The key to social engineering is influencing a person to do something that allows the hacker to gain access to information or your network.
Account Look-up Tools, Support Lines, and Sites:
AT&T -
http://www.att.com/U-verse Support: 1-800-288-2020
Employee IDs - md905c
• Systems: G2, CCTP, SystemX, Clarify, Telegence, MyCSP, Phoenix, Torch, CSR Admin, CTI, Agent Verification System, CCC Tool, DLC, C-Care
Sky -
http://www.sky.com/Sky Tech Sppport: 0-844-241-1653
• Systems: Cloud
Cox -
http://ww2.cox.com/residential/home.coxCox Support: 877-891-2899
• Systems: Polaris (IP), iNav, edgehealth, Icon, IDM, ICOMS, SL2
Charter -
https://www.charter.com/Charter Support: 713-554-3669
• Systems: Sigma, IRIS
Comcast -
http://www.comcast.com/Comcast Support: 1-800-934-6489
• Systems: ACSR, Comtrac, CSG, Einstein, Grand-slam, Vision
Time Warner -
http://www.timewarnercable.com/Time Warner Support - 212-364-8300
• Systems: Real, Unify
Road Runner -
http://www.rr.com/Road Runner Support: 1-866-744-1678
• Systems: Real, Unify
Verizon -
http://www.verizonwireless.com/Verizon Support: 1-800-837-4966
• Systems: Coffee
Items that are capable for look up:
Name on file:
DOB on file:
SSN on file:
Phone on file:
Address on file:
ISP Account #:
Primary Account Email:
Credit Card on File:
Other Tools / Sites / Providers:
Shaw: TOGAF, Marshall White, CF60, Calgary Call Center
Rogers: Icm (can't do ips, but account number/phone number), Sgi (finding more info on account)
Bell: Maxplus, CSM 1 Bill, Singleview
Charter: Sigma, IRIS
Netflix: Obiwan
Verizon: Cofee, Legend, ASCRR (Business)
Yahoo: AMD, Star
T-Mobile: QuickView, Remedy, SAMSON, NCI, T-COMMUNINITY, IHLR
CenturyLink: Qwest Repair Expert[QRX], Facility Check
Charter: Sigma, IRIS
Comcast: ACSR, Comtrac, CSG, Einstien, Grandslam, Vision
Sprint: iCare
Time Warner / Road Runner / Brighthouse: Real, Unify
Telus: Smart Desktop, Cosmo, Parter, Desktop One, Synapsis (IP LOOKUPS), Office Communicator
Optimum Online: TDA
Paypal: Compass, Admin
Amazon: CRC, IVR
Windstream: DataCannon
AT&T
Phone Number: 1 (800) 288-2020
Systems: CCTP, G2, CARE, Telegence, Clarify, Phoenix, OMS, CRM, Enabler, OPUS, POSII, Compass, Ordertrack, myCSP, NBI, Ensemble, Xacct, PTT
Yahoo
Live Chat:
https://io.help.yahoo.com/contact/index?page=contact&locale=en_NZ&y=PROD_ACCT Systems: AMD, Star
Cox
Phone Number: 1 (800) 229-6542
Live Chat:
https://www.cox.com/support/emailchat/chatusenglish.asp Systems: SL2, iComs, iNav, Edgehealth, Remedy, Quikway, Tivia
Charter
Phone Number: 1 (888) 438-2427
Live Chat:
http://www.myaccount.charter.com/Visitors/chatlive.aspx Systems: Sigma, IRIS
Comcast
Phone Number: 1 (800) COMCAST
Live Chat:
https://www.comcastsupport.com/chatentry/ Systems: ACSR, Comtrac, CSG, Einstien, Grandslam, Vision (NOTE: Only Grandslam can do IP address lookups.)
