Contact the CEO of a company with a social approach.

Most of the time when you will send a mail to info@anycompany.com, believe me there are very less number of chances that you will get a good response. Reason being as simple as the number of bounces which you email will get until it reaches the right person. So why not send it directly to the targeted person.

Making my words straighter, don’t you think writing this mail directly to the CEO of that company will do some good? 

I was going through some chrome extensions and got something which can help this deed. Yeah, we can go ahead and get the EMAIL ID of a CEO directly without any co-operation from any Living Body.

So for doing this, you have to count on me (only for about 5 minutes) and do what i say. 

1.   Find out the Person: Go to the site of that company and find out whom you have to deal with, i.e. the person whose email id you will find out. If you are unlucky, you may not get anything. Don't loose hope. Go to Google and give some commands at its search bar. Within in a short span of time, you will hold the name of person whom you have to target. 

2.  Use Rapportive: We will be using Rapportive extension for Reverse Engineering the work, so load your browser with this extension.

3.  Integrate it with Gmail: Once you have installed Rapportive, open Gmail in a new tab and you will see a "rapportive" link coming on your screen.

You can also integrate it with other your other Social Accounts.

 

Reverse Engineer the Email IDs: Finally we have to check out some common combinations like firstname.L@company.com, firstname@company.com, firstname.lastname@company.com, firstname.LE@company.com, f.lastname@company.com. As you will try, you will get the following two responses:

Example: Rapportive Profile Not Found


Example: Rapportive Profile Found

Once you have this, you had got their twitter and other accounts. But the story doesn’t ends up here. For these accounts, you also need to verify them. If it is a twitter account, check the number of their followers. If the profile seems to be active and connections are more than 400, then is must be fine. Reason why I am putting down emphasis on twitter; if you mention anything with @their_twitter_name, it will give a direct notification to them.

Similarly for their LinkedIn account, if they have less than 500 connections that may raise points of issues for whether they use it properly or not? Moreover, whether they accept connections or not?

Google Account can be checked similarly too with the working status of the profile. Sometimes, even phone number is found but don’t get greedy. Don’t make a call until you are a good Social Engineer.

So, with this stuff, I will wish u Best of luck mates. I hope you are not going to mess up.

Msfupdate not working with "no version information available" error.

A few days back while working with my testings and research, i came across an error which was continously depriving me of updating my metasploit framework. Error message was something like this :

(Click on Image to Enlarge)

No version available and blah blah blah. For that, i ignored it for a couple of days due to workload and downloaded exploits manually. But when it seemed kiddish to me, i got into roots. I soon realized that the "no version information available" error , here, meant that the library metasploit does not have a version to refer and hence it is not updating to any further version. Was quite kiddish, but realistic too. So i checked its libraries :

(Click on Image to Enlarge)

libssl.so.0.9.8 do not have a link to /usr/lib/ where as the entire library actually relies on the same. So what we need to do is : 

Backup the library that is erroring msf.

Create a link between the library msf and /usr/lib/

Do this : 

(Click on Image to Enlarge)

Once you are done with all this stuff, go ahead and update your metasploit. You will get a smile on your face.

(Click on Image to Enlarge)

So this was how you dont need to put back your actions if you get any error anywhere, just like in case of msf. 

Enjoy hacking, enjoy exploitation. :)