Home TechnologyHacking Ethical Hacking Fridays: How to Hack (Part 14) User Online Footprint

Ethical Hacking Fridays: How to Hack (Part 14) User Online Footprint

by Ivan
Ethical Hacking Fridays: How to Hack (Part 14) User Online Footprint Ivan Ocampo sherlock

Ethical Hacking – how to hack using Sherlock, and find User Online Footprint

If ever you are hacked or investigating a hack and trying to piece together what has been done and all you can find is the username of the hacker you may be in luck. Alternatively, you may be interested in checking out your own online footprint or maybe the online footprint of someone of interest. I want to introduce you to an amazing tool called Sherlock.

The Sherlock repository can be found here. Sherlock runs using Python 3 which is cross-platform so any system that can run Python 3 can run Sherlock.

Installation of Sherlock

I’m going to install Sherlock on my Kali linux instance just for convenience. The first step is to make sure, “Git”, “Python 3” and “PIP” are all installed.

kali@kali:~$ sudo apt-get install git python3 pip -y
Reading package lists... Done
Building dependency tree
Reading state information... Done
Note, selecting 'python3-pip' instead of 'pip'
git is already the newest version (1:2.28.0-1).
git set to manually installed.
python3 is already the newest version (3.8.2-3).
python3-pip is already the newest version (20.1.1-2).
0 upgraded, 0 newly installed, 0 to remove and 149 not upgraded.

The installation instructions can be found in the Sherlock README.md but I’ll cover them here as well.

kali@kali:~$ git clone https://github.com/sherlock-project/sherlock.git Cloning into 'sherlock'... remote: Enumerating objects: 64, done. remote: Counting objects: 100% (64/64), done. remote: Compressing objects: 100% (32/32), done. remote: Total 4926 (delta 33), reused 47 (delta 22), pack-reused 4862 Receiving objects: 100% (4926/4926), 15.46 MiB | 6.35 MiB/s, done. Resolving deltas: 100% (3102/3102), done.kali@kali:~$ cd sherlockkali@kali:~/sherlock$ python3 -m pip install -r requirements.txt Requirement already satisfied: beautifulsoup4>=4.8.0 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 1)) (4.9.3) Requirement already satisfied: bs4>=0.0.1 in /home/kali/.local/lib/python3.8/site-packages (from -r requirements.txt (line 2)) (0.0.1) Requirement already satisfied: certifi>=2019.6.16 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 3)) (2020.6.20) Requirement already satisfied: colorama>=0.4.1 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 4)) (0.4.3) Requirement already satisfied: lxml>=4.4.0 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 5)) (4.6.1) Requirement already satisfied: PySocks>=1.7.0 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 6)) (1.7.1) Requirement already satisfied: requests>=2.22.0 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 7)) (2.24.0) Requirement already satisfied: requests-futures>=1.0.0 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 8)) (1.0.0) Requirement already satisfied: soupsieve>=1.9.2 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 9)) (2.0.1) Requirement already satisfied: stem>=1.8.0 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 10)) (1.8.0) Requirement already satisfied: torrequest>=0.1.0 in /home/kali/.local/lib/python3.8/site-packages (from -r requirements.txt (line 11)) (0.1.0)

