Phishing
Information:
Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.
Tutorial how-to:
***NOTE: 1. Press 'Enter' after typing each Terminal command. 2. When typing commands, do not type the starting and ending apostrophes ('')*** This tutorial uses BackTrack.
1. Boot BackTrack (or any Linux distro)
2. Find your Internet IP address: type 'ifconfig' in Terminal. The numbers after 'inet' addr is your IP
3. Navigate to BackTrack > Exploitation Tools > Social Engineering Tools > Social Engineering Toolkit > set, and select: Social-Engineering Attacks or just type 'cd /pentest/exploits/set', and then '/.set' in the Terminal
4. Select choice 2: Website Attack Vectors
5. Now select choice 4: Tabnabbing Attack Method
6. Now select choice 2: Site Cloner. Do this TWICE.
7. Enter the login page you want to clone (Ex: http://www.facebook.com)
8. Press Return (on the keyboard)
9. Now your IP wil be a phishing page. When a user logs in, their username and password will be displayed in the Terminal. Can also be used with URL shortener services.
Download: (For other Linux distros)
git clone https://github.com/trustedsec/social-engineer-toolkit/ set/
Requirements:
1. An Internet connection
2. A BackTrack Installation recommended
Rahul Developers
Comments
Post a Comment