20 Feb, 2023

Password Recovery Attacks

Vulnerability Assessment as a Service (VAaaS)

Tests systems and applications for vulnerabilities to address weaknesses.

Password Recovery Attacks refer to a category of cybersecurity attacks where an attacker attempts to gain unauthorized access to a system or account by exploiting vulnerabilities in password recovery processes. Password recovery processes are typically designed to help users recover access to their accounts in case they forget their passwords. However, these processes can also be used by attackers to gain access to accounts they do not own by exploiting weaknesses in the verification process.

Example of vulnerable code on different programming languages:


in Python:

				
					def reset_password(email, new_password):
    user = find_user_by_email(email)
    if user:
        user.password = hash_password(new_password)
        user.save()
        send_password_reset_email(user.email)
				
			


In this example, an attacker could exploit the vulnerability in the find_user_by_email() function and gain access to a user’s account by requesting a password reset for a victim’s email address. The attacker could then reset the victim’s password and gain access to their account.

• in Java:

				
					public void resetPassword(String email, String newPassword) {
    User user = findUserByEmail(email);
    if (user != null) {
        user.setPassword(encryptPassword(newPassword));
        user.save();
        sendPasswordResetEmail(user.getEmail());
    }
}

				
			


Similarly, in this Java code, an attacker could exploit a vulnerability in the findUserByEmail() function and gain access to a user’s account by requesting a password reset for a victim’s email address. The attacker could then reset the victim’s password and gain access to their account.

• in PHP:

				
					function reset_password($email, $new_password) {
    $user = find_user_by_email($email);
    if ($user) {
        $user['password'] = hash_password($new_password);
        save_user($user);
        send_password_reset_email($user['email']);
    }
}

				
			


In this PHP example, an attacker could exploit a vulnerability in the find_user_by_email() function and gain access to a user’s account by requesting a password reset for a victim’s email address. The attacker could then reset the victim’s password and gain access to their account.

Examples of exploitation Password Recovery Attacks

Social engineering attacks:

An attacker could call a victim pretending to be a customer support representative from a service provider and request personal information, such as the victim’s email address, date of birth, or social security number. The attacker could then use this information to reset the victim’s password and gain access to their account.

Phishing attacks:

An attacker could create a fake login page for a popular service and send a phishing email to the victim, asking them to reset their password due to a security breach. The email would contain a link to the fake login page, where the victim would unknowingly enter their login credentials. The attacker could then use these credentials to access the victim’s account.

Email or SMS interception:

An attacker could intercept the email or SMS message containing the password reset link and reset the victim’s password before the victim has a chance to do so. This could be accomplished by accessing the victim’s email or phone, using a man-in-the-middle attack, or by exploiting a vulnerability in the email or SMS system.

Password guessing:

An attacker could use automated software to try multiple combinations of common passwords until they find the correct one. They could also try to guess the answer to security questions, which are often used as a backup method for password recovery.

Privilege escalation techniques for Password Recovery Attacks

Social engineering:

An attacker could use social engineering techniques to trick a victim into disclosing their security questions or other personal information that could be used to reset their password. Once the attacker has this information, they could use it to gain access to the victim’s account and potentially escalate their privileges by changing settings or gaining access to other accounts linked to the victim’s account.

Session hijacking:

An attacker could hijack a user’s active session on a website or application and use it to reset the user’s password. If the user has a higher level of privileges on the website or application, the attacker could potentially gain those privileges as well.

SQL injection:

If a website or application is vulnerable to SQL injection, an attacker could use this technique to bypass authentication and gain access to the system or account without the need for a valid password. Once they have gained access, they could potentially escalate their privileges by changing user settings or gaining access to sensitive information.

Exploiting vulnerabilities in password reset mechanisms:

Attackers could exploit vulnerabilities in password reset mechanisms to gain access to accounts they do not own. For example, they could intercept password reset emails or SMS messages, or they could exploit weaknesses in the security questions used for password reset.

Exploiting vulnerabilities in web applications:

Attackers could exploit vulnerabilities in web applications to gain access to user accounts. For example, they could use a cross-site scripting (XSS) attack to inject malicious code into a website and steal user credentials or they could exploit a file upload vulnerability to upload a backdoor shell that could be used to gain access to the server.

