do you log today...?


Penetration Testing Using Social Engineering (Part 1) 

After my successful social engineering attempt at work, the District Loss Prevention Supervisor asked me if I would do some penetration testing at some of the stores in his district. I made my first attempt today and the following story tells the tale.

All names, places, titles, and work related information have been changed for the sake of security and privacy. The following article is NOT a textbook for stealing/shoplifting. The following article IS a resource for all security personnel to use as a means of training and defense against social engineering.

I decided to work a short day today so I only had time to make my attempts on two stores. I met the District Loss Prevention Supervisor (Charles) at 7a.m. in Middleville and asked him a few questions before I got started. He told me that he and a few of his plain clothed security guys had done this in the past and one of them held the record in the district for getting out the door without getting stopped with a $400 DVD player. I assumed that it must have been a while since that happened if the price was that high. What I said to him next really peaked his interest.

Isreal: "Man, I'm about to walk out that door with $4000 worth of merchandise and I'll stop and talk to a cashier on the way out."

His eyes almost fell out of his head, but the look quickly turned to one of disbelief.

Charles: "OK Isreal, lets try and be a bit more serious about this. I REALLY want to know if my people are doing their jobs."

After trying to get him to place a friendly wager on my prediction, and failing, I headed for the doors. I was wearing a black collared polo shirt and khaki pants. I didn't want to look completely like a bum, but at the same time, thought a shirt and tie would be too much of an advantage for me. I was in the center of middle-class America and wanted to blend in.

I decided I would start off by taking a quick walk around the store just to get a feel for the place, and to see how many employees were on the salesfloor. It seemed like everywhere I turned, a different employee was asking me if I needed any help so I figured I had better make my move quick and get out the door since the plan I had in mind required me to do so.

I walked into the back "employees only" area of the store behind a group (3) of people who looked like they were just arriving to work. I followed one of the girls as she was taking off her jacket so I could take a look at the coat rack. I was hoping to find an employee's work vest hanging around and I wasn't disappointed. I know that most overnighters could care less about taking them home to wash and there were plenty to choose from. I quickly checked through them for a name badge, but wasn't quite as lucky as I was hoping to be so I took the cleanest one I could find and headed for the warehouse.

As I walked down the back hallway, I took quick glances in every room looking for an emply one. I didn't find any so I asked an employee where the breakroom was and headed in that direction. I was trying to find some paperwork that I could carry into the warehouse to use as 'official company documents'. I hit the jackpot when I opened the breakroom door when I noticed that the store had a seperate room for smokers as well, so I decided that I had worked hard enough so far and I deserved a break. After a refreshing dose of a nicotine inhaler I was back on the job. A quick survey of the non-smoking break room turned up a printout of employees who were scheduled to work that day. I knew that Charles wouldn't be happy to know that it was left lying around for anyone to pick up so it was going to serve a dual purpose.

1. The printout would guarantee that Charles would chew out the stores management for letting something like that get out of their site.
2. It would function as the 'official document' that I would need to complete my objective.

I folded up my paperwork and headed for the store's warehouse. I entered the warehouse like I owned the place and walked around until I found the bins that held the backstock for the Electronics Department. I took a quick count of the computers and got the attention of one of the stockmen. His name-badge said James.

Isreal: "James, you got an empty cart anywhere back here? I've gotta take 5 computers over to the store in Vernstown." I patted the 'official' paperwork in my vest pocket so he could see.

James: "I don't have any empty carts right now, but I'll grab an empty pallet and a jack."

James walked off to get what I needed and I started taking computers down from the bins. When he returned, he helped me set them on the pallet and asked me if I needed any help putting them in my truck. I thought about it for a second but decided that I didn't want to get this specific kid in trouble and told him that I could handle it myself and I'd bring the pallet and jack back in a few minutes.

On my way to the front door, I had to take the long way around so I could avoid electronics. As I was walking past the Jewelry Department I noticed an employee heading straight for me. When he headed me off, I read his name badge: Fred 'Assistant Manager'. I stopped the pallet and waited to see what he was going to say.

Fred: "Hey um, (he was looking for my name badge)..."

I looked at my vest and put on a surprised look as I started looking for my lost badge. "I'm Isreal, I must have left my badge in Vernstown"

Fred: "Vernstown? What are you doing here?" He looked at the pallet I was pulling. "Are we TR'ing those to your store?"

I patted the paperwork in my pocket again "Yeah, the ladies in the back got me the paperwork. I'm gonna load these up and head out"

He glanced at my folded up paperwork "Good, you need me to help you with that?" I could tell that he wasn't sincere. No manager likes to do manual labor.

Isreal: "Nah, I got it. Thanks anyway." I started to move with the pallet again so he could have an excuse to walk away... He used it.

On my way out, I saw Charles talking to the ladies at the Customer Service desk. He didn't see me so I kept moving. I stopped long enough to say something about the "crappy weather" to a kid standing by a register and took the pallet and my merchandise out the front doors. I waited outside for about 30 seconds before I realized that Charles never did see me leave so I took out my cell phone and called the store.

Happy Girl: "Hi, thank you for calling Flop-Mart this is Happy Girl how may I direct your call?"

Isreal: "Charles XXXXXX please"

(("Do a little dance, make a little love, get down tonight... get down tonight")) I like that song. Sometimes I wish I could stay on hold longer just to hear a song I haven't heard in a while, but this time I wasn't on hold very long. Charles answered and I told him that I was outside. He laughed and said he'd be right out. His laugh sounded more like a victory cheer and I was really going to enjoy raining on his parade. I hopped up, sat on one of the computers, and waited to see his expression.

I don't think I have ever seen a person's face turn red as quickly as his did. He was OBVIOUSLY angry so I decided it wouldn't be a good idea to gloat about my victory and I settled for telling him exactly how I did it. As I did, I wrote down the prices of the computers and gave him my total take.

$698 x 3 = $2094
$749 x 2 = $1498

Grand Total $3592

CRAP!! I didn't reach my $4000 guarantee. Oh well, it was close enough for me, and it was MORE than enough for Charles. I followed him back inside with my loot and he yelled at a passing person to take it to the warehouse. I took off the vest, set it on the pallet and followed Charles to the manager's office.

I would love to tell you about the ass chewing he gave the store's management team, but he made me leave the room after I told them what I had done. 'Assistant Manager' Fred looked like he was going to puke when I got to his part of the story. I went to the smokers break room and waited for 45 minutes until Charles came and told me we were heading to Vernstown

posted by Capa  # 08:39


05/12/2002 - 05/19/2002   05/02/2004 - 05/09/2004   05/09/2004 - 05/16/2004   05/16/2004 - 05/23/2004   08/08/2004 - 08/15/2004  

This page is powered by Blogger. Isn't yours?