Employee Name: Gilbert
Employee ID: 100-499-892
Employee Region: Boston
Employee SV: Anthony
Netflix
Phone Number: 1 (866) 579-7172
Live Chat:
https://help.netflix.com/help#startChat Systems: Obiwan
Sprint
Phone Number: 1 (866) 866-7509
Systems: CICS, DB2, MQ, ADABASE, REXX, VSAM
Time Warner / Road Runner
Username Retrieval:
https://urt.rr.com/ Password Reset:
http://pt.rr.com/ IP Management Tool:
https://ipmt.rr.com/ipmt/login.jsp Phone Number: 1 (855) 800-1925
Live Chat:
http://www.timewarnercable.com/en/residential-home/support/contact-us.html Systems: Real, Unified, AAD, ACSR, ATG Tools, iComs, DOCSIS. (DOCSIS, Unified, and Real do IP lookups)
Name: Darryl Estes
EID: E12145
Location: TW-Raleigh in Raleigh, NC
Verizon
Login:
https://www22.verizon.com/cofee/content/preorderingd2d/login/login.aspx Phone Number: 1 (800) 837-4966
Live Chat:
http://www.verizon.com/Support/Residential/contact-us/index.htm Systems: Cofee, Legend, DTI Express, iView, iGO, CPE Manager, Marval, Telegence
LCT Home Office:
Name: Brett
Location: Redmond, WA
OSID: GFA*667
Name: Andrew
Location: New York, New York
OSID: Z479046
Shaw:
Systems: TOGAF
Rogers:
Systems: ICM and STI
Bell:
Systems: Maxplus, CSM 1 Bill, Singleview (Singleview does IPs)
Name: Vipin
Employee ID: 604084
Name: Shamari
Employee ID: EY17429
T-Mobile:
Systems: QuickView, Remedy, SAMSON, NCI, T-COMMUNINITY, IHLR
Opt Online:
Systems: TDA
PenTeleData:
Login:
http://www2.engr.ptd.net/ Login:
http://server4.engr.ptd.net/login/login.cgi Webmail:
https://promail.ptd.net/ Usernames: admin
System: Smart System
Name: Joann
CFR: CSR2 (Employee ID)
Position: Supervisor 2 PenTeleData, Corporate Office
Paypal:
Systems: Compass & Admin
Fido / Micro-Cell
Systems: ICM - Looks up the account information, Citrix - log into the account
CenturyLink:
Systems: Ensemble
Frontier:
Systems: JWalk and iNet
Blue Ridge:
Systems: iComs
Cogent:
Systems: SSRS and Remedy Ticketing System
Charter
Hello My Name is Andrew and I'm from the Charter Customer Support in
Greenville South Carolina and i cant access the clients information
our systems are not working could you please provide some details on the
client for me?
Comcast
Hello my name is Andrew and I'm from the Comcast Customer Support in
(VICTIMS AREA) and i cant access the clients information my
grandslam cannot connect and im recieving errors. Will you please look up
the information on the client for me?
Verizon
Hello my name is Thomas and I'm from the Verizon Customer Support in
Danville and i cant access the clients information my
Legend/Iview (use any) cannot connect and i'm recieving errors. Will you please look up
the information on the client for me?
AT&T
Hello my name is Thomas and I'm from the AT&T Customer Support in
Danville and i cant access the clients information my
G2 (use any) cannot connect and im recieving errors. Will you please look up
the information on the client for me?
General method:
You'll be most successful in getting agents to pull up info by calling the internet technical support for the company, telling an agent you're an internet technical representative, and telling them your systems are down at your call center. Then give them whatever information you have, and get them to pull it up in one of their tools.
▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
AT&T Info:
Tools:
SystemX - Shows IP, what account it is, lookup by address, runs credit checks, see driver license.
Clarify - Looks up account and logs into the account. Can do full social, ip, phone number, and name.
Telegence - Shows account information including last four of the ssn.
MyCSP - Opens up Torch, SystemX, etc.
Phoenix - Change phone numbers, rate plans, etc.
Torch - Text messager.
CSR Admin - Logs into MyATT account.
CTI - Transfer calls.
Agent Verification System - Verifies employee ID.
CCC Tool - Removes subscriptions.
DLC - See how long the phone has been in service.
C-Care - Checks for upgrades.
Employee ID:
First 2 Initials, first 3 of the Social, letter at the end.
Example:
Name: Larry Stevenson
SSN: 306-89-7661
UID: LS306Z
Employee Logins:
Computer:
Username = UID.
Password is set by the agent. Changes every month.
Tool Portals:
Username = UID.
Password is either randomized or set by the agent. Changes every three weeks.
Computer Info:
OS is Windows 7 with an Windows classic theme.
Virus protection is McAfee.
Some connect wired and some are wireless.
WiFi names are "AT&T" followed by a number.
Online Access:
https://access1.sbc.com/https://mycsp.cingular.com/mycspportal/appmanager/portal/csp?_nfpb=true&_pageLabel=loginhttps://attathome.att.com/athome_web/index.jsphttps://sso.sl.attcompute.comhttps://attawardslink.comhttps://att.corporateperks.com/login ▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
Verizon:
Tools:
CoFee - Main tool agents use. Looks up accounts by phone number, name, etc.
CPE Manager - Looks up accounts by the IP address.
Legend - Another tool agents use to pull info off an account.
CoFee Login:
https://www22.verizon.com/cofee/cpm/login/login.aspx ▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
Comcast:
Tools:
Grandslam - Looks up by IP, SSN, phone, and more.
ASCR - Looks up account.
Einstein - Looks up account.
Every Comcast tool is within Grandslam as Grandslam is Comcast's "master tool".
▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
Time Warner / Roadrunner / Brighthouse:
Call 1800-TWCABLE. Enter in a phone number and zip in the area of the IP address. Once an agent picks up tell them a fake name, you work for TWC internet tech support, and you were having trouble looking up a customers account with AAD. Then ask them if they can transfer you to tier 3. They will transfer you then. Once you get transferred to tier 3 say your name and your work for TWC internet tech support. Tell them you were having trouble pulling up an account by IP address. Say that Unified was giving you an error not found. Tell them you don’t have DOCSIS and ask them if they can look up the account in that. They should do it, so give them the IP. Once they pull up the account ask for these things in the order listed:
-Name
-Phone
-Address
-MAC Address
-User ID
-Email
-Account Number
After this point if you ask for anything else they may get suspicious. They may give it to you, or you might have to call back. Try asking for this information on the account.
