ThinkingInBinary

A collection of penetration testing, security and programming related thoughts. Or not.

View on GitHub

After Hours: Hacking Humans

Here’s a few thoughs on hacking one of the most complicated and vulnerable target out there, human beings. That’s right me, you, a pop star or Mr. President can all be hacked. And I am not talking about my pentesting environment, your Kali setup, Ariana Grande’s Macbook or NASA’s Pleiades. I am talking about the actual people.

$ man hacking

Hacking is a very generic and misused term, but for this entry I prefer to use this definition, included in TV Typewriters: A Tale of Hackish Ingenuity. According to the definition, hacking is clever work. And for all I know, you can be clever around people. You can even be clever with, against or for people. Here’s an example:

What people want to hear

Imagine a man and his daughter, say she’s called Lana. Now little Lana wants ice cream, but they’ve run out and the store is too far away for her to go by herself. So she politely asks her dad:

- Daddy, can we please go get some ice cream?
- Not now honey, I'm busy.
- But dad, I'll be a good girl, I promise!

She’s only 10 years old and she’s already got a good grasp of what her dad wants to hear. Now that is one clever way of influencing people; promising or telling them what they want to hear.

What they don’t

A couple of days later, Lana’s father gets a call by her teacher. She tells him that Lana skipped school the other day, making him furious. When Lana gets home he sits her on the couch and unravels another clever argument, telling people what the do not want to hear.

- Mrs. Emma called.
- Oh, what did she want?
- She told me you are skipping school Lana!
- I'm sorry dad, we just wanted to go to the beach...
- If I ever get a call from Mrs. Emma again, no matter what it is you've done, you are going to be grounded for a week!

Someone you’re not

Time goes by, and Lana’s dad is trying to find her a new mum. After all, it’s been 3 years since the break up. When he finally meets a new lady, he is confronted with the first problem of their relationship: How do they tell Lana? After brainstorming on the matter for a bit, he comes up with a solution. A solution which, without him realizing, utilizes the third principle of hacking people; pretending to be someone you are not. He tells Lana that his date is not in fact a date, but a colleague hoping that he will find a way to ease her in on the situation.

Punchline

I think you get the idea by now. People can be hacked and exploited just like computers, cellphones, locks etc. Provided the attacker is clever enough, most people can be manipulated, handled and controlled. Like a modern-day puppeteer, a hacker can indeed hack humans.

Back