual gratification; others think SE just refers to the tools used by criminals or con men, or perhaps that it is a science whose theories can be broken down into parts or equations and studied. Or perhaps it’s a long-lost mystical art giving practitioners the