Usage of Sherlock

Let’s just take a quick look at the Sherlock help to see what is on offer…

kali@kali:~/sherlock$ python3 sherlock -h
usage: sherlock [-h] [--version] [--verbose] [--folderoutput FOLDEROUTPUT] [--output OUTPUT] [--tor] [--unique-tor] [--csv] [--site SITE_NAME] [--proxy PROXY_URL] [--json JSON_FILE] [--timeout TIMEOUT]
[--print-all] [--print-found] [--no-color] [--browse] [--local]
USERNAMES [USERNAMES ...]Sherlock: Find Usernames Across Social Networks (Version 0.13.0)positional arguments:
USERNAMES One or more usernames to check with social networks.optional arguments:
-h, --help show this help message and exit
--version Display version information and dependencies.
--verbose, -v, -d, --debug
Display extra debugging information and metrics.
--folderoutput FOLDEROUTPUT, -fo FOLDEROUTPUT
If using multiple usernames, the output of the results will be saved to this folder.
--output OUTPUT, -o OUTPUT
If using single username, the output of the result will be saved to this file.
--tor, -t Make requests over Tor; increases runtime; requires Tor to be installed and in system path.
--unique-tor, -u Make requests over Tor with new Tor circuit after each request; increases runtime; requires Tor to be installed and in system path.
--csv Create Comma-Separated Values (CSV) File.
--site SITE_NAME Limit analysis to just the listed sites. Add multiple options to specify more than one site.
--proxy PROXY_URL, -p PROXY_URL
Make requests over a proxy. e.g. socks5://127.0.0.1:1080
--json JSON_FILE, -j JSON_FILE
Load data from a JSON file or an online, valid, JSON file.
--timeout TIMEOUT Time (in seconds) to wait for response to requests. Default timeout is infinity. A longer timeout will be more likely to get results from slow sites. On the other hand, this may cause
a long delay to gather all results.
--print-all Output sites where the username was not found.
--print-found Output sites where the username was found.
--no-color Don't color terminal output
--browse, -b Browse to all results on default browser.
--local, -l Force the use of the local data.json file.

There are some really interesting options there. I see it supports TOR which I covered in my other article, “Ethical Hacking (Part 6): Anonymisation”.

--tor, -t Make requests over Tor; increases runtime; requires Tor to be installed and in system path.
--unique-tor, -u Make requests over Tor with new Tor circuit after each request; increases runtime; requires Tor to be installed and in system path.

The default option is “ — print-found” but you could also “ — print-all” which would display all the sites it is checking and if the user was found or not.

This option looks interesting as well provided you are running Sherlock within a GUI that can open a browser.

--browse, -b Browse to all results on default browser.

So the way it works is as follows…

I opened Instagram and just looked for the first public profile in the list which is “charlottedewittemusic”. So we know that DJ is on Instagram and her username but what is her online footprint?

kali@kali:~/sherlock$ python3 sherlock charlottedewittemusic [*] Checking username charlottedewittemusic on: [+] Facebook: https://www.facebook.com/charlottedewittemusic [+] Instagram: https://www.instagram.com/charlottedewittemusic [+] SoundCloud: https://soundcloud.com/charlottedewittemusic [+] Spotify: https://open.spotify.com/user/charlottedewittemusic [+] Telegram: https://t.me/charlottedewittemusic [+] TikTok: https://tiktok.com/@charlottedewittemusic [+] Twitch: https://www.twitch.tv/charlottedewittemusic [+] VK: https://vk.com/charlottedewittemusic [+] YouTube: https://www.youtube.com/charlottedewittemusic

I mean look at that! Within seconds you can see she has accounts on Facebook, Instagram, SoundCloud, Spotify, Telegram, TikTok, Twitch, VK and YouTube.

Just out of interest search for your own username or usernames. I bet you’ll be surprised which services you still have an account on.

I don’t actually use my surname only as a username except for on Medium but I was curious if Sherlock would find my Medium account and just for interest sake which other sites have a username “whittle”.