-Security measure: Last 4 of the ssn and/or the 4 digit pin code
-customer code
-full driver license
After you get that call back TWC and ask to reset your password. Say you forgot the SQA. They will ask for the security measure and customer code then they’ll reset it.
You’ll want access into the primary email and the MyServices feature.
Make sure you get both reset, but sometimes you’ll have to create the MyServices account.
Also if you want the SSID and network password go to the WiFi live chat once logged into the target’s account. The agents will ask for some information in order to verify you then they’ll ask for the modem MAC address. Give them the MAC address the employee read out to you earlier when you asked them for the MAC address on file. They should then provide you with the SSID name and password.
Resources:
Username Retrieval:
https://urt.rr.com/Password Reset:
http://pt.rr.com/ Tools:
AAD - Used to pull up the account once they have the information on the customer.
Unified - Pulls up by MAC, IP, etc.
ATG Tools / DOCSIS - Basically TWC’s “master tool”. Can do just about anything.
If you’re ever asked for an employee ID just use this. It’s legitimate.
Employee Info:
Name: Darryl Estes
EID: E12145
Location: TW-Raleigh in Raleigh, NC
Regions:
Austin RDC
TW-Austin
TW-Beaumont
TW-ColumbusTX
TW-CorpusChristi
TW-DelRio
TW-Dilley
TW-EaglePass
TW-ElPaso
TW-Gonzalez
TW-KansasCity
TW-Kerrville
TW-Laredo
TW-Lincoln
TW-NorthTexas
TW-RioGrandeValley
TW-SanAntonio
TW-Texas Regional
TW-Uvalde
TW-Waco
TW-WitchitaFalls
Bright House Network RDC
TW-Bakersfield (Bright House)
TW-Birmingham
TW-Cantonment
TW-CentralFL
TW-Defuniak
TW-Detroit (Bright House)
TW-Elmore
TW-Eufaula
TW-Greenville
TW-Indianapolis (Bright House)
TW-TampaBay
Charlotte NDC RDC
NDC-Charlotte
Columbus RDC
IN-Columbus
TW-KYN
TW-Louisville
TW-MOH
TW-Milwaukee
TW-NEO
TW-NEW
TW-Regional Midwest
TW-SWOH
TW-WesternOhio
Coudersport RDC
TW-Coudersport
Herndon RDC
TW-Herndon
NYC RDC
TW-Bergen
TW-Liberty
TW-NYCity
TW-StatenIsland
Orange RDC
TW-DesertCities
TW-Hawaii
TW-LosAngeles
TW-Mountain
TW-MountainWest
TW-Northwest
TW-SanDiego
TW-Southwest
Peakview RDC
NDC-Peakview
TW-Allegeny
TW-Broomfield
TW-CentralKYOH
TW-Clarksburg
TW-Dothan
TW-MOOKKS
TW-Peakview Regional
TW-Southeast
TW-TerreHaute
TW-VoIP
TW-WesternKY
Raleigh RDC
TW-Charlotte
TW-Columbia
TW-Fayetteville
TW-Greensboro
TW-Raleigh
TW-Regional-Carolinas
TW-Wilmington
Syracuse RDC
TW-Albany
TW-Athol
TW-Berlin
TW-Binghamton
TW-Buffalo
TW-CentralNY
TW-Keene
TW-Lancaster (National division)
TW-Portland
TW-Rochester
TW-Syracuse Regional
TSG RDC
TW-TSG
This isn’t really a part of the social engineering lesson, but here are some TWC employee tools accessed online.
https://tools.rdc-nyc.rr.com/https://uptime.rdc-kc.rr.com/https://tools.nyroc.rr.com/https://tools.tampflrdc.rr.com/docsis/https://tools.ohiordc.rr.com/https://docsis-tools.tampabay.rr.com/https://tools.ohiordc.rr.com/onodera/https://tech.indy.rr.com/https://tech.insight.rr.com/ You can find more by using the following Google dork:
https://www.google.com/#q=inurl:tools+site:rr.com+-site:tv.rr.com+-site:jobs.rr.com+-site:features.rr.com+-site:gallery.rr.com ▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
Cox:
Tools:
Edgehealth - Looks up by IP and MAC.
ICOMS - Looks up account.
SL2 - Looks up account.
▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
Optimum Online:
Tools:
TDA - Billing tool.
▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
T-Mobile:
Tools:
Quickview - Looks up account.
Watson - Looks up account.
▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
CenturyLink:
Tools:
Ensemble - Looks up account.
JWalk - Looks up account.
INET - Logs into account.
▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
