Self-dox

From Gender and Tech Resources

Revision as of 15:59, 5 July 2015 by Lilith2 (Talk | contribs) (Elicitation)

Doxing is a technique of tracing someone or gathering information about an individual using sources on the internet. Its name is derived from “Documents” or “Docx”. Doxing method is based purely on the ability of the hacker to recognize valuable information about his target and use this information to his benefit. It is also based around the idea that, “The more you know about your target, the easier it will be to find his or her flaws” ~ Urban dictionary.

Such flaws can then be exploited. The exploitation wildly differs depending on the adversary. For example, profiling information can be used for encapsulation attempts by intelligence agencies. If those attempts are tried and fail and you are still enough of an annoyance to your government, expect aggressive demonisation by government paid trolls (and exceptionalism at its current flourishing best).

Doxing is also a part of reconnaissance where it is called 'human intelligence' or 'humint', and its focus is on its shadow side. The techniques can be simple or complex, and are useful for background checks (infiltrant agents will probably remain invisible with these techniques but littler petty tyrant may be detected) [1].

There are tools particularly created for d0xing. I use as little automated tools as possible. Not only because of the risk of poisoning, also because I prefer to pay more attention to little-easily-overlooked-details. The more you rely on auto-anything, the more you overlook. But if you want to use a tool and it is unknown to you, please do some research (possibly) follow the money, where the makers are located, for assessing likelihood of the code being poisoned.

This page collects doxxing resources and if you have one, please do add!

Storing information during research

Store gathered data on an encrypted external disk.

Basket (KDE)

http://basket.kde.org/

Tomboy (GNOME)

Dradis

Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead. http://tools.kali.org/reporting-tools/dradis

Elicitation

That person you don't know and tries to develop a relationship with you on line? He or she can be genuine, can be an intelligence agent, can be a role player, ...

Elicitation means To call forth, draw out, or provoke (a response or reaction, for example): "Interrogators were reportedly frustrated by their inability to elicit useful information from him" [2] and a much used tool in doxing and reconnaissance. Why jump through all kinds of technological hoops if we can just ask? It is low risk and hard to detect.

Elicitation seems to work well using these general human "vulnerability" key factors:

  • Most people have the desire to be polite, especially to strangers.
  • Professionals want to appear well informed and intelligent.
  • People that are praised, will often talk more and divulge more.
  • Most people would not lie for the sake of lying.
  • Most people respond kindly to people who appear concerned about them.

Have a look at your profile to make an assessment of your vulnerabilities, and you can also do some roleplays with trusted others to see how vulnerable you are to elicitation and by whom. For some (more) examples that you haven't thought of yet, see The Real Hustle https://www.youtube.com/user/TheRealHustleA3M

Profiling and fingerprinting

IP lookup

When you have an IP address an IP lookup will provide details such as ISP name, country, state, city, longitude and latitude. Domain names can help us to find out important information such as address, email id and phone number.

Using whois from the command line you may or may not get useful results. It runs on port 43, and information returned is in plain ASCII format, but because whois servers all over the internet are managed by a wide variety of organisations, information returned may vary. And the different whois clients have different functionality too.

Whois proxies can be used between a client and a server. Those usually use the http or https protocol. If port 43 is blocked, that is not a problem when a client is using proxies through a browser. Also, likely a proxy will determine which server to contact for different lookups.

Almost all services prevent data mining for preventing data gathering for spamming, and that also limits the service for other purposes such as intelligence gathering. Recently, some ISP’s are discussing limiting their service even further.

RWhois (referral whois) is a directory services protocol which extends the whois protocol in a hierarchical and scalable way. It focuses on the distribution of “network objects” (domain names, IP addresses, email addresses) and uses the hierarchical nature of these network objects to more accurately discover the requested information. It is similar to DNS but apparently, still not in general use.

Crunch

Wyd

Resources

Spies online

You can use the same (or similar) spies online techniques [3] to see yourself through the eyes of the adversaries that might d0x you. That information can then be used to protect yourself from your adversaries as best as you can. And when setting up other, anonymous or pseudonymous identities, these same resources can be used for test-driven-development of the identity.

Elicitation

Search engines

People

Images

Posts and discussions

IP lookup

Technical information related to whois

Whois clients

Webbased whois lookups

Useful whois servers

RWhois

Other interesting lookups

D0xing tools

Reuseful archives

Such as wandering through archives, yellow pages, phone directories and other possibly useful information made publicly available.

Europe

Africa

Asia

Oceania

South America

North America

Related

References

  1. Investigation Online: Gathering Information to Assess Risk https://modelviewculture.com/pieces/investigation-online-gathering-information-to-assess-risk
  2. The Free Dictionary: Elicitation http://www.thefreedictionary.com/elicitation
  3. Spies online http://www.spiesonline.net/