00011: Social Engineering
By: CraqhoreHello, and welcome back to another article by me, Craqhore, who loves you like God loves all his children. :)
Today, I'm going to teach you a skill that all prospective hackers, thieves, liars, politicians, and spies must know. HOW TO CALL A PROSPECTIVE PLACE OF BUSINESS AND ACT LIKE YOU KNOW WHAT YOU ARE DOING.
The answer is simple. Pretend you are calling from your congressman's office. You see, most offices which will put you on hold for hours will give you priority access if they think you know what you are talking about, i.e., are calling from a congressman's office.
To pull off this people spoof right, though, you must prepare. This involves finding out who works at the congressman's office. Just get some names and phone numbers. Next, you must evaluate yourself. If you have a deep adult voice, you can call yourself a "staffer." If you are a little child, or have a squeaky pre-teen voice, you are an "intern." Then, using *67 and a spoof name, you can call your office of choice with pleasure.
When trying to stalk someone, you can call and get personnel information very easily. Simply call and use this routine:
"Hi, I'm <spoofed name>, a <intern/staffer> at <your local Congressman's office>. <name of congress staff> is helping <your victim>, and under the Freedom of Information Act, we're required to get some background data for the casework. Is it possible you could fax us <name personal document> to <safe fax number>?"
If they say yes, you're free to go. If they say they can't, then leave the number of the congress staffer of which you speak, and invite them to call back. The benefit of this is manifold: Mostly, the threat of such an angry congress-staff will invite them to fax you the document anyway, (or email; emailing is safer because you can send them an email through an alias and vice versa). They also might flat-out refuse you and call the congressman's office back. The advantage to this is that because most congressman's offices are flooded with casework, if your victim's office calls the congress staff asking what's up with your call, they will ASSUME THAT THEIR OWN interns fucked up somewhere, and you are off the hook! Bravo!
Let's look at an example:
ME: "Hi, I'm Craq H. Ore, and I'm an intern at Congressman Tom Davis' office, for staffer Hector deLeon. We're doing some casework for a Mrs. Digital D. Arkness, who we understand works for you? Anyway- according to the Freedom of Information Act of 1974, we need hard copies of the records they give us... is it possible you could fax employment records, care of Hector deLeon, to 666-6666?"
THEM: "um, sure."
This versus:
ME: "Hi, I'm Craq H. Ore, and I'd like to speak to your Director of Personnel?"
THEM: "Certainly, please hold." <puts you on musical hold until 2129>
Also, you can call OTHER CONGRESS OFFICES and request data. Because of congressional courtesy, most congress offices know each other's staffers by name. Thus, the mention of a name like Hector deLeon would be understood by many. This mainly works near D.C., because you can call a Hill office and pretend to be a casework office; however, I would like to stress that THE ENTIRE FEDERAL MACHINE WORKS LIKE THIS, and thus you can call your local Oklahoma City federal building and pretend to be the Tulsa branch office.
Here is where it is useful to familiarize yourself with the federal lingo. For instance, Congress uses Win95 (eek!), HOWEVER it also uses a database called CRS (Congressional Research Service). The main part of CRS is called SCORPIO, and, technically, you taxpayers are not supposed to know of its existence. SCORPIO is the telnet to the CRS database AND the Library of Congress records, on absolutely ANYTHING. To complicate things even MORE, Congress has a telnet system called MIN services, which allow one to link to the CRS server. Most of these telnet services have l: <initials of the congressman>, p: goodmorning (or some other pithy phrase like "hello").
The executive branch has a similar service, for you Oklahomans who are not near Capitol Hill. Do the research yourselves. You can also call one district office pretending to be from another.The point is to exploit careless regard from one office to another. Anyway: for computer sensitive data:
YOU: "Hello, I'm <spoofed name here> calling from <local congressman or federal office near your closest urban hub>. We're having problems with SCORPIO <or other government research service>, and the maintenence people say we have a virus and need a "boot disk." Is it possible we can run an intern (staffer) up to you guys and get a copy?
THEM: Sure. ASAP?
The point is, most so-called "boot disks" are a series of disks that contain backups of EVERYTHING, from boot files to databases. And NO, these people don't have ZIP drives or anything snazzy like Linux. M$ owns their sorry ass.
Now, you have to meet these people IN PERSON. So, here's what you do: You must appear to be who you say you are.