General methodology and checklist for Password Recovery Attacks

Methodology:

  1. Reconnaissance: Gather information about the target system, including the types of accounts and services available, the password reset process for each account, and the security mechanisms in place.

  2. Identify attack vectors: Determine the potential attack vectors for password recovery attacks, such as social engineering, phishing, email interception, and password guessing. Consider both technical and non-technical attacks.

  3. Test password reset process: Test the password reset process for each account to identify any weaknesses or vulnerabilities. This could include testing the security questions used for password recovery, testing the password reset links, and testing the password strength requirements.

  4. Test for email and SMS interception: Test for the interception of emails or SMS messages containing password reset links or temporary passwords.

  5. Test for phishing attacks: Test for phishing attacks by sending spoofed emails or SMS messages with links to fake login pages that mimic the target system.

  6. Test for brute force attacks: Test for password guessing attacks using automated software and common password lists.

  7. Test for vulnerabilities in web applications: Test for vulnerabilities in web applications that could be exploited to gain access to user accounts, such as SQL injection, cross-site scripting (XSS), and file upload vulnerabilities.

  8. Test for social engineering attacks: Test for social engineering attacks by attempting to obtain personal information about the target system’s users, such as security questions or other information that could be used to reset passwords.

  9. Analyze results: Analyze the results of the tests to identify weaknesses and vulnerabilities in the password recovery process, and provide recommendations for improving security measures.

Checklist:

  1. Identify the types of accounts and services available, as well as the password reset process for each account.

  2. Determine the security mechanisms in place, such as password strength requirements, multi-factor authentication, and security questions.

  3. Test the password reset process for each account to identify weaknesses or vulnerabilities, such as:

    • Testing the password reset links to ensure they are secure and cannot be easily guessed or manipulated.

    • Testing the security questions to ensure they are not easily guessed or bypassed, and are not readily available on social media or other sources.

    • Testing the temporary password generation process to ensure it is secure and cannot be easily guessed or intercepted.

  4. Test for email and SMS interception by:

    • Sending spoofed emails or SMS messages containing password reset links or temporary passwords to test for interception.

    • Checking for email forwarding or other configuration settings that could allow an attacker to intercept emails or SMS messages.

  5. Test for phishing attacks by:

    • Sending spoofed emails or SMS messages with links to fake login pages that mimic the target system.

    • Checking for indicators of phishing, such as misspellings, unusual requests, or non-standard URLs.

  6. Test for brute force attacks by:

    • Using automated software and common password lists to test for weak passwords.

    • Checking for indicators of brute force attacks, such as repeated login attempts from the same IP address or unusual login patterns.

  7. Test for vulnerabilities in web applications by:

    • Testing for common vulnerabilities such as SQL injection, cross-site scripting (XSS), and file upload vulnerabilities.

    • Checking for indicators of web application vulnerabilities, such as error messages, unusual input fields, or unexpected behavior.

  8. Test for social engineering attacks by:

    • Attempting to obtain personal information about the target system’s users, such as security questions or other information that could be used to reset passwords.

    • Checking for indicators of social engineering, such as unusual requests for personal information or unusual login patterns.

  9. Analyze the results of the tests to identify weaknesses and vulnerabilities in the password recovery process and provide recommendations for improving security measures.

Tools set for exploiting Password Recovery Attacks

Manual Tools:

  1. Social Engineering Toolkit: SET is a tool designed to help penetration testers and security professionals test social engineering attacks. It includes a range of attack vectors, including credential harvesting and phishing attacks.

  2. Burp Suite: is a web application security testing tool that includes a range of features for identifying and exploiting vulnerabilities, including password recovery attacks.

  3. Hydra: is a password cracking tool that can perform brute-force attacks against login pages, password-protected directories, and other resources.

  4. John the Ripper:  is a password cracking tool that can perform brute-force attacks against password hashes.

  5. Medusa: is a password cracking tool that can perform brute-force attacks against login pages, password-protected directories, and other resources.

  6. Password Cracking Toolkit: PCT is a collection of password cracking tools that includes John the Ripper, THC-Hydra, and others.

