Thursday, 30 August 2012

Backtrack SET Credential Harvester Attack (Phishing)

Backtrack Credential Harvester Attack (PHISHING)

For Video Tutorial - Click Here

Requirements for doing this Attack :
1. Backtrack
2. Social Engineering Toolkit(SET)
3. A Brain


 HOW TO :


1. Open your Backtrack OS and open SET

2. Select Social Engineering Attacks

3. Select Website Attack Vectors







4. Select Credential Harvester Attack Method





5. Select Site Cloner





6. Enter the URL of website you want to clone ( ex- www.facebook.com , www.gmail.com, etc )





7. Enter your IP address (192.168.x.x)

8. Hit Enter

9. Now anyone who go to your ip address will be redirected to your cloned site





10. Now the main thing is to convince the victim to click on link for that you must use you social engineering skills.

My Advice : - Use a URL Shortner ...adfly is best... sign up on this - Click Here



11. Now shorten your URL and send it to victim , then if victim clicks on your link he will be redirected to your Cloned Site and the username/password he enters will show in your BT screen.











12. Enjoy Hacking :D

NOTE - This only work if both attacker and victim are on same network(LAN)
             For using it on WAN you must know some concepts and logic of port forwarding
             See this video - Click Here 

THIS IS FOR EDUCATIONAL PURPOSE ONLY 

3 comments:

  1. Hi so after I enabled port forwarding on my router, do I just use my ip address from the browser? The public ip address in replace for the lAN ip address?

    ReplyDelete
  2. How can i use this tool for a target outside my network??
    Does it work on WAN?

    ReplyDelete
  3. how can i make credential harvester send the credentials captured to my email instead of a text file on my pc?? this way i can capture more credentials while being offline !!

    ReplyDelete