Social Engineering Toolkit (SET) is available in kali linux in the applications section and social engineering tools.
In this tutorial we are going to learn how to create a phishing page using social engineering toolkit for LAN attack.
In Kali Linux terminal, execute the below command to remove existing files from web root location.
launch Social Engineering Toolkit by executing below command
Based on our requirement, we can choose from seven different options on the SE toolkit menu. In this practical, we intend to create a phishing a page which looks similar to the Facebook login page.
Select option 1 Social-Engineering Attacks
Select option 2 Website Attack Vectors
Select option 3 Credential Harvester Attack Method to harvest login credentials with the help of phishing page.
Choose 2 Site Cloner to clone a live website.
Provide a local IP address (attacker private IP) for the postback.
Provide the address of website to be cloned (https://www.facebook.com/) press enter and wait until Credential Harvester is running on port 80 message.
To earn money with dropshipping and start your own business check out this post
Trick victim to visit phishing page running on attacker’s IP address (use URL shortening service to make IP address look like web link). If the victim submits login credentials on phishing page, then the attacker will be able to view those credentials.
On victim’s computer:
This attack can be performed only on LAN level.
Happy Hacking:)
In this tutorial we are going to learn how to create a phishing page using social engineering toolkit for LAN attack.
In Kali Linux terminal, execute the below command to remove existing files from web root location.
launch Social Engineering Toolkit by executing below command
Based on our requirement, we can choose from seven different options on the SE toolkit menu. In this practical, we intend to create a phishing a page which looks similar to the Facebook login page.
Select option 1 Social-Engineering Attacks
Select option 2 Website Attack Vectors
Select option 3 Credential Harvester Attack Method to harvest login credentials with the help of phishing page.
Choose 2 Site Cloner to clone a live website.
Provide a local IP address (attacker private IP) for the postback.
Provide the address of website to be cloned (https://www.facebook.com/) press enter and wait until Credential Harvester is running on port 80 message.
To earn money with dropshipping and start your own business check out this post
Trick victim to visit phishing page running on attacker’s IP address (use URL shortening service to make IP address look like web link). If the victim submits login credentials on phishing page, then the attacker will be able to view those credentials.
On victim’s computer:
On attacker’s computer:
This attack can be performed only on LAN level.
Happy Hacking:)
No comments:
Post a Comment