DarkReading.pdf

8/17/2019 DarkReading.pdf

1/3

Welcome Guest. | Log In | Register | Membership Benefits

ATTACKS / BREACHES VULNERABILITIES APPLICATION SECURITY CLIENT SECURITY PERIMETER SECURITY

SECURITY MANAGEMENT STORAGE SECURITY ENCRYPTION NAC ANTIVIRUS PRIVACY BLOGS SLIDESHOW S

Tech Center: Advanced Threats

E-mail this page | Print this page |

'Cree.py' Social Engineering

Tool Pinpoints A Person's

Physical LocationFree tool automates process of pulling geolocation,

other information on 'targets'

Mar 29, 2011 | 07:42 PM | 0 Comments

By Kelly Jackson Higgins

Darkreading

A savvy and determined social engineer can gather and manually correlate

the geolocation tags of his or her target's social network or other online

posts. But a new, free tool automates that process of creeping around

and finding the physical location of a targeted person. "Cree.py" makes it

easier for social engineers to track the physical whereabouts of their

targets -- it grabs geolocations from Twitter and Foursquare, as well as

Twitpic, Flickr, and others.

Yiannis Kakavas, an independent researcher at the Royal Institute of

Technology in Stockholm, Sweden, says he built the tool -- currently in

beta -- to raise awareness of how easy it is for the physical location you

share online to be abused. "By making the process of retrieving and

analyzing all the shared location-specific information that users share easy

and automated, I hoped to make clear how easy it is for someone to stalk

you, rob you, find out where you've been, and why," Kakavas says. "The

second goal was to create a tool to add in one's social engineering

toolbox that would facilitate information gathering for geolocation

information."

The privacy and security risk w ith all of the geolocation tagging in today's

social networking applications has been disconcerting to security experts

and privacy advocates. Users today can include their physical locations

when they tweet, post pictures from Flickr, or check in on Foursquare.

Kakavas says the information Cree.py gathers can be used for

reconnaissance on a target, such as where he lives, when he's at home,

or when he's traveling and to where. "It can also be used to create

behavioral models of the target regarding the places he/she frequents --

coffee shops, gym, favorite restaurants, etc. -- [and] traveling patterns,

among others. These behavioral patterns can be very useful in socialengineering when it comes to pretexting. It can be used to create trust

relationships with the target based on supposedly common interests or

experiences," he says.

From there, an attacker can take it to another level, impersonating the

target, for example, to social-engineer another user into handing over a

password or other sensitive information, he says.

"Cree.py is just that -- CREEPY, but what a great tool to gather

information and building profiles on targets," blogged the social

engineering professionals at social-engineer.org, which provided screen

shots of how it works. "It also should be a very rude awakening to how

much information we release."

It works like this for Twitter: The social engineer feeds Cree.py the

target's Twitter handle, for example, and it takes it f rom there, pulling

Related Content

Advanced Threats Reports

Malware War: How Malicious Code Authors Battle to Evade

DetectionThe stakes have never been higher in the fight for control of corporate andconsumer devices between malicious code and the antimalware softwaredesigned to detect and stop it. It's a war of one-upsmanship, as security labswork 'round the clock to analyze malicious code and the bad guys design new,

ingenious ways to frustrate analysts and automated tools. This Tech Center report coversthe key methods malware writers use to thwart analysis and evade detection.

Hackers Find New Means of Disguise Advanced Evasion Techniques (AETs) are the latest method hackers are using tofoil security solutions. AETs combine new methods of disguise to circumventnetwork security solutions. This white paper reveals proactive tips for securing your network and staying one step ahead of hackers.

New Methods for Bypassing Intrusion Prevention TechnologiesDiscover the latest set of evasion techniques that intrusion detection and preventionsystems (IPS) can miss. Prepare your defenses by downloading this whitepaper.

Accuracy vs. Speed: Is It Really a Choice?This brief will explore why a software-based approach to IPS technologies willdeliver the fast, dynamic and flexible solutions that the modern threat landscapenecessitates, often at a fiscal advantage.