kali@kali:~/sherlock$ python3 sherlock whittle
[*] Checking username whittle on:
[+] 7Cups: https://www.7cups.com/@whittle
[+] 9GAG: https://www.9gag.com/u/whittle
[+] About.me: https://about.me/whittle
[+] Academia.edu: https://independent.academia.edu/whittle
[+] Apple Discussions: https://discussions.apple.com/profile/whittle
[+] Archive.org: https://archive.org/details/@whittle
[+] AskFM: https://ask.fm/whittle
[+] Audiojungle: https://audiojungle.net/user/whittle
[+] BLIP.fm: https://blip.fm/whittle
[+] Badoo: https://badoo.com/profile/whittle
[+] Bandcamp: https://www.bandcamp.com/whittle
[+] Behance: https://www.behance.net/whittle
[+] Blogger: https://whittle.blogspot.com
[+] BodyBuilding: https://bodyspace.bodybuilding.com/whittle
[+] BuzzFeed: https://buzzfeed.com/whittle
[+] CNET: https://www.cnet.com/profiles/whittle/
[+] Career.habr: https://career.habr.com/whittle
[+] Chess: https://www.chess.com/member/whittle
[+] Clozemaster: https://www.clozemaster.com/players/whittle
[+] Codecademy: https://www.codecademy.com/profiles/whittle
[+] Codepen: https://codepen.io/whittle
[+] Codewars: https://www.codewars.com/users/whittle
[+] DailyMotion: https://www.dailymotion.com/whittle
[+] Designspiration: https://www.designspiration.net/whittle/
[+] DeviantART: https://whittle.deviantart.com
[+] Discogs: https://www.discogs.com/user/whittle
[+] Disqus: https://disqus.com/whittle
[+] Docker Hub: https://hub.docker.com/u/whittle/
[+] Dribbble: https://dribbble.com/whittle
[+] Duolingo: https://www.duolingo.com/profile/whittle
[+] Ebay: https://www.ebay.com/usr/whittle
[+] Ello: https://ello.co/whittle
[+] Etsy: https://www.etsy.com/shop/whittle
[+] Euw: https://euw.op.gg/summoner/userName=whittle
[+] EyeEm: https://www.eyeem.com/u/whittle
[+] Facebook: https://www.facebook.com/whittle
[+] Flickr: https://www.flickr.com/people/whittle
[+] Flightradar24: https://my.flightradar24.com/whittle
[+] Flipboard: https://flipboard.com/@whittle
[+] FortniteTracker: https://fortnitetracker.com/profile/all/whittle
[+] Freelancer.com: https://www.freelancer.com/api/users/0.1/users?usernames%5B%5D=whittle&compact=true
[+] Freesound: https://freesound.org/people/whittle/
[+] Giphy: https://giphy.com/whittle
[+] GitHub: https://www.github.com/whittle
[+] HackerNews: https://news.ycombinator.com/user?id=whittle
[+] HackerRank: https://hackerrank.com/whittle
[+] House-Mixes.com: https://www.house-mixes.com/profile/whittle
[+] Houzz: https://houzz.com/user/whittle
[+] IFTTT: https://www.ifttt.com/p/whittle
[+] Imgur: https://imgur.com/user/whittle
[+] Instagram: https://www.instagram.com/whittle
[+] Instructables: https://www.instructables.com/member/whittle
[+] Issuu: https://issuu.com/whittle
[+] Itch.io: https://whittle.itch.io/
[+] Kaggle: https://www.kaggle.com/whittle
[+] Keybase: https://keybase.io/whittle
[+] Kik: https://kik.me/whittle
[+] Kongregate: https://www.kongregate.com/accounts/whittle
[+] Launchpad: https://launchpad.net/~whittle
[+] LeetCode: https://leetcode.com/whittle
[+] Lichess: https://lichess.org/@/whittle
[+] Medium: https://medium.com/@whittle
[+] Memrise: https://www.memrise.com/user/whittle/
[+] MixCloud: https://www.mixcloud.com/whittle/
[+] MyAnimeList: https://myanimelist.net/profile/whittle
[+] MyMiniFactory: https://www.myminifactory.com/users/whittle
[+] Myspace: https://myspace.com/whittle
[+] NameMC (Minecraft.net skins): https://namemc.com/profile/whittle
[+] Newgrounds: https://whittle.newgrounds.com
[+] PCPartPicker: https://pcpartpicker.com/user/whittle
[+] Patreon: https://www.patreon.com/whittle