And that's that! Of course, the MOST EVIL thing you could possibly do is to go to an office and PRETEND YOU WORK THERE.
Yipes! This has actually been done. It's surprisingly easy, and here is how:
Alternatively, you can call one congressional district office from another (they are about 10 miles from center to center here near DC), and pull the above routine. This is safer for covering YOUR butt.
I would like to advise everyone that such "Congressional Pretension" has more benefits than just stealing etc. You can use it for personal gain. Any business, etc. which you want to call to get ANY sort of information will invariably put you on hold for eternity. But NOT if you are calling from a congressman's office! And, once you get piped into the person you wish to see, you can drop the whole pretense because the receptionist will not tell the person, "This is <blank> from the congressman's office." Your intended person will just think you were next in line.
Wearing the suit and tag helps too. It helped me get out of SOOOOOO many traffic tickets. When the cops stopped me on the way home from work, I'd tell them I was running something to the nearest district office. BOOM! I was let off with a warning. One time I was stopped without it and ticketed. But I showed up to traffic court with it, and the clerk saw it with amazement. "Wow, you're an INTERN?" he said. I saw him speak to the judge before the trial. Then, I responsibly pled guilty, and BIFF! The sentence was suspended indefinitely.
It also helps with getting served in lines, and makes a great conversation opener (i.e., helps get dates.) I was an actual intern: but YOU DO NOT HAVE TO BE! All you have to do is follow the Craqhore way of pretending to be a congress staff!
Good luck, and have a great time Social Engineering!
Today, I'm going to teach you a skill that all prospective hackers, thieves, liars, politicians, and spies must know. HOW TO CALL A PROSPECTIVE PLACE OF BUSINESS AND ACT LIKE YOU KNOW WHAT YOU ARE DOING.
The answer is simple. Pretend you are calling from your congressman's office. You see, most offices which will put you on hold for hours will give you priority access if they think you know what you are talking about, i.e., are calling from a congressman's office.
To pull off this people spoof right, though, you must prepare. This involves finding out who works at the congressman's office. Just get some names and phone numbers. Next, you must evaluate yourself. If you have a deep adult voice, you can call yourself a "staffer." If you are a little child, or have a squeaky pre-teen voice, you are an "intern." Then, using *67 and a spoof name, you can call your office of choice with pleasure.
When trying to stalk someone, you can call and get personnel information very easily. Simply call and use this routine:
"Hi, I'm <spoofed name>, a <intern/staffer> at <your local Congressman's office>. <name of congress staff> is helping <your victim>, and under the Freedom of Information Act, we're required to get some background data for the casework. Is it possible you could fax us <name personal document> to <safe fax number>?"
If they say yes, you're free to go. If they say they can't, then leave the number of the congress staffer of which you speak, and invite them to call back. The benefit of this is manifold: Mostly, the threat of such an angry congress-staff will invite them to fax you the document anyway, (or email; emailing is safer because you can send them an email through an alias and vice versa). They also might flat-out refuse you and call the congressman's office back. The advantage to this is that because most congressman's offices are flooded with casework, if your victim's office calls the congress staff asking what's up with your call, they will ASSUME THAT THEIR OWN interns fucked up somewhere, and you are off the hook! Bravo!
Let's look at an example:
ME: "Hi, I'm Craq H. Ore, and I'm an intern at Congressman Tom Davis' office, for staffer Hector deLeon. We're doing some casework for a Mrs. Digital D. Arkness, who we understand works for you? Anyway- according to the Freedom of Information Act of 1974, we need hard copies of the records they give us... is it possible you could fax employment records, care of Hector deLeon, to 666-6666?"
THEM: "um, sure."
This versus:
ME: "Hi, I'm Craq H. Ore, and I'd like to speak to your Director of Personnel?"
THEM: "Certainly, please hold." <puts you on musical hold until 2129>
Also, you can call OTHER CONGRESS OFFICES and request data. Because of congressional courtesy, most congress offices know each other's staffers by name. Thus, the mention of a name like Hector deLeon would be understood by many. This mainly works near D.C., because you can call a Hill office and pretend to be a casework office; however, I would like to stress that THE ENTIRE FEDERAL MACHINE WORKS LIKE THIS, and thus you can call your local Oklahoma City federal building and pretend to be the Tulsa branch office.