Advanced Threats Newsfeed

IronKey: U.K Organisations Fearful Of Organized Cybercrime

Symantec Announces April 2011 MessageLabs Intelligence Report

Michigan Woman Pleads Guilty To Selling More Than $400,000 In Counterfeit BusinessSoftware

F5 Security Solutions Help Deliver DNS Security For Newly Signed .com Domain

Better Business Bureau Warns Of First Phishing Attacks In Wake Of Epsilon Breach

Banking Department Warns Consumers about Email 'Phishing' Scams After SecurityBreaches At Epsilon And RSA

MORE NEWSFEED >>>

Advanced Threats

Authentication

Cloud Security

Database Security

Security

Monitoring

Security Services

SMB Security

Vulnerability

Management

py' Social Engineering Tool Pinpoints A Person's Physical Location ... http://www.darkreading.com/advanced-threats/167901091/securi

5/2/2011


2/3

together geolocation information and links to photos on img.ly, yfrog,

twitpic, analyzing the photos' metadata for GPS information. "It presents

all the retrieved information in an easy-to-view manner [with] locations in

an embedded map, which you can also export for further analysis,"

Kakavas says. It also links to Foursquare check-ins to get geolocation

information.

It can take anywhere from two to 15 minutes for Cree.py to determine the

target's physical location, and much of that is the recon part. "It depends

on the number of t he user's tweets and how many of them actually contain

some geolocation information," he says. "The most t ime-consuming

process is actually the retrieval of the user's tweets, photos from image

hosting services, and not the analysis for geolocation information."

Cree.py can be downloaded from the Cree.py website.

Have a comment on this story? Please click "Add Your Comment" below.

If you'd like to contact Dark Reading's editors directly, send us a

message.

Care to Comment?

Subject (max length: 75):

Comment:

Captcha:

Type the characters you see in the picture above.

Subscribe to RSS

» Write To Editor

» Reprint This Article

» Download Top Reports

Enabling People and Organizations to Harness the Transformative Power of Technology


5/2/2011


3/3

CIOs & IT Professionals

Black HatBYTECloud ConnectDark ReadingEnterprise 2.0Enterprise ConnectEnterprise EfficiencyHDIInformationWeekInformationWeek 500InformationWeek 500 ConferenceInformationWeek AnalyticsInformationWeek Events

InformationWeek Global CIOInformationWeek HealthcareInformationWeek IndiaInformationWeek SMBInteropNetwork ComputingNo Jitter Plug into the CloudTechWeb.comThe BrainYard

Software Developers

Dr. DobbsDr. Dobbs M-DevDr. Dobbs DigestDr. Dobb's UpdateTechWeb.com

Web & Digital Professionals

Internet EvolutionWeb 2.0 ExpoWeb 2.0 SummitTechWeb.com

Government Officials

GTEC OttawaInformationWeek GovernmentTechWeb.com

Vertical Markets

Advanced TradingBank Systems & TechnologyCreateYourNextCustomer InformationWeek GovernmentInformationWeek HealthcareInsurance & TechnologyLight Reading / TelecomThe CMO SiteWall Street & Technology

Game Industry Professionals

Gamasutra.comGame Developers Conference (GDC)

Independent Games FestivalGame Developer MagazineGDC EuropeGDC ChinaGame Career GuideGame Advertising Online

Global Communications

Service Providers

Heavy ReadingHeavy Reading InsidersPyramid ResearchLight ReadingLight Reading MobileLight Reading CableLight Reading EuropeLight Reading AsiaEthernet ExpoTelcoTVTower SummitLight Reading Live & Virtual Events

Webinars

Most Popular

Cable CatchupCloud Connect BlogDigital LifeEvil BytesInformationWeek AnalyticsInterop BlogMonkey BidnessOver the Air Personal TechThe Philter Valley Wonk

About UBM TechWeb Advertising Contacts Technology Marketing Solutions Contact Us Feedback

Reprints TechWeb Digital Library / White Papers TechWeb Events Calendar TechWeb.com

UBM TechWeb Reader Services

Terms of Service | Privacy Statement | Copyright © 2011 UBM TechWeb, All rights reserved.

Dark Reading Home Attacks / breaches Vulnerabilities Application Security Client Security Perimeter Security Security Management Storage Security

Encryption NAC Antivirus Privacy Blogs Security discussions

Newsletters Video Webcasts Live events TechWeb Digital Library Registration/membership About us

Sales and marketing contacts Send us a tip or comments Site map Technology Marketing Solutions


5/2/2011

Documents

DarkReading.pdf