____________________________________________________________________________ ____________________________________________________________________________ 01010111 01001001 01010010 01000101 01000100 01010011 -> 01000101 01000011 01010101 01010010 01001001 01010100 -> 01011001 ____________________________________________________________________________ SOCIAL TRACKING OR HOW TO TRACE SOMEBODY THROUGH THE WEB ____________________________________________________________________________ ____________________________________ || 0x00: ABOUT ME || 0x01: INTRODUCTION || 0x02: THE START || 0x03: FIRST INFORMATIONS || 0x04: FIND OUT MOST || 0x05: WHAT ELSE CAN WE DO? || 0x06: FINAL THINGS || 0x07: IS THERE EVEN MORE POSSIBLE? ____________________________________________________________ ____________________________________________________________ _________________ || 0x00: ABOUT ME Author: SkyOut Date: October 2007 Website: http://wired-security.net/ _____________________ || 0x01: INTRODUCTION This article is based on a simple idea I had some days ago and which I also did by myself to test how good it works and what has to be done to make it go well. The term "Social Tracking" describes a way to find out most possible informations about a person with minimalistic information you will have at the beginning of the research. Mostly you will only have the first and last name and sometimes only the email. But this can be far enough to find out a lot about the private life of a person, thanks to the internet for that. In the following we will look at the structure of Social Tracking and how it can be done most efficiently and fastly. We will see some examples and websites, that can help us to get even more information. __________________ || 0x02: THE START As mentioned above we don't have a lot of information at the start, very often we have almost NO information before we end up our research. So how to start? Well, that depends on what you want to find and where you think it is best to start searching. Let us imagine we have the name of a person, first and last name. This is a good start for now! ___________________________ || 0x03: FIRST INFORMATIONS One of the easiest and most efficient ways would be to go google.com and type in that name, for example "Max Mustermann". Hopefully this person has a very special name, that isn't used very often. That will help a lot. Now it depends on the result, what you can do. In the best case this person has an own homepage or uses any of the blogs, that are freely available on the internet, for example blogger.com. So let us check this site first and grep as much information out of it as possible. Write everything down! Now it gets interesting: What information do we get? In the best case you will get the email address of a person and some other information. For example many people write down their interests, their favourite books, their favourite movies and a lot more! Write everything into a file to have it later on. If it is a big site, we could use google again to find out more, do a searchstring like this for example: "Max Mustermann" site:example.com We will now get every site, that has this name in the given domain name. That can be very helpful to see, where this name all comes up. Maybe some friends of the persons wrote it down somewhere. If so: Write down the friends name as well and try to find out at least a bit about them. You can build up a whole social network this way. If you got most information out of the site, mostly a community website, we can go on. Most persons write down their email address, post a photo (take it!) and their nickname. Maybe more, that can depend a lot. ______________________ || 0x04: FIND OUT MOST Now that we are in the possession of some first information we can go on the same way we started. Let us imagine we have the nickname and email address of a person, let us go to google.com and post them there. Maybe in a combined way. Hopefully we will get a lot of stuff, that has to do with this person on different websites. It could fail, but remember one thing: Most persons love to use one name for everything! It is the same with passwords, people never learn it. Now we will grep through all the new sites, that come up with this persons email or handle. We can specialize searches again with the site parameter of google.com and get even more information. Don't forget one thing here: Read the comments the person writes and the comments the person received. They can give you a lot of information about a person because many people post very private stuff in their comments. Example could be: Does the person has a girlfriend and does chat with her over the website? What are the friends and their interests? How is the sexual life of a person? Yeah I really saw people talking about their sexual confession on websites (even some people post it in their "About me" section)... And more! You should now be at a point, where you know a lot about the person and its friends and contacts. If you want you could now start to build up something like a diagram or make a list of all names and information you could get. It will help you to not forget any important detail. _____________________________ || 0x05: WHAT ELSE CAN WE DO? After knowing all this, it can be helpful to search some specific sites for the persons email address, handle or even the real name. There are a lot of blogs and community sites around, it would be too much to name them all here, but for example you should search on: www.myspace.com www.youtube.com www.blogger.com and for german sites it can be a lot of fun to search on: www.schuelervz.net www.studivz.net www.schuelerregister.de There are a lot more of course, but young people love those sites, to keep and get in contact with people. And what Google does not index, you can mostly find there. Just try it. The network you build up will grow more and more. _____________________ || 0x06: FINAL THINGS As mentioned above we are now in the possession of hopefully all possible informations. Get them all together, build up a diagram or list, remember the URLs you have found the information (write them down) and finally you should be done. In the best case you now have several photos of the persons, maybe together with friends, maybe with a girlfriend or more. You know about his/her interests in all means. You finally know the persons private life, just by searching through the web and getting the information the person posts there. Enjoy it. A last question: Who can this help? One of the first things, that come to my mind are employers, who are interested in finding out more about the person, that is employing for a job at their company. Or you could just be interested in finding out more about a person you know or get to know. Maybe you are not sure, what to think of him/her and want to know more. All this can be possible! Feel free to find your own reason for doing this. I do it as a hobby to test my skills and get better in Social Tracking people. _____________________________________ || 0x07: IS THERE EVEN MORE POSSIBLE? The answer is: YES! Many people post their instant messenger addresses as well, mostly ICQ or MSN. How about adding them and getting some information about them by directly asking for it? Many people will answer after you made them believe, that you are just a friendly person, that likes to get in contact with new people. This, of course, depends on your skills in social engineering and is another topic and won't be described more detailled here. Happy Hacking ____________________________________________________________________________ ____________________________________________________________________________ EOF