  7. RainbowCrack: is a password cracking tool that can crack password hashes using precomputed rainbow tables.

  8. Cain and Abel: is a password cracking tool that can perform a range of password recovery attacks, including brute-force attacks, dictionary attacks, and sniffing attacks.

  9. L0phtCrack: is a password cracking tool that can perform brute-force attacks, dictionary attacks, and other attacks against Windows passwords.

  10. Maltego: is a data mining tool that can be used for information gathering and reconnaissance during password recovery attacks.

Automated Tools:

  1. Aircrack-ng: is a suite of tools for auditing wireless networks, including password recovery attacks against WPA and WPA2 encryption.

  2. Brutus: is a password cracking tool that can perform brute-force attacks against login pages and password-protected resources.

  3. THC-Hydra:  is a password cracking tool that can perform brute-force attacks against login pages, password-protected directories, and other resources.

  4. Metasploit Framework: is a penetration testing tool that includes a range of modules for identifying and exploiting vulnerabilities, including password recovery attacks.

  5. Ncrack: is a password cracking tool that can perform brute-force attacks against a range of network services, including SSH, RDP, and FTP.

  6. SQLMap:  is a tool for detecting and exploiting SQL injection vulnerabilities, which can be used to perform password recovery attacks.

  7. THC-Hydra-gtk:  is a graphical user interface for THC-Hydra that simplifies the password cracking process.

  8. Wfuzz:  is a web application brute-forcer that can be used to perform password recovery attacks against login pages and password-protected resources.

  9. Medusa-gui:  is a graphical user interface for Medusa that simplifies the password cracking process.

  10. John the Ripper Pro:  is a commercial version of John the Ripper that includes additional features and support.

Browser plugins:

  1. Tamper Data:  is a Firefox plugin that can be used to intercept and modify HTTP/HTTPS requests and responses, which can be used to perform password recovery attacks.

  2. Cookie Editor:  is a Firefox plugin that can be used to modify cookies, which can be used to perform password recovery attacks.

  3. HackBar: HackBar is a Firefox plugin that can be used to test and modify SQL injection and XSS vulnerabilities, which can be used for password recovery attacks.

  4. SQL Inject Me:  is a Firefox plugin that can be used to test for SQL injection vulnerabilities, which can be used for password recovery attacks.

Average CVSS score of stack Password Recovery Attacks

It is difficult to provide an average CVSS score for a stack of Password Recovery Attacks as the score can vary depending on the specific vulnerabilities and their impact. The CVSS score is a numerical rating that ranges from 0 to 10, with 10 being the most severe. The score is based on several factors, including the attack vector, the attack complexity, the authentication requirements, the impact on confidentiality, integrity, and availability, and the exploitability of the vulnerability.

Password Recovery Attacks can have a range of CVSS scores depending on the specific vulnerabilities and their impact. For example, a Password Recovery Attack that allows an attacker to brute-force user passwords may have a CVSS score of 7.8 (High) if it does not require any special privileges and the attacker can gain unauthorized access to sensitive information or systems. On the other hand, a Password Recovery Attack that allows an attacker to bypass authentication and gain administrative privileges may have a CVSS score of 9.8 (Critical) if it can be easily exploited and has a high impact on confidentiality, integrity, and availability.

In general, Password Recovery Attacks can have a high CVSS score, as they often involve bypassing authentication or accessing sensitive information. However, the specific score can vary widely depending on the nature and severity of the vulnerabilities involved.

The Common Weakness Enumeration (CWE)

• CWE-307: Improper Restriction of Excessive Authentication Attempts: This CWE refers to situations where an attacker can attempt to guess a user’s password multiple times without any rate-limiting or other restrictions.

• CWE-308: Use of Single-factor Authentication: This CWE refers to situations where a system uses only one factor of authentication, such as a password, without any additional checks, such as multi-factor authentication.

• CWE-311: Missing Encryption of Sensitive Data: This CWE refers to situations where sensitive information, such as passwords, are not properly encrypted, making it easier for an attacker to steal and use them.

• CWE-522: Insufficiently Protected Credentials: This CWE refers to situations where credentials, such as passwords, are not properly protected, such as being stored in plain text or weakly encrypted.

• CWE-524: Use of Password Hash with Insufficient Computational Effort: This CWE refers to situations where password hashes are not properly protected, making them easier for an attacker to crack.

• CWE-602: Client-Side Enforcement of Server-Side Security: This CWE refers to situations where client-side scripts or other client-side mechanisms are used to enforce server-side security measures, such as password strength requirements.

• CWE-613: Insufficient Session Expiration: This CWE refers to situations where session tokens or other authentication credentials remain valid for too long, making them more susceptible to theft and reuse.

• CWE-640: Weak Password Recovery Mechanism for Forgotten Password: This CWE refers to situations where the password recovery mechanism for forgotten passwords is weak, such as using easily guessable security questions or sending password reset links to unverified email addresses.

• CWE-656: Reliance on Security Through Obscurity: This CWE refers to situations where security relies on hiding information or mechanisms, such as using obscure URLs for password reset pages.

• CWE-917: Improper Neutralization of Special Elements used in an SQL Command: This CWE refers to situations where SQL injection vulnerabilities can be exploited to gain access to passwords and other sensitive information.

CVES related to Password Recovery Attacks

• CVE-2021-1589 – A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain unauthorized access to user credentials. This vulnerability exists because access to API endpoints is not properly restricted. An attacker could exploit this vulnerability by sending a request to an API endpoint. A successful exploit could allow the attacker to gain unauthorized access to administrative credentials that could be used in further attacks.

• CVE-2019-9494 – The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.

• CVE-2019-13377 – The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery.

• CVE-2016-9127 – Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The password recovery form in Revive Adserver is vulnerable to CSRF attacks. This vulnerability could be exploited to send a large number of password recovery emails to the registered users, especially in conjunction with a bug that caused recovery emails to be sent to all the users at once. Both issues have been fixed.

Password Recovery Attacks exploits

  • Password Spraying: An attack where an attacker tries a small set of commonly used passwords against many different user accounts. This attack is often successful because many users use weak and easily guessable passwords.

  • Brute-Force Attacks: An attack where an attacker tries every possible combination of characters until the correct password is discovered. This type of attack is time-consuming but can be successful if the password is weak.

  • Dictionary Attacks: An attack where an attacker uses a pre-computed list of commonly used passwords to try to guess the correct password. This attack can be successful if the password is a common word or phrase.

  • Credential Stuffing: An attack where an attacker uses a list of compromised username and password pairs to gain access to other user accounts. This attack is successful when users reuse the same password across multiple accounts.

  • Password Reuse: An attack where an attacker uses a password that was previously compromised in a data breach to gain access to other user accounts. This attack is successful when users reuse the same password across multiple accounts.

  • Password Guessing: An attack where an attacker guesses a user’s password based on information about the user, such as their name, date of birth, or other personal information.

  • Social Engineering: An attack where an attacker tricks a user into revealing their password, often by posing as a legitimate person or company.

  • Man-in-the-Middle (MitM) Attacks: An attack where an attacker intercepts the communication between a user and a server and steals the user’s password.

  • Session Hijacking: An attack where an attacker takes over a user’s active session, allowing them to access the user’s account without knowing the password.

  • Keylogging: An attack where an attacker installs software on a user’s device to record their keystrokes, allowing the attacker to steal the user’s password as they enter it.

Practicing in test for Password Recovery Attacks

Use a Vulnerable Test Environment: Use a vulnerable test environment, such as Metasploitable or OWASP’s WebGoat, to practice testing for Password Recovery Attacks. These environments are intentionally designed to be vulnerable to various types of attacks, including Password Recovery Attacks.

Use Penetration Testing Tools: Use various penetration testing tools, such as Nmap, Metasploit, and Burp Suite, to scan and test for vulnerabilities in the target system.

Create Test User Accounts: Create test user accounts with weak passwords, and use them to test for Password Recovery Attacks. You can also create test user accounts with strong passwords to test the effectiveness of password policies and multi-factor authentication.

Use Common Passwords and Wordlists: Use common passwords and wordlists to test for weak passwords and vulnerabilities in the password recovery mechanism.

Test for Multi-Factor Authentication: Test the effectiveness of multi-factor authentication by attempting to bypass it using various techniques, such as social engineering or brute-forcing the second factor.

Test for Session Management: Test the session management mechanism by attempting to hijack an active session, and use the hijacked session to gain access to the user’s account.

Use Different Browsers: Test the password recovery mechanism using different web browsers to see if there are any browser-specific vulnerabilities that can be exploited.

Test for Error Handling: Test for error handling by purposely entering incorrect information during the password recovery process, and see if the system leaks any sensitive information or error messages.

Test for Rate Limiting: Test the rate limiting mechanism by attempting to guess the password multiple times and see if the system enforces any rate-limiting rules.

Document Findings: Document all findings and report them to the relevant stakeholders, such as the development team or management, and provide recommendations for improving the security of the system.

For study Password Recovery Attacks

  1. Start by understanding the concepts behind Password Recovery Attacks, such as the different types of attacks, attack vectors, and mitigation techniques. You can refer to online resources, such as articles, videos, and tutorials, to gain an understanding of the topic.

  2. Get familiar with the various tools and techniques used in Password Recovery Attacks, such as penetration testing tools, password cracking tools, and social engineering techniques. Practice using these tools in a safe and controlled environment.

  3. Study real-world examples of Password Recovery Attacks to understand how attackers exploit vulnerabilities and gain access to sensitive information. You can refer to news articles, case studies, and reports to gain insights into real-world attacks.

  4. Attend webinars, workshops, and conferences to learn from security experts and gain insights into the latest trends and techniques in Password Recovery Attacks.

  5. Practice ethical hacking by performing penetration testing and vulnerability assessments on your own systems or on systems that you have permission to test. This will help you understand how attackers think and operate.

  6. Stay updated with the latest developments in Password Recovery Attacks, such as new vulnerabilities, exploits, and mitigation techniques. Subscribe to security newsletters, follow security experts on social media, and participate in online security communities to stay informed.

  7. Obtain relevant certifications, such as the Certified Ethical Hacker (CEH) or the Offensive Security Certified Professional (OSCP), to validate your skills and knowledge in Password Recovery Attacks.

Books with review of Password Recovery Attacks

“The Basics of Hacking and Penetration Testing” by Patrick Engebretson – This book provides an introduction to hacking and penetration testing, including Password Recovery Attacks.

“Penetration Testing: A Hands-On Introduction to Hacking” by Georgia Weidman – This book covers the fundamentals of penetration testing and includes a chapter on Password Recovery Attacks.

“Metasploit: The Penetration Tester’s Guide” by David Kennedy, Jim O’Gorman, Devon Kearns, and Mati Aharoni – This book covers the Metasploit framework, which includes several Password Recovery Attack tools.

“Gray Hat Hacking: The Ethical Hacker’s Handbook” by Allen Harper, Daniel Regalado, Ryan Linn, and Shon Harris – This book covers various hacking techniques, including Password Recovery Attacks, from an ethical hacker’s perspective.

“The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws” by Dafydd Stuttard and Marcus Pinto – This book covers web application security, including Password Recovery Attacks, from an attacker’s perspective.

“Black Hat Python: Python Programming for Hackers and Pentesters” by Justin Seitz – This book covers Python programming for hackers and pentesters, including Password Recovery Attacks.

“The Hacker Playbook 3: Practical Guide to Penetration Testing” by Peter Kim – This book covers the methodology and tools used in penetration testing, including Password Recovery Attacks.

“Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers” by TJ O’Connor – This book covers Python programming for hackers, forensic analysts, penetration testers, and security engineers, including Password Recovery Attacks.

“Professional Penetration Testing: Creating and Operating a Formal Hacking Lab” by Thomas Wilhelm – This book covers the process of setting up a hacking lab for penetration testing, including Password Recovery Attacks.

“Red Team Development and Operations: A Practical Guide” by Joseph Muniz and Aamir Lakhani – This book covers red teaming, which includes penetration testing and Password Recovery Attacks, from a practical perspective.

List of payloads Password Recovery Attacks

  • Brute force attack payloads: This involves generating a large number of possible passwords and trying each one until the correct one is found. Examples of payloads for a brute force attack include using a dictionary of common passwords, or generating a list of possible passwords based on known personal information (e.g. birthdates, names of family members, etc.).

  • Wordlist payloads: Wordlist payloads consist of a pre-compiled list of words or phrases that are commonly used as passwords. Attackers will use these lists to attempt to guess the password.

  • Rainbow table payloads: Rainbow tables are precomputed tables of password hashes. These can be used to quickly crack passwords by looking up the hash value in the table and finding the corresponding plaintext password.

  • Social engineering payloads: These involve tricking the user into revealing their password through deception or persuasion. Social engineering payloads can include phishing emails, fake login pages, or other similar tactics.

  • Password spraying payloads: This type of attack involves trying a small number of common passwords against a large number of user accounts. Password spraying payloads are often used against web applications or other online services.

  • Dictionary attack payloads: This involves trying a series of words or phrases from a dictionary file as possible passwords. These attacks are often more effective than brute force attacks, as users often choose common words or phrases as passwords.

  • Hybrid attack payloads: This type of attack combines multiple types of payloads, such as a dictionary attack followed by a brute force attack. This can be an effective way to crack passwords that are more complex.

  • Keylogger payloads: A keylogger payload records all keystrokes entered by the user, including passwords. This type of payload can be used to capture passwords entered on a keyboard, even if they are not stored on the system.

How to be protected from Password Recovery Attacks

  1. Use strong and unique passwords: Use long passwords that contain a mix of upper and lower case letters, numbers, and special characters. Do not use the same password for multiple accounts.

  2. Enable two-factor authentication: 2FA adds an extra layer of security to your accounts by requiring a second form of authentication, such as a text message or an authentication app, in addition to a password.

  3. Use a password manager: A password manager can generate and store strong, unique passwords for all of your accounts.

  4. Keep your software up-to-date: Make sure that you regularly update your operating system and software to ensure that you have the latest security patches.

  5. Be cautious of phishing emails: Do not click on links or download attachments from emails that look suspicious or are from unknown senders.

  6. Use secure connections: When logging into an account, make sure that you are using a secure connection (e.g. HTTPS) to protect your login credentials.

  7. Be careful on public networks: Avoid logging into sensitive accounts on public Wi-Fi networks, as these networks may not be secure and can leave your login credentials vulnerable to attack.

Mitigations for Password Recovery Attacks

  1. Enforce strong password policies: Organizations can implement policies that require users to create strong and unique passwords that meet certain complexity requirements. This can help to make it more difficult for attackers to guess or crack passwords.

  2. Implement two-factor authentication: 2FA can add an extra layer of security to accounts by requiring users to provide a second form of authentication, such as a text message or an authentication app, in addition to a password.

  3. Limit login attempts: Organizations can implement login throttling to limit the number of login attempts that can be made within a certain timeframe. This can help to prevent brute force attacks by making it more difficult for attackers to try a large number of passwords.

  4. Monitor for suspicious activity: Organizations can implement monitoring systems to detect and alert on suspicious login activity, such as repeated failed login attempts or login attempts from unusual locations.

  5. Use encryption: Passwords should always be stored using strong encryption to prevent attackers from being able to easily read or access them.

  6. Train employees on password security: Organizations should provide training to employees on best practices for password security, including the importance of using strong passwords, avoiding password reuse, and enabling 2FA.

Conclusion

Password Recovery Attacks are a common and serious threat to the security of online accounts and systems. These attacks use a variety of techniques, including brute force attacks, phishing attacks, and password guessing attacks, to try to gain access to accounts and sensitive data.

To protect against Password Recovery Attacks, it is important to use strong and unique passwords, enable two-factor authentication, and be cautious of suspicious emails and public networks. Additionally, organizations can implement mitigations such as strong password policies, login throttling, and monitoring systems to help prevent these attacks.

While Password Recovery Attacks can be difficult to defend against, by following best practices and implementing proper security measures, individuals and organizations can reduce the risk of these attacks and protect their sensitive information and systems from unauthorized access.

Other Services

Ready to secure?

Let's get in touch