简介
As the clic虒h reminds us, information is power. In this ageof computer systems and technology, an increasing majorityof the world's information is stored electronically. It makes sense then that as an industry we rely on high-tech electronic protection systems to guard that information. As a professional hacker, I get paid to uncover weaknessesin those systems and exploit them. Whether breaking into buildings or slipping past industrial-grade firewalls, my goal has always been the same: extract the informational secrets using any means necessary. After hundreds of jobs,I discovered the secret to bypassing every conceivable high-tech security system. This book reveals those secrets,and as the title suggests, it has nothing to do with high technology. As it turns out, the secret isn't much of a secret at all. Hackers have known about these techniques for years. Presented in a light, accessible style, you'll get to ride shotgun with the authors on successful real-world break-ins as they share photos, videos and stories that prove how vulnerable the high-tech world is to no-tech attacks. As you browse this book, you'll hear old familiar terms like "dumpster diving", "social engineering", and "shoulder surfing". Some of these terms have drifted into obscurity to the point of becoming industry folklore; the tactics of the pre-dawn informationage. But make no mistake; these and other old-school tactics work with amazing effectiveness today. In fact, there's a very good chance that someone in your organization will fall victim to one or more of these attacks this year. Will they be ready? .Dumpster Diving Bea good sport and don't read the two "D" words written in big bold letters above, and act surprised when I tell you hackers can accomplish this without relying on a single bit of technology (punny). .Tailgating Hackers and ninja both like wearing black, and they do share the ability to slip inside a building and blend with the shadows. .Shoulder Surfing If you like having a screen on your laptop so you can see what you're working on, don't read this chapter. .Physical Security Locks are serious business and lock technicians are true engineers, most backed with years of hands-on experience. But what happenswhen you take the age-old respected profession of the locksmith and sprinkle it with hacker ingenuity? .Social Engineering with Jack Wiles Jack has trained hundreds of federal agents, corporate attorneys, CEOs and internal auditors on computer crime and security-related topics. His unforgettable presentations are filled with three decades of personal "war stories" from the trenches of Information Security and Physical Security. .Google Hacking A hacker doesn't even need his own computer to do the necessary research. If he can make it to a public library, Kinko's or Internet cafe, he can use Google to process all that data into something useful. .P2P Hacking Let's assume a guy has no budget, no commercial hacking software, no support from organized crime and no fancy gear. With all those restrictions, is this guy still a threat to you? Have a look at this chapter and judge for yourself. .People Watching Skilled people watchers can learn a whole lot in just a few quick glances. In this chapter we'll take a look at a few examples of the types of things that draws a no-tech hacker's eye. .Kiosks What happens when a kiosk is more than a kiosk? What happens when the kiosk holds airline passenger information? What if the kiosk holds confidential patient information? What if the kiosk holds cash? .Vehicle Surveillance Most peopledon't realize that some of the most thrilling vehicular espionage happens when the cars aren't moving at all!
目录
Chapter 1 Dumpster Diving ..................................... 1
Introduction to Dumpster Diving ................................. 2
Chapter 2 Tailgating .............................................13
Introduction to Tailgating .................................... ... . 14
Dressing the Part ............................................ 17
Real-World Tailgating Exercise .................................. 24
Chapter 3 Shoulder Surfing ..................................... 27
What is Shoulder Surfing? ..................................... 28
Outside of the box .......................................... 30
Great Locations for Should Surfing. ................................. 33
Electronic Deduction ............................................ 39
Killer Real-Life Surfing Sessions ................................... 47
Military Intelligence ....................................... 47
Airliner Espionage ...................................... ...50
Robbing a Bank ................... ....................... 53
Robbing Banks in Uganda, Africa..... ......................... 58
Chapter 4 Physical Security .......................................61
Introduction ................................................ 62
Lock Bumping ................................................ 62
Shimming Padlocks (With Deviant Ollam) .......................... 63
Master Lock Combo Lock Brute Forcing .......................... 67
Toilet Paper vs. Tubular Locks .................................... 72
Electric Flossers: A Low-Tech Classic ............................. 73
Laptop Locks Defeated by Beer (With Matt Fiddler and Marc Weber Tobias) .. . 75
TSA Locks (With Marc Weber Tobias) .............................. 78
Gun Trigger Locks vs. Drinking Straw (With Marc Tobias and Matt Fiddler) ... 80
Entry Techniques: Loiding (aka the Old Credit Card Trick) ............... 83
Entry Techniques: Motion Sensor Activation ........................ 87
Bypassing Passive Infrared (PIR) Motion Sensors ..................... 90
Camera Flaring ............................................. 92
Real World: Airport Restricted Area Simplex Lock Bypass .............. 96
Chapter 5 Social Engineering: Here's How I Broke
Into Their Buildings ........................................101
Introduction ................................................. 102
How Easy Is It? ............................................... 102
Human Nature, Human Weakness ................................. 105
Hello? Is this thing on? ...................................... 106
The M ind of aVictim .......................................... 108
"Social engineering would never work against our company!" .......... 108
What Was I Able to Social Engineer Out of Mary?'................... 110
The Final Sting ............................................ 110
Why did this scam work? ..................................... 111
Countering Social Engineering Attacks ............................. 112
Be Willing To Ask Questions .................................. 112
Security Awareness Training ................................... 113
Posters......................... ............... 113
Videos............................ .......... 115
Certificates............................................... 117
Chapter 6 Google Hacking Showcase .............................121
Introduction to the Introduction .................................. 122
Introduction ................................................. 122
Geek Stuff ................... ............................... 123
Utilities ................................................... 123
Open Network Devices ...................................... 128
Open Applications .......................................... 137
Cameras ..................................................... 143
Telco Gear ................................. ....... ........... 153
Power ..................................................... 160
Sensitive Info ................. ........................... 166
Police Reports .................................... 175
Social Security Numbers .......... ........................ 179
Credit Card Information ...................................... 185
Beyond Google ............................................... 190
Summary ........................... .. ....... .............. 195
Chapter 7 P2P Hacking ........................................197
Understanding P2P Hacking ...................................... 198
Real World P2P Hacking:The Case of the Naughty Chiropractor .......... 212
Chapter 8 People Watching .....................................217
How to "People Watch".......................................... 218
Chapter 9 Kiosks ................. ............................227
Understanding Kiosk Hacking .................................... 228
Real World: ATM Hacking ....................................... 239
Chapter 10 Vehicle Surveillance ..................................245
How Easy Is Vehicle Surveillance? ................................. 246
Chapter 11 Badge Surveillance ...................................259
Where Are Your Badges? ..................................... 260
Electronic Badge Authentication ................................ 264
Real World Badge Surveillance ............... .. .... ............ 266
Epiloque Top Ten Ways to Shut Down No-Tech Hackers ............. 273
Go Undercover ............................................... 274
Shred Everything .............................................. 274
Get Decent Locks ............................................. 275
Put that Badge Away ........................................... 276
CheckYour Surveillance Gear ..................................... 276
Shut Down Shoulder Surfers ...................................... 277
Block Tailgaters ............................................... 277
Clean your Car ............................................... 278
Watch your Back Online ..................................... 279
Beware of Social Engineers............ .... ................... 279
- 名称
- 类型
- 大小
光盘服务联系方式: 020-38250260 客服QQ:4006604884
云图客服:
用户发送的提问,这种方式就需要有位在线客服来回答用户的问题,这种 就属于对话式的,问题是这种提问是否需要用户登录才能提问
Video Player
×
Audio Player
×
pdf Player
×