Here is where it is useful to familiarize yourself with the federal lingo. For instance, Congress uses Win95 (eek!), HOWEVER it also uses a database called CRS (Congressional Research Service). The main part of CRS is called SCORPIO, and, technically, you taxpayers are not supposed to know of its existence. SCORPIO is the telnet to the CRS database AND the Library of Congress records, on absolutely ANYTHING. To complicate things even MORE, Congress has a telnet system called MIN services, which allow one to link to the CRS server. Most of these telnet services have l: <initials of the congressman>, p: goodmorning (or some other pithy phrase like "hello").
The executive branch has a similar service, for you Oklahomans who are not near Capitol Hill. Do the research yourselves. You can also call one district office pretending to be from another.The point is to exploit careless regard from one office to another. Anyway: for computer sensitive data:
YOU: "Hello, I'm <spoofed name here> calling from <local congressman or federal office near your closest urban hub>. We're having problems with SCORPIO <or other government research service>, and the maintenence people say we have a virus and need a "boot disk." Is it possible we can run an intern (staffer) up to you guys and get a copy?
THEM: Sure. ASAP?
The point is, most so-called "boot disks" are a series of disks that contain backups of EVERYTHING, from boot files to databases. And NO, these people don't have ZIP drives or anything snazzy like Linux. M$ owns their sorry ass.
Now, you have to meet these people IN PERSON. So, here's what you do: You must appear to be who you say you are.
- Dress in a suit (or dress for you ladies). SHAVE. Cut your hair.
- Print a cheap Print Shop Tag that says "FAKE NAME" "Congressional intern (staff)" Put it in plastic, pin it on and you're ready to go there.
- Go there. Go into the Hill or Federal office. The first person you will see will probably be another intern of the opposite sex. RESIST ALL TEMPTATION TO ASK THEM OUT. They invariably are sexy as hell.
- Tell the intern sex-goddess from hell you've been sent by <some congressman/district executive office> for "the boot disks."
- They will call their staffer to decipher what the hell you just said. (Did I mention their good looks are at the expense of their brain?)
- Repeat to the staffer what you just told the hairbrained intern.
- Receive sensitive disks and go.
- Go home, copy disk, return the disk to the staffer one day later. (I would advise doing this in another congressional district about 10 miles away, because if the staffers decide to follow up on your disk taking, very rare in and of itself, you're screwed.) You COULD keep the disk, which would be a bitch to them, but then pray you will never see their faces ever again.
And that's that! Of course, the MOST EVIL thing you could possibly do is to go to an office and PRETEND YOU WORK THERE.
Yipes! This has actually been done. It's surprisingly easy, and here is how:
- Wear suit and name tag.
- Call district federal office of choice, say "Hi. I'm <staffer> from <one office in district>, and we have an intern here who lives closer to your office, is it ok if we transfer him?"
- They usually will say yes. Show up, suit and all, introduce yourself, say you're new on the job, and get cracking. That's it! (he he... "cracking")
Alternatively, you can call one congressional district office from another (they are about 10 miles from center to center here near DC), and pull the above routine. This is safer for covering YOUR butt.
I would like to advise everyone that such "Congressional Pretension" has more benefits than just stealing etc. You can use it for personal gain. Any business, etc. which you want to call to get ANY sort of information will invariably put you on hold for eternity. But NOT if you are calling from a congressman's office! And, once you get piped into the person you wish to see, you can drop the whole pretense because the receptionist will not tell the person, "This is <blank> from the congressman's office." Your intended person will just think you were next in line.
Wearing the suit and tag helps too. It helped me get out of SOOOOOO many traffic tickets. When the cops stopped me on the way home from work, I'd tell them I was running something to the nearest district office. BOOM! I was let off with a warning. One time I was stopped without it and ticketed. But I showed up to traffic court with it, and the clerk saw it with amazement. "Wow, you're an INTERN?" he said. I saw him speak to the judge before the trial. Then, I responsibly pled guilty, and BIFF! The sentence was suspended indefinitely.
It also helps with getting served in lines, and makes a great conversation opener (i.e., helps get dates.) I was an actual intern: but YOU DO NOT HAVE TO BE! All you have to do is follow the Craqhore way of pretending to be a congress staff!
Good luck, and have a great time Social Engineering!
Back Next