[+] Periscope: https://www.periscope.tv/whittle/
[+] Pinkbike: https://www.pinkbike.com/u/whittle/
[+] Pinterest: https://www.pinterest.com/whittle/
[+] Pokemon Showdown: https://pokemonshowdown.com/users/whittle
[+] Quora: https://www.quora.com/profile/whittle
[+] Raidforums: https://raidforums.com/User-whittle
[+] Reddit: https://www.reddit.com/user/whittle
[+] Roblox: https://www.roblox.com/user.aspx?username=whittle
[+] RubyGems: https://rubygems.org/profiles/whittle
[+] Scratch: https://scratch.mit.edu/users/whittle
[+] Scribd: https://www.scribd.com/whittle
[+] Slack: https://whittle.slack.com
[+] SlideShare: https://slideshare.net/whittle
[+] Smule: https://www.smule.com/whittle
[+] SoundCloud: https://soundcloud.com/whittle
[+] SourceForge: https://sourceforge.net/u/whittle
[+] Spotify: https://open.spotify.com/user/whittle
[+] Star Citizen: https://robertsspaceindustries.com/citizens/whittle
[+] Steam: https://steamcommunity.com/id/whittle
[+] SteamGroup: https://steamcommunity.com/groups/whittle
[+] Steamid: https://steamid.uk/profile/whittle
[+] Strava: https://www.strava.com/athletes/whittle
[+] Telegram: https://t.me/whittle
[+] Tellonym.me: https://tellonym.me/whittle
[+] TikTok: https://tiktok.com/@whittle
[+] TrackmaniaLadder: http://en.tm-ladder.com/whittle_rech.php
[+] TradingView: https://www.tradingview.com/u/whittle/
[+] Trakt: https://www.trakt.tv/users/whittle
[+] Trello: https://trello.com/whittle
[+] TripAdvisor: https://tripadvisor.com/members/whittle
[+] Twitch: https://www.twitch.tv/whittle
[+] Twitter: https://mobile.twitter.com/whittle
[+] Ultimate-Guitar: https://ultimate-guitar.com/u/whittle
[+] Unsplash: https://unsplash.com/@whittle
[+] VK: https://vk.com/whittle
[+] VSCO: https://vsco.co/whittle
[+] Venmo: https://venmo.com/whittle
[+] Vimeo: https://vimeo.com/whittle
[+] Wattpad: https://www.wattpad.com/user/whittle
[+] We Heart It: https://weheartit.com/whittle
[+] Wikidot: http://www.wikidot.com/user:info/whittle
[+] Windy: https://community.windy.com/user/whittle
[+] WordPress: https://whittle.wordpress.com/
[+] WordPressOrg: https://profiles.wordpress.org/whittle/
[+] Xbox Gamertag: https://xboxgamertag.com/search/whittle
[+] Zhihu: https://www.zhihu.com/people/whittle
[+] aminoapp: https://aminoapps.com/u/whittle
[+] authorSTREAM: http://www.authorstream.com/whittle/
[+] couchsurfing: https://www.couchsurfing.com/people/whittle
[+] drive2: https://www.drive2.ru/users/whittle
[+] fixya: https://www.fixya.com/users/whittle
[+] geocaching: https://www.geocaching.com/p/default.aspx?u=whittle
[+] hunting: https://www.hunting.ru/forum/members/?username=whittle
[+] last.fm: https://last.fm/user/whittle
[+] moikrug: https://moikrug.ru/whittle
[+] osu!: https://osu.ppy.sh/users/whittle

As you can see it found my Medium account. Now a word of caution here, just because you search for a username and there are results it doesn’t mean it is all the same person as demonstrated above. Almost surely all those “whittle” usernames are not all one person.

You could use this same process to track down your hacker and see where else the username is being used. Maybe if you are lucky they would have got sloppy and included a photo, personal information, or maybe connections which could verify their identify.

You are also able to provide a list of usernames to Sherlock to check one after the other. For example if you are looking for a user called “johndoe” you may want to do something like this…

kali@kali:~/sherlock$ python3 sherlock johndoe jdoe johnd

You may also like

Leave a Reply

[script_16]