Sherlock

BACKGROUND

Good social engineering relies on open source intelligence (OSINT) when researching a target. OSINT is information that is public and accessible. Social media is a huge asset to social engineers (though not the only source of OSINT).  

DESCRIPTION

This experience demonstrates how simple it is to find online presence of people. Sherlock is an open source project that gathers social media accounts based on a username. In this experience, we will either use a cloud-based version of a Linux shell to install Sherlock or install it locally on a Linux machine.

REQUIREMENTS

Web browser or Linux instance.

PART I: Install Sherlock or use a version on Google Cloud Shell

  1. The quickest way to get up and running is to use the Google Cloud Shell because different distributions of Linux have different Python installations and Sherlock requires some specific Python configuration. Happily, the Google Cloud Shell has everything configured perfectly. Make sure you are logged into Google and go to: https://shell.cloud.google.com/. You can hide the editor by clicking on the pencil in the top right; we are just interested in the terminal.
  2. If you have never used the Cloud Shell (or you haven’t used it in a while), you’ll be notified that it might take a minute to get things set:


    Your browser will open a cloud-based Linux terminal and ask if you trust the source. Check the box and hit “Confirm”. If you’d rather install Sherlock on your own Linux device, see the instructions at the end of this lab.

  1. The Cloud Shell has two parts - the top window is a file manager and file editor and the bottom portion is a terminal; close the top window by pressing the “X” in the upper right corner or the pencil icon.
  2. You’ll have to install Sherlock yourself. In this section below, we will create a directory called “sherlock” and then install the software - it will most likely install another directory inside sherlock called sherlock. Of course, you can install it anywhere you’d like, but I find this works well for me.

mkdir sherlock

cd sherlock

git clone https://github.com/sherlock-project/sherlock.git

cd sherlock
python3 -m pip install -r requirements.txt

dave@cloudshell:~/sherlock/sherlock$

  1. We’ll also need to install some required files. Python3 comes installed in Google Cloud Shell, but there are a few more files we’ll need, and we’ll use pip (a package manager for Python) to get the files needed (they are listed in requirements.txt).

    This will install the files needed to run Sherlock. There will be a lot of chatter on the screen - that’s OK. That’s just Linux helping Python install support files for Sherlock.

EVIDENCE #1

PASTE THE IMAGE OF THE INSTALL FROM requirements.txt 
YOU DO NOT HAVE TO INCLUDE THE ENTIRE PROCESS

PART II: Use Sherlock to research a username

  1. The software we will be using is one directory down - it is also called “sherlock”. Let’s change directory to sherlock and run an ls -l on it to see what’s there:

cd sherlock
ls -l

dave@cloudshell:~/cloudshell_open/sherlock/sherlock$ cd sherlock

dave@cloudshell:~/cloudshell_open/sherlock/sherlock/sherlock $ ls -l

total 68

-rw-r--r-- 1 dave dave   104 Nov 16 01:56 __init__.py

-rw-r--r-- 1 dave dave   828 Nov 16 01:56 __main__.py

-rw-r--r-- 1 dave dave  8147 Nov 16 01:56 notify.py

drwxr-xr-x 2 dave dave  4096 Nov 16 01:56 resources

-rw-r--r-- 1 dave dave  3113 Nov 16 01:56 result.py

-rw-r--r-- 1 dave dave 28166 Nov 16 01:56 sherlock.py

-rw-r--r-- 1 dave dave  8761 Nov 16 01:56 sites.py

drwxr-xr-x 2 dave dave  4096 Nov 16 01:56 tests

dave@cloudshell:~/sherlock/sherlock/sherlock$

  1. The file we need is there - sherlock.py. So let’s pick a username and find what social media sites that name appears on.

Note:

[*] Checking username kentremendous on:

[+] 500pxs: https://500px.com/p/kentremendous

[+] Disqus: https://disqus.com/kentremendous

[+] Ebay: https://www.ebay.com/usr/kentremendous

[+] Facebook: https://www.facebook.com/kentremendous

[+] FortniteTracker: https://fortnitetracker.com/profile/all/kentremendous

[+] GitHub: https://www.github.com/kentremendous

[+] Gravatar: http://en.gravatar.com/kentremendous

[+] Imgur: https://imgur.com/user/kentremendous

[+] Instagram: https://www.instagram.com/kentremendous

[+] Kik: https://kik.me/kentremendous

[+] Pinterest: https://www.pinterest.com/kentremendous/

[+] Pokemon Showdown: https://pokemonshowdown.com/users/kentremendous

[+] Quizlet: https://quizlet.com/kentremendous

[+] Reddit: https://www.reddit.com/user/kentremendous

[+] Roblox: https://www.roblox.com/user.aspx?username=kentremendous

[+] Scribd: https://www.scribd.com/kentremendous

[+] Twitch: https://www.twitch.tv/kentremendous

[+] Twitter: https://mobile.twitter.com/kentremendous

[+] Ultimate-Guitar: https://ultimate-guitar.com/u/kentremendous

[+] YouNow: https://www.younow.com/kentremendous/

[+] YouTube: https://www.youtube.com/kentremendous

dave@cloudshell:~/sherlock/sherlock/sherlock$


EVIDENCE #2

PASTE THE IMAGE OF A SUCCESSFUL SHERLOCK RUN
DO NOT USE ‘kentremendous’ AS THE USERNAME

DO NOT USE ‘kentremendous’ AS THE USERNAME

APPENDIX - Installing Sherlock on a Linux Machine

There’s a good chance your Linux machine will not have Sherlock installed. The bad news is that Sherlock isn’t found in the apt package manager. The good news is that you can clone it from a git repository! Note that this will install Sherlock in the directory you execute this command in. If you don’t want it in the root directory, navigate to the directory you want to install Sherlock into:

sudo git clone https://github.com/sherlock-project/sherlock.git

Next, you’ll also have to install Python (in this case, your Linux machine may already have Python installed; executing this command will not do any harm):

sudo apt update
sudo apt upgrade
sudo apt install python3

You’ll also have to install pip, a Python package manager and then grab the requirements for everything to work:

sudo apt install python3-pip

Make sure you are in the proper directory and run:

python3 -m pip install -r requirements